Security News

What role do AI and automation play in cloud communications cybersecurity, and how can these technologies be leveraged to improve security posture? AI and automation are transforming cloud communications cybersecurity by enhancing threat detection, response times and the overall efficacy and efficiency of security operations.

Online graphic design platform Canva went looking for security problems in fonts, and found three - in "Strange places." Tools like FontForge and ImageMagick can rename filenames of fonts, allowing users to work within a complex naming system to better locate a desired font inside a collection.

The report surveyed 150 IT security and data science leaders to shed light on the biggest vulnerabilities impacting AI today, their implications for commercial and federal organizations, and cutting-edge advancements in security controls for AI in all its forms. This has made AI security a top priority, with 94% of IT leaders dedicating funds to safeguard their AI in 2024.

We know what went on at security awareness training vendor KnowBe4's seventh annual KB4-CON user conference in Florida. In this feature, written by Drew Robb for TechRepublic Premium, you can get to know about KnowBe4's ambitions to weave AI into its product portfolio, and how AI, voice cloning and ChatGPT have changed the way nefarious individuals hack.

VMware has released patches to address four security flaws impacting ESXi, Workstation, and Fusion, including two critical flaws that could lead to code execution. Tracked as CVE-2024-22252 and...

While security principles should apply throughout the organization, locking down the perimeter and ensuring only necessary connections get through is an especially critical goal. Whether traffic is going from outside to inside or vice versa, having a strong, comprehensive and reliable perimeter security policy is integral to securing organizational data and the employees who use it to do their jobs and conduct company business.

A new White House report focuses on securing computing at the root of cyber attacks - in this case, reducing the attack surface with memory-safe programming languages like Python, Java and C# and promoting the creation of standardized measurements for software security. Memory safety vulnerabilities a concern in programming languages.

Malicious software packages are found on public software repositories such as GitHub, PyPI and the npm registry seemingly every day. The security capabilities of public software package repositories plays a crucial factor in securing the open-source software supply chain.

NIST released its final guidelines for integrating software supply chain security in DevSecOps CI/CD pipelines. In this Help Net Security video, Henrik Plate, Security Researcher at Endor Labs, talks about this report, which provides actionable measures to integrate the various building blocks of software supply chain security assurance into CI/CD pipelines to enhance the preparedness of organizations to address supply chain security in the development and deployment of cloud-native applications.

Despite its importance, patching can be challenging for organizations due to factors such as the sheer volume of patches released by software vendors, compatibility issues with existing systems, and the need to balance security with operational continuity. To ensure effective patch management, organizations should establish clear policies and procedures for patching, automate patch deployment where possible, regularly scan for vulnerabilities, prioritize patches based on risk, and conduct thorough testing before deployment.