Tenable

MARCH 1, 2024

Check out what’s new in NIST’s makeover of its Cybersecurity Framework. Also, how to assess the cybersecurity capabilities of a generative AI LLM. And the most prevalent malware in Q4. 1 - NIST’s Cybersecurity Framework 2.0 1 - NIST’s Cybersecurity Framework 2.0 The Cybersecurity Framework at 10.and

Artificial Inteligence 73

Artificial Inteligence Malware Generative AI Government 73

Palo Alto Networks

MARCH 12, 2024

Applied AI in cybersecurity has many unique challenges, and we will take a look into a few of them that we are considering the most important. One — Lack of Labeled Data Unlike many other fields, data and labels are scarce in the cybersecurity space and usually require highly skilled labor to generate. This is unique to cybersecurity.

Systems Review 107

Systems Review Training Study Malware 107

CIO

OCTOBER 20, 2022

In fact, CIO has reported that it takes only a few minutes for experienced hackers to set up a social engineering attack against enterprises (and their managed service providers) that consider themselves to be secure and protected. What methods are cybersecurity experts using to minimize the impact of these attacks? Let’s dig deeper.

Security 352

Security VOIP Malware Banking 352

Palo Alto Networks

FEBRUARY 1, 2024

{{interview_audio_title}} 00:00 00:00 Volume Slider 10s 10s 10s 10s Seek Slider “AI’s Impact in Cybersecurity” is a blog series based on interviews with a variety of experts at Palo Alto Networks and Unit 42, with roles in AI research, product management, consulting, engineering and more.

Generative AI 105

Generative AI Artificial Intelligence Artificial Inteligence Social 105

TechCrunch

DECEMBER 1, 2023

Apple has released security updates for iPhones, iPads and Macs to patch against two vulnerabilities, which the company says are being actively exploited to hack people. following a vulnerability disclosure by security researchers at Google’s Threat Analysis Group, which investigates […] © 2023 TechCrunch.

Analysis 331

Analysis Research Groups Software 331

Prisma Clud

JUNE 22, 2023

Enterprises taking advantage of cloud-native architectures now have 53% of their cloud workloads hosted on public clouds, according to our recent State of Cloud-Native Security Report 2023. Using WildFire in 2021 to analyze malicious files, our threat research team discovered a 73% increase in Cobalt Strike malware samples compared to 2020.

Malware 76

Malware Linux Windows Operating System 76

CIO

AUGUST 2, 2023

When it comes to keeping our digital world secure, there’s a saying that really hits home: “ You can’t protect what you can’t see.” By bringing together information from different sources and analyzing it, we gain a powerful tool to identify and respond to potential threats. That’s where centralized visibility comes in.

Cloud 246

Cloud Compliance Systems Review Scalability 246

CTO Vision

JANUARY 9, 2022

Scalable automated malware analysis has become a critical component of enterprise defense. When properly implemented it can be key to mitigating malware threats that otherwise bypass perimeter defenses. It is based on an […].

Malware 75

Malware Scalability Analysis Enterprise 75

TechCrunch

NOVEMBER 29, 2022

Previously he was staff software engineer and lead for Google’s Open Source Security Team (GOSST). SolarWinds and Log4j have made software supply chain security issues a topic of intense interest and scrutiny for businesses and governments alike. The malware allowed the attackers to monitor and control the chat software remotely.

Software 225

Software Open Source PHP Malware 225

Tenable

DECEMBER 22, 2023

As we bid adieu to 2023, we highlight major trends that impacted cybersecurity professionals in the past 12 months. Learn how the cyber world changed in areas including artificial intelligence, CNAPP, IAM security, government oversight and OT security. Cybersecurity teams were no exception.

Artificial Inteligence 75

Artificial Inteligence Technical Review Cloud Artificial Intelligence 75

Aqua Security

JANUARY 4, 2023

The individual responsible for this attack claimed to be a security researcher whose research had gone awry. Recently, a dependency of the widely used PyTorch-nightly Python package was targeted in a dependency confusion attack, resulting in thousands of individuals downloading a malicious binary that exfiltrated data through DNS.

Malware 130

Malware Analysis Research Data 130

OTS Solutions

JUNE 21, 2023

However, as more organizations rely on these applications, the need for enterprise application security and compliance measures is becoming increasingly important. Breaches in security or compliance can result in legal liabilities, reputation damage, and financial losses.

Compliance 246

Compliance Enterprise Applications Software Review 246

Tenable

MARCH 3, 2023

FBI and CISA Release Cybersecurity Advisory on Royal Ransomware Group The FBI and CISA have released a joint Cybersecurity Advisory discussing the Royal ransomware group. Analysis When the threat actor behind Royal emerged in January 2022, it was using the ALPHV/BlackCat ransomware.

