Category: AI in news
More than 80% of all breaches involve data stored in the cloud, and security teams that don’t use cloud workload protection (CWP) may never get ahead of attackers who want to access as much data as possible with the least effort. A single cloud breach is often the most straightforward way into these sensitive environments.…
Read More
AWS has added support for FIDO2 passkeys, a passwordless authentication method under the Fast Identity Online (FIDO) framework, for multifactor authentication — and will soon make MFA mandatory for signing in to AWS accounts. “Beginning in July 2024, root users of standalone accounts — those that aren’t managed with AWS Organizations — will be required to…
Read More
1Critical 48Important 0Moderate 0Low Microsoft addresses 49 CVEs in its June 2024 Patch Tuesday release with one rated as critical and no zero-day or publicly disclosed vulnerabilities. Our counts omitted two CVEs that were not issued by Microsoft, which include CVE-2023-50868 (issued by MITRE) and CVE-2024-29187 (issued by GitHub). Microsoft patched 49 CVEs in its…
Read More
Jun 11, 2024The Hacker NewsEndpoint Security / Incident Response Managed service providers (MSPs) are on the front lines of soaring demand for cybersecurity services as cyberattacks increase in volume and sophistication. Cynet has emerged as the security vendor of choice for MSPs to capitalize on existing relationships with SMB clients and profitably expand their client…
Read More
In a previous blog, we discussed how the “businessification” of cybercrime has coalesced around tried and true tools, techniques, and procedures, giving us a solid understanding of how these attacks happen. Security product vendors have made massive strides in developing capabilities to detect criminals carrying out their attacks; however, it’s not a perfect solution. If…
Read More
Attackers are easily sidestepping endpoint detection and response (EDR) and extended detection and response (XDR) defenses, often catching enterprises unaware, according to a new study of cybersecurity threats. The study of global cyberthreats, by EDR/XDR vendor Trellix, highlighted the danger posed by the emergence of “EDR killer tools” and their use to deliver ransomware or…
Read MoreLLMs Acting Deceptively New research: “Deception abilities emerged in large language models“: Abstract: Large language models (LLMs) are currently at the forefront of intertwining AI systems with human communication and everyday life. Thus, aligning them with human values is of great importance. However, given the steady increase in reasoning abilities, future LLMs are under suspicion…
Read More
Jun 11, 2024NewsroomCloud Computing / Artificial Intelligence Apple has announced the launch of a “groundbreaking cloud intelligence system” called Private Cloud Compute (PCC) that’s designed for processing artificial intelligence (AI) tasks in a privacy-preserving manner in the cloud. The tech giant described PCC as the “most advanced security architecture ever deployed for cloud AI compute…
Read More
Jun 11, 2024NewsroomMalware / Cyber Attack Cybersecurity researchers have uncovered an updated version of malware called ValleyRAT that’s being distributed as part of a new campaign. “In the latest version, ValleyRAT introduced new commands, such as capturing screenshots, process filtering, forced shutdown, and clearing Windows event logs,” Zscaler ThreatLabz researchers Muhammed Irfan V A and…
Read More
Jun 11, 2024NewsroomData Theft / Cloud Security As many as 165 customers of Snowflake are said to have had their information potentially exposed as part of an ongoing campaign designed to facilitate data theft and extortion, indicating the operation has broader implications than previously thought. Google-owned Mandiant, which is assisting the cloud data warehousing platform…
Read More