Security News > 2021 > December

Those are a proper understanding of what AI is capable of and how it should be used, and improvements to the security of AI. To understand how machine learning works and how to use it properly, it is important to bear in mind that although some ML models are very complex, the systems incorporating ML are still just a product of combining an understanding of a domain and its data. Model evasion attacks essentially exploit the fact that decision boundaries in the model are very complex and the capability of the model to interpolate between samples is limited, in a way leaving "Gaps" to be utilized for.

Let's examine some of the big challenges in OT security, and how zero trust can fix them. Zero trust is a security framework that assumes every user or device is a potential threat.

22% of employees are likely to expose their organization to the risk of cyber attack via a successful phishing attempt, a Phished report reveals. Analysis of the broad and diverse data set reveals how vulnerable the average employee is to phishing attacks and offers insight into key trends, including which topics lead to the most successful phishing attacks and which message formats are most likely to trick employees.

Pressure on developers to build and deploy software quicker than ever has precipitated the shift to DevSecOps - integrating Development, Security, and Operations to make Application Security an integral part of the software lifecycle. "The rise of automation and componentization in software development has driven a sharp increase in the speed and automation of software security as businesses look to AI and machine learning for flaw identification, threat modeling, and remediation," said Chris Wysopal, CTO at Veracode.

It was designed to evaluate web application security solutions, such as API security proxies, web application firewalls, IPS, API gateways, and others. "We created GoTestWAF to help the security community evaluate the level of API and application security controls they applied," Ivan Novikov, CEO at Wallarm, told Help Net Security.

Seventy-two percent of federal cybersecurity leaders say the White House's May 2021 Cybersecurity Executive Order addresses only a fraction of today's cybersecurity challenges, according to a study from MeriTalk. The study - which surveyed 150 federal cybersecurity leaders across Civilian and Department of Defense agencies - found that, while the EO brings cybersecurity issues to the forefront, federal cyber leaders need to shift gears to make real progress.

The research shows that companies that select enterprise-class registrars for domain management have a total score that is on average one-half to one whole letter grade higher than those using a consumer-grade domain registrar. In the analysis, this is the difference between having an overall score of a "C" versus a "B" or "A". In addition, CSC's domain security research showed that 57 percent of Global 2000 companies are relying on CGRs, validating the need to prioritize domain and DNS security with a trusted enterprise-class domain registrar.

A malicious Android app with more than 500,000 downloads from the Google Play app store has been found hosting malware that stealthily exfiltrates users' contact lists to an attacker-controlled server and signs up users to unwanted paid premium subscriptions without their knowledge. The latest Joker malware was found in a messaging-focused app named Color Message, which has since been removed from the official app marketplace.

The Apache Software Foundation has revealed a third bug in its Log4 Java-based open-source logging library Log4j. CVE-2021-45105 is a 7.5/10-rated infinite recursion bug that was present in Log4j2 versions 2.0-alpha1 through 2.16.0.

Cybersecurity researchers have discovered an entirely new attack vector that enables adversaries to exploit the Log4Shell vulnerability on servers locally by using a JavaScript WebSocket connection. "This newly-discovered attack vector means that anyone with a vulnerable Log4j version on their machine or local private network can browse a website and potentially trigger the vulnerability," Matthew Warner, CTO of Blumira, said.