Groups 96

Groups Systems Review Technical Review Software Review 96

Tenable

AUGUST 4, 2022

Analyzing the Vulnerabilities Associated with the Top Malware Strains of 2021. International cybersecurity agencies issue a joint alert outlining the top malware strains of 2021. While malware is used for a variety of purposes, the government agencies point out that ransomware is a primary use case. Background.

Malware 74

Malware Windows SMB Groups 74

Tenable

JANUARY 19, 2024

In addition, the latest on the Androxgh0st malware. Cybersecurity and Infrastructure Security (CISA) agency and the Federal Bureau of Investigation (FBI) said this week. To mitigate this risk, the agencies recommendations include: Using drones built with secure-by-design principles, such as those manufactured in the U.S.

Infrastructure 72

Infrastructure Malware Government Technical Review 72

Tenable

MAY 18, 2023

and Australian Agencies Publish Joint Cybersecurity Advisory on BianLian Ransomware Group The FBI, ACSC and CISA have released a joint cybersecurity advisory discussing the BianLian ransomware group. The group claims to have stolen ~4,200 student records containing phone numbers, email addresses, and social security numbers.

Groups 98

Groups Systems Review Malware Technical Review 98

Palo Alto Networks

MAY 7, 2024

As a result, it is crucial for organizations to respond in kind by harnessing AI in their cybersecurity defense strategies. Precision AI by Palo Alto Networks is our proprietary AI system that helps security teams trust AI outcomes by using rich data and security-specific models to automate detection, prevention and remediation.

Artificial Inteligence 52

Artificial Inteligence Weak Development Team Malware Off-The-Shelf 52

Tenable

JANUARY 6, 2023

Learn all about the cybersecurity expertise that employers value most; Google Cybersecurity Action Team’s latest take on cloud security trends; a Deloitte report on cybersecurity’s growing business influence; a growth forecast for cyber spending; and more! Happy New Year! 1, 2022 and plucked the following nuggets.

Trends 98

Trends Cloud Weak Development Team Survey 98

Aqua Security

AUGUST 17, 2020

Now, Tracee is much more than just a system call tracer , it’s a powerful tool that can be used to perform forensic investigations and dynamic analysis of binaries – both are incredibly useful when looking for hidden malware. Tracee can provide user s with timely insights that previously required special knowledge and tools.?.

Malware 134

Malware Open Source Analysis Tools 134

TechCrunch

MAY 11, 2022

Securing the software supply chain is admittedly somewhat of a dry topic, but knowing which components and code go into your everyday devices and appliances is a critical part of the software development process that billions of people rely on every day. Why are cybersecurity asset management startups so hot right now?

Open Source 249

Open Source Weak Development Team Malware Software Development 249

AlienVault

JULY 9, 2019

So, what is malware analysis and why should I care? With the commercialization of cybercrime, malware variations continue to increase at an alarming rate, and this is putting many a defender on their back foot. This has made the cost of maintaining a malware analysis program generally out of reach for the average organization.

Malware 40

Malware Analysis Tools Big Data 40

AlienVault

JULY 9, 2019

So, what is malware analysis and why should I care? With the commercialization of cybercrime, malware variations continue to increase at an alarming rate, and this is putting many a defender on their back foot. This has made the cost of maintaining a malware analysis program generally out of reach for the average organization.

Malware 40

Malware Analysis Tools Big Data 40

Infinidat

AUGUST 24, 2023

The Security of Enterprise Storage – A Call to Action for CISOs Adriana Andronescu Thu, 08/24/2023 - 04:51 Cyber criminals can infiltrate an enterprise infrastructure and stay there, undetected, for months at a time. In the June 2023 Fortune 500 CEO survey , CEOs ranked cybersecurity as the second biggest threat to their corporations.

Security 52

Security Storage Enterprise Malware 52

TechCrunch

APRIL 20, 2023

Following the Colonial Pipeline incident in 2021, Jon Miller and Ryan Smith wondered why, with the widespread adoption of security tools, ransomware was still growing exponentially. Seventy-eight percent of companies responding to a recent survey said that they plan to increase their investments in cybersecurity in the next 12 months.

Off-The-Shelf 221

Off-The-Shelf Survey Banking Malware 221

Aqua Security

AUGUST 25, 2020

This blog was co-authored with Assaf Morag , Lead Security Analyst at Aqua Security. Ever notice how news about hidden malware almost always focuses on remediation AFTER the fact? Even now, there’s yet another news story about a rash of attacks by a group called TeamTNT.

Analysis 130

Analysis Malware Fashion AWS 130

Tenable

AUGUST 30, 2023

Analysis CVE-2023-2868 is a remote command injection vulnerability in Barracuda ESG appliances due to improper handling of emails with attachments. In these attacks, UNC4841 leveraged multiple backdoor malware families, dubbed SALTWATER , SEASPY , SEASIDE , SUBMARINE (DEPTHCHARGE), and WHIRLPOOL.

Malware 115

Malware Software Review Systems Review Exercises 115

Tenable

OCTOBER 27, 2023

Check out how organizations’ enthusiasm over generative AI is fueling artificial intelligence adoption for cybersecurity. Also, why boards of directors feel more comfortable with cybersecurity. business and IT pros involved in cybersecurity. business and IT pros involved in cybersecurity. And much more!

Artificial Inteligence 64

Artificial Inteligence Artificial Intelligence Technical Review Backup 64

Trigent

SEPTEMBER 13, 2023

Yet, this formidable technology also brings forth risks requiring attention, particularly in cybersecurity and Intellectual Property (IP) rights. One is a glaring lack of basic cybersecurity measures, and two, given the low-risk and high-reward nature, cyber criminals target these businesses more often than large enterprises.

Generative AI 59

Generative AI Artificial Inteligence Authentication ChatGPT 59

Tenable

FEBRUARY 9, 2024

Medium FG-IR-23-397 Analysis CVE-2024-21762 is an out-of-bound write vulnerability in sslvpnd, the SSL VPN daemon in Fortinet FortiOS. Exploitation was corroborated through the analysis of the SSL VPN crash logs. CVE Description CVSSv3 Severity CVE-2024-21762 Fortinet FortiOS Out-of-bound Write Vulnerability in sslvpnd 9.6

Malware 121

Malware Authentication Infrastructure Analysis 121

Altexsoft

JUNE 2, 2020

These insights can help reduce response times and make companies compliant with security best practices. What Is Machine Learning and How Is it Used in Cybersecurity? Machine learning algorithms in cybersecurity can automatically detect and analyze security incidents. The Impact of AI on Cybersecurity.

Artificial Inteligence 93

Artificial Inteligence Examples Applications Machine Learning 93

Tenable

SEPTEMBER 2, 2022

Securing machine learning systems. Shifting security left – meaning, starting security checks earlier in the software development process – has been widely hailed. Most companies expect developers to do security code reviews, but many don’t provide them with security training. And much more! How much do CISOs earn?

Security 52

Security Software Review Artificial Inteligence Technical Review 52

CIO

SEPTEMBER 7, 2022

Enterprise storage can be used to improve your company’s cybersecurity, accelerate digital transformation, and reduce costs, while improving application and workload service levels. Make storage part of the corporate cybersecurity strategy. 1 concern in the next three years is cybersecurity. What should you do? Key takeaways.

Storage 246

Storage Organization Disaster Recovery Enterprise 246

OTS Solutions

JUNE 21, 2023

However, as more organizations rely on these applications, the need for enterprise application security and compliance measures is becoming increasingly important. Breaches in security or compliance can result in legal liabilities, reputation damage, and financial losses.

Compliance 130

Compliance Enterprise Applications Software Review 130

Tenable

SEPTEMBER 9, 2022

9 | Software supply chain security in the spotlight. Guidance for evaluating IoT security tools. Increasing diversity in cybersecurity. Another look at the major cloud security threats. government stresses software supply chain security. Defining and implementing security test plans. And much more!

Security 52

Security IoT Open Source Linux 52

Kaseya

MAY 2, 2022

What is a Security Operations Center (SOC)? A SOC is a centralized facility within an organization that houses an information security team responsible for continuously monitoring, detecting, analyzing and responding to any cybersecurity incidents on a 24/7/365 basis. And that’s why we have SOC. SIEM vs. SOC.

Security 111

Security Systems Review Network Malware 111

Tenable

NOVEMBER 18, 2022

Get the latest on an APT’s Log4Shell exploit; tips to prevent memory attacks; cloud security trends; metaverse security; and more! . The breach occurred in February and wasn’t discovered until mid-year when the Cybersecurity and Infrastructure Security Agency (CISA) investigated suspicious APT activity at the unnamed agency.

Cloud 52

Cloud Software Review Malware Report 52

Tenable

FEBRUARY 9, 2024

critical infrastructure IT and operational technology security teams, listen up. So said cybersecurity agencies from the U.S., Cybersecurity and Infrastructure Security Agency (CISA) said in a statement. Dive into six things that are top of mind for the week ending February 9.

Weak Development Team 66

Weak Development Team Infrastructure Generative AI Artificial Inteligence 66