Security News > 2023 > October

How to Mount Remote Directories with SSH Learn how to easily mount remote directories with the help of a more secure SSH tool. Do you have remote directories you need to mount on your local desktop so you can work on code, configurations, documentation or just about any kind of file? If those remote files are on a server and you don't want to share them via the less secure Samba, Secure Shell has you covered.

Described by curl project founder and lead developer Daniel Stenberg as "Probably the worst curl security flaw in a long time," the patches address two separate vulnerabilities: CVE-2023-38545 and CVE-2023-38546. We now know the first vulnerability, CVE-2023-38545, is a heap-based buffer overflow flaw that affects both libcurl and the curl tool, carrying a severity rating of "High." Possible outcomes of such issues include the corruption of data and, in the worst cases, the execution of arbitrary code.

Experts from security firm F5 have argued that cyber criminals are unlikely to send new armies of generative AI-driven bots into battle with enterprise security defences in the near future because proven social engineering attack methods will be easier to mount using generative AI. The release of generative AI tools, such as ChatGPT, have caused widespread fears that democratization of powerful large language models could help bad actors around the world supercharge their efforts to hack businesses and steal or hold sensitive data hostage. F5, a multicloud security and application delivery provider, tells TechRepublic that generative AI will result in a growth in social engineering attack volumes and capacity in Australia, as threat actors deliver a higher volume of better quality attacks to trick IT gatekeepers.

Opinion The UK Extension to the EU-US Data Privacy Framework will enter into force on October 12, allowing certifying entities to easily transfer personal data from the UK to the US. Transferring personal data across the Atlantic would otherwise be prohibited under the UK General Data Protection Regulation without transfer mechanisms. As the UK is no longer a member of the European Union, the DPF does not automatically enable the transfer of personal data from the UK to the US. Transfers of personal data from the UK will require a Data Bridge.

Microsoft has released its Patch Tuesday updates for October 2023, addressing a total of 103 flaws in its software, two of which have come under active exploitation in the wild. Of the 103 flaws,...

Thankfully, there are complimentary Microsoft 365 security training modules. Improve your cloud security posture with Microsoft Defender for Cloud.

Microsoft has linked the exploitation of a recently disclosed critical flaw in Atlassian Confluence Data Center and Server to a nation-state actor it tracks as Storm-0062 (aka DarkShadow or...

In this Help Net Security video, Anuj Goel, CEO at Cyware, explains how cyber fusion is helping enterprises modernize their security operations and turn their SOC from reactive to proactive. The...

In Q2 2023, 95% of malware now arrives over encrypted connections, endpoint malware volumes are decreasing despite campaigns growing more widespread, ransomware detections are declining amid a rise in double-extortion attacks, and older software vulnerabilities persist as popular targets for exploitation among modern threat actors, among other trends, according to WatchGuard. "The data analyzed by our Threat Lab for our latest report reinforces how advanced malware attacks fluctuate in occurrence and multifaceted cyber threats continue to evolve, requiring constant vigilance and a layered security approach to combat them effectively," said Corey Nachreiner, CSO at WatchGuard.

Which is why I'm pleased to announce that the Center for Internet Security has tested its CIS Hardened Images with two popular cloud services: Azure Update Manager and Amazon EC2 Image Builder. Making sure the essentials are covered to help YOU. The CIS Hardened Images are virtual machine images that are pre-hardened to the security recommendations of the CIS Benchmarks.