Navigating 2024 Cybersecurity Challenges with GenAI
|

Navigating 2024 Cybersecurity Challenges with GenAI

Summary The article discusses the evolving landscape of holistic application security within cloud strategies, highlighting the increasing evaluation of Generative AI (GenAI) tools. CISOs face challenges in protecting applications and identities, and GenAI emerges as a potential solution. The blog outlines key challenges, including budgetary constraints and deciphering network data, offering GenAI-driven solutions. Additionally, GenAI…

SEC Approves New Cyber Reporting Regulations for Public Companies
| |

SEC Approves New Cyber Reporting Regulations for Public Companies

“The Securities and Exchange Commission voted 3-2 to adopt new regulations that would require publicly traded companies to notify the government when their IT systems are hacked and periodically disclose details around their cybersecurity risk governance in public filings. The rules, first proposed in 2022, were adopted in a meeting Wednesday, and would compel businesses…

| |

Cryptojacking Soars as Cyberattacks Increase, Diversify

Digital threat actors are adopting evolving tactical behaviors, opting for different types of malicious attacks compared to previous years, according to SonicWall. Overall intrusion attempts were up, led by the highest year on record for global cryptojacking volume recorded by SonicWall, as threat actors shifted away from traditional ransomware attacks in favor of a stealthier…

|

Supply Chain Attack Hits NHS Ambulance Trusts

“A cyber-attack on an NHS supplier has left two ambulance trusts serving millions of people without access to electronic patient records, it has emerged. Swedish healthcare IT firm Ortivus said in a statement that an attack on July 18 left affected UK customers using its hosted datacenter. “The electronic patient records are currently unavailable and…

|

Apple Patches Another High Severity Zero-Day Flaw Exploited in the Wild

Apple has released an urgent update to address a critical zero-day vulnerability that is being exploited in the wild. The vulnerability is tracked as CVE-2021-30807 and affects iOS, iPadOS, and macOS devices. This vulnerability exists due to a memory corruption issue in the IOMobileFrameBuffer component, a kernel extension for managing the screen framebuffer. It allows…

|

New security threat at work: Bringyour- own-network

Even as IT pros wrestle with the bring-your-own-device (BYOD) trend, corporate security is being further complicated by another emerging trend: bring your own network (BYON). BYON is a byproduct of increasingly common technology that allows users to create their own mobile networks, usually through mobile wireless hotspots. Security professionals say BYON requires a new approach…

|

Firefox 16 re-released fixing multiple vulnerabilities

The latest version of Firefox, version 16, returned to Mozilla‘s servers with the release of Firefox 16.0.1 after the discovery of vulnerabilities caused the  organization to remove the just-released update for the Web browser from circulation. Mozilla described the problem as that of a malicious Web site being able to potentially determine the URLs and…

|

Apple closes more than 160 security holes in iTunes

The latest update to the Windows version of Apple’s iTunes media player closes an alarming number of security holes. According to the company, iTunes 10.7 for Windows addresses 163 vulnerabilities, all of which are in the WebKit browser engine used by the media player to display HTML-based pages in its iTunes Store. Apple noted these…

| | |

Anonymisation service uses botnet as proxies

Anonymization service AWM Proxy rents computers infected with the TDL4 bot for use as proxies, according to a report by a security expert. Starting at $3 per day, users can have their data traffic directed through the bot network to surf the Internet anonymously with other people’s IPs. The researcher said the provider has been…

|

Microsoft and Adobe preview September Patch Tuesday

Patch Tuesday. When it releases its monthly patches September 13, Microsoft will publish five bulletins categorized as “important” to close 15 holes. Most of the bulletins fix vulnerabilities in Microsoft Office, which attackers can use to inject malicious code and escalate rights. Arbitrary code can also be executed in the Mac edition of Office, and…