Security News > 2023 > November

Goerlich emphasizes the role of organizational culture in successfully adopting zero trust, outlines strategies for cultivating a supportive culture, and talks about future trends in the evolution of the zero-trust model. We've seen measurable increases in the security function's ability to keep up with the business, adapt to external events, and create a security culture.

Recent IDC research shows that in many cases, senior executives/line-of-business leaders are minimally engaged in their company's cyber preparedness initiatives. 52% of senior leaders have no involvement in their company's cyber cases.

Google has rolled out security updates to fix seven security issues in its Chrome browser, including a zero-day that has come under active exploitation in the wild. Tracked as CVE-2023-6345, the...

Vigil is an open-source security scanner that detects prompt injections, jailbreaks, and other potential threats to Large Language Models. "I've been really excited about the possibilities of LLMs, but have also noticed the need for better security practices around the applications built around them and the data we give the applications access to. This project gave me a great chance to build something at the intersection of AI and cybersecurity. Hopefully it is providing other security researchers and developers a start in experimenting with existing LLM input and output safety measures, and even creating their own. More"whats possible" than anything I'd expect to be used directly in production," Adam M. Swanda, the creator of Vigil, told Help Net Security.

Researchers at Eurecom have developed six new attacks collectively named 'BLUFFS' that can break the secrecy of Bluetooth sessions, allowing for device impersonation and man-in-the-middle attacks. BLUFFS is a series of exploits targeting Bluetooth, aiming to break Bluetooth sessions' forward and future secrecy, compromising the confidentiality of past and future communications between devices.

Google has fixed the sixth Chrome zero-day vulnerability this year in an emergency security update released today to counter ongoing exploitation in attacks. Google TAG is known for uncovering zero-days, often exploited by state-sponsored hacking groups in spyware campaigns targeting high-profile individuals like journalists and opposition politicians.

Google has fixed the fifth Chrome zero-day vulnerability this year in an emergency security update released today to counter ongoing exploitation in attacks. Google TAG is known for uncovering zero-days, often exploited by state-sponsored hacking groups in spyware campaigns targeting high-profile individuals like journalists and opposition politicians.

At AWS re:Invent, NVIDIA contributed GPUs to Amazon's cloud efforts and added a retriever system to its AI Enterprise Software platform on AWS Marketplace. Amazon Web Services announced an AI chatbot for enterprise use, new generations of its AI training chips, expanded partnerships and more during AWS re:Invent, held from November 27 to December 1, in Las Vegas.

A Plex "Feature" is raising privacy hackles of some users after sharing with others what they are watching on the streaming service - seemingly without their consent. At the start of this month Plex rolled out "Discover Together," with an "Activity" feature that shows "What you and your friends are watching, rating, and saving to your Watchlists," according to the streaming service.

Soon we will be able to unlock and start our cars from our phones. Steve Durbin November 28, 2023 3:42 PM. The article has an odd error - Tesla did not abandon phone keys for the Model 3, it's the standard way most people access their cars.