Security News

The data-driven model identifies 9% of organizations as those with the most mature and holistic identity security strategies. These transformative organizations have a well-rounded focus on implementing identity security tools, are inherently agile and display a "Fail fast, learn faster" characteristic even in times of a successful cybersecurity attack.

Data backups get a lot of attention, but sadly, sometimes, the operational work that keeps networks secure - like device backups, upgrades, and configuration grooming - goes undone. Recent high-profile network outages have brought attention to the importance of not just automating improvements in network security and operations but recovering quickly and minimizing downtime when disaster strikes.

Microsoft has added Security Copilot, a natural language chatbot that can write and analyze code, to its suite of products enabled by OpenAI's GPT-4 generative AI model. Microsoft will release more information through its email updates about when Security Copilot might become generally available.

A group of academics from Northeastern University and KU Leuven has disclosed a fundamental design flaw in the IEEE 802.11 Wi-Fi protocol standard, impacting a wide range of devices running Linux, FreeBSD, Android, and iOS. Successful exploitation of the shortcoming could be abused to hijack TCP connections or intercept client and web traffic, researchers Domien Schepers, Aanjhan Ranganathan, and Mathy Vanhoef said in a paper published this week. Besides manipulating the security context to leak frames from the queue, an attacker can override the client's security context used by an access point to receive packets intended for the victim.

Why? Bad actors know that SMEs typically have a smaller security budget, less infosec manpower, and possibly weak or missing security controls to protect their data and infrastructure. The good news is you don't have to create your security strategy from scratch.

Microsoft has unveiled Security Copilot, an AI-powered analysis tool that aims to simplify, augment and accelerate security operations professionals' work. Security Copilot takes the form of a prompt bar through which security operation center analysts ask questions in natural language and receive practical responses.

WAF is not enough: developing a contextual framework for smart mobility API security#. Smart mobility services have always been monitoring and securing API transactions to avoid revenue loss due to fraud, service downtime, and compromising organizational or users private data.

The Digital Markets Act ruled that users on different platforms should be able to exchange messages with each other. How will the networks manage keys, authenticate users, and moderate content? How much metadata will have to be shared, and how?

92% of network security and operations pros say there are more network updates needed than they can keep up with. While 61% of companies only upgrade network and security devices quarterly or less frequently, 48% of survey respondents say their company has not implemented or invested deeply in network automation, opening them up to security breaches and other serious issues.

Senior Chinese government officials have urged Apple CEO Tim Cook to improve the security and privacy features of his company's products. "Director Zheng Shanjie said that the Chinese government will unswervingly implement the basic national policy of opening to the outside world, and the National Development and Reform Commission will continue to support foreign-funded enterprises including Apple in their business in China," the post states.