Security News

Generative AI in Security: Risks and Mitigation Strategies
2024-10-15 18:18

Microsoft’s Siva Sundaramoorthy provides a blueprint for how common cyber precautions apply to generative AI deployed in and around security systems.

Microsoft disables BitLocker security fix, advises manual mitigation
2024-08-15 15:26

Microsoft has disabled a fix for a BitLocker security feature bypass vulnerability due to firmware incompatibility issues that were causing patched Windows devices to go into BitLocker recovery mode. [...]

Week in review: Palo Alto firewalls mitigation ineffective, PuTTY client vulnerable to key recovery attack
2024-04-21 08:00

Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigationWhile it initially seemed that protecting Palo Alto Network firewalls from attacks leveraging CVE-2024-3400 would be possible by disabling the devices' telemetry, it has now been confirmed that this mitigation is ineffectual. Geopolitical tensions escalate OT cyber attacksIn this Help Net Security interview, Andrew Ginter, VP of Industrial Security at Waterfall Security, discusses operational technology cyber attacks and their 2024 Threat Report.

Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation
2024-04-17 09:29

While it initially seemed that protecting Palo Alto Network firewalls from attacks leveraging CVE-2024-3400 would be possible by disabling the devices' telemetry, it has now been comfirmed that this mitigation is ineffectual."Device telemetry does not need to be enabled for PAN-OS firewalls to be exposed to attacks related to this vulnerability," Palo Alto Networks noted on Tuesday, and said they are aware of an "Increasing number of attacks that leverage the exploitation of this vulnerability."

Quick Glossary: Cybersecurity Attack Response and Mitigation
2024-03-19 16:00

This quick glossary, created by Mark W. Kaelin for TechRepublic Premium, explains the terminology used by security experts as they attempt to reduce the damage caused by a successful attack. Evidence may include documents, logs, software or hardware.

Product showcase: SearchInform Risk Monitor – next-gen DLP based insider threat mitigation platform
2024-02-13 04:30

Basically, DLP systems are aimed at prevention of data leaks, and in real-life mode they monitor and block transmitting of confidential data. That's why SearchInform offers the next-gen platform for internal threat mitigation - Risk Monitor.

Ivanti: VPN appliances vulnerable if pushing configs after mitigation
2024-01-22 18:24

Ivanti warned admins to stop pushing new device configurations to appliances after applying mitigations because this will leave them vulnerable to ongoing attacks exploiting two zero-day vulnerabilities. "Customers should stop pushing configurations to appliances with the XML in place, and not resume pushing configurations until the appliance is patched," Ivanti said in a new update published on Saturday.

Qakbot Takedown Aftermath: Mitigations and Protecting Against Future Threats
2023-12-01 10:50

The U.S. Department of Justice (DOJ) and the FBI recently collaborated in a multinational operation to dismantle the notorious Qakbot malware and botnet. While the operation was successful in...

Generative-AI apps & ChatGPT: Potential risks and mitigation strategies
2023-06-22 13:15

The rise of Generative-AI apps and GPT services exacerbates this issue, with employees of all departments rapidly adding the latest and greatest AI apps to their productivity arsenal, without the security team's knowledge. From engineering apps such as code review and optimization to marketing, design and sales apps such as content & video creation, image creation and email automation apps.

More MOVEit mitigations: new patches published for further protection
2023-06-09 21:54

Even if you're not a MOVEit customer, and even if you'd never heard of the MOVEit file sharing software before the end of last month. As you can imagine, because this security hole existed in the web front-end to the MOVEit software, and because MOVEit is all about uploading, sharing and downloading corporate files with ease, these criminals abused the bug to grab hold of trophy data to give themselves blackmail leverage over their victims.