Microsoft's September dump of fixes addresses two