Generative Artificial Intelligence is a transformative technology that has captured the interest of companies worldwide and is quickly being integrated into enterprise IT roadmaps. Despite the promise and pace of change, business and cybersecurity leaders indicate they are cautious around adoption due to security risks and concerns. A recent ISMG survey found that the leakage…
Read More
Generative AI’s impact cannot be understated, as more than 55% of organizations are already piloting or actively using the technology. For all its potential benefits, generative AI raises valid security concerns. Any system that touches proprietary data and personally identifiable information must be protected to mitigate risk while enabling business agility. CISOs tasked with bringing…
Read More
Recently-disrupted LockBit ransomware group, in what appears to be a desperate attempt to make a comeback, claimed this week that it had hit US Federal Reserve, the central bank of the United States. The tall claim was followed up with LockBit stating it had stolen 33 terabytes of sensitive banking information belonging to Americans and that negotiations were…
Read More
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published research looking into 172 key open-source projects and whether they are susceptible to memory flaws. The report, cosigned by CISA, the Federal Bureau of Investigation (FBI), as well as Australian (ASD, ACSC) and Canadian organizations (CCCS), is a follow-up to the ‘Case for Memory Safe Roadmaps‘…
Read More
Last time I launched a new podcast it was December 2016. As luck should have it, “Smashing Security” turned out to be quite a success – with something like 10 million downloads over the years and we just published our 378th episode. But a lot has changed since we launched “Smashing Security”. And that’s why…
Read More
The Fortra FileCatalyst Workflow is vulnerable to an SQL injection vulnerability that could allow remote unauthenticated attackers to create rogue admin users and manipulate data on the application database. FileCatalyst Workflow is a web-based file exchange and sharing platform supporting large file sizes. It’s used by organizations worldwide to accelerate data transfers and collaborate in…
Read More
“The malicious code dynamically generates payloads based on HTTP headers, activating only on specific mobile devices, evading detection, avoiding admin users and delaying execution,” according to c/side. Some of the doctored JavaScript files include a fake Google analytics link that redirects users to sports or pornography websites. As c/side warns, the content being served up…
Read More
‘HP’s transformation over the past eight years has been extraordinary to watch, and I look forward to working with a stellar team of professionals to advance the shared goal of creating long-term sustainable growth,’ says Karen Parkhill, who has been Medtronic’s CFO since 2016. HP Inc. has appointed Medtronic executive Karen Parkhill as its new…
Read More
Progress disclosed the authentication bypass vulnerability Tuesday and ‘very shortly after’ began seeing attempted exploits, according to Shadowserver researchers. Progress disclosed a critical new vulnerability in MOVEit Transfer Tuesday and “very shortly after” began seeing attempted exploits by hackers, according to researchers at Shadowserver. The disclosure comes just over a year after widespread attacks targeted…
Read More
‘I was impressed by Auvik’s ability to innovate while creating a product that is easy to implement, as well as their proven track record of delivering exceptional customer value and placing the customer first,’ says Mark Ralls, Auvik’s new president. Auvik Wednesday said it appointed a new president and a new chief sales officers to…
Read More