Security News
Learn about the top 4 security automation use cases that can streamline your cybersecurity efforts. This guide covers reducing enriching indicators of compromise (IoCs), monitoring external attack...
In this Help Net Security interview, Shane Cox, Director, Cyber Fusion Center at MorganFranklin Consulting, discusses the evolving methodologies and strategies in threat hunting and explains how...
To truly harness the most benefit from AI in application security, security professionals should adopt an application-centric approach that automates change management processes, identifies security risks, and ensures compliance. AI's limitations in application security stem from the need for high-quality data to train AI models and the significant possibility of false positives at scale.
A high-severity security bypass vulnerability has been disclosed in Rockwell Automation ControlLogix 1756 devices that could be exploited to execute common industrial protocol programming and configuration commands. "A vulnerability exists in the affected products that allows a threat actor to bypass the Trusted Slot feature in a ControlLogix controller," the U.S. Cybersecurity and Infrastructure Security Agency said in an advisory.
Shuffle is an open-source automation platform designed by and for security professionals. While security operations are inherently complex, Shuffle simplifies the process.
Microsoft has resolved a known issue caused by the June 2024 KB5039302 preview update, causing update problems when using Windows Update automation scripts on Windows 11 systems. "After installing the June 2024 Windows preview update, released June 25, 2024 and later updates, you might face issues using Windows Update Agent API from your script while searching for Windows updates," Microsoft explained on Friday.
Microsoft has identified two critical vulnerabilities in Rockwell Automation's PanelView Plus, enabling remote, unauthenticated attackers to execute arbitrary code and cause a denial-of-service (DoS). Researcher Yuval Gordon explained that the remote code execution flaw exploits custom classes to upload malicious DLLs, while the DoS vulnerability sends unmanageable crafted buffers, crashing the system.The vulnerabilities, CVE-2023-2071 and CVE-2023-29464, with CVSS scores of 9.8 and 8.2, respectively, involve improper input validation. CVE-2023-2071 affects FactoryTalk View Machine Edition versions 13.0, 12.0, and earlier, allowing remote code execution. CVE-2023-29464 impacts FactoryTalk Linx versions 6.30, 6.20, and earlier, enabling data reading from memory and DoS through oversized packets.
Considering the increasing importance of cybersecurity, what are the key benefits and challenges of merging network operations with security operations? Network automation can emulate SMEs at scale, making it a better fit for this problem.
In this Help Net Security interview, Michelle Weston, VP of Security & Resiliency at Kyndryl, discusses the key challenges in security operations and how to address them. How can AI and automation enhance the efficiency and accuracy of security operations?
Created by John Tuckner and the team at automation and AI-powered workflow platform Tines, the SOC Automation Capability Matrix (SOC ACM) is a set of techniques designed to help security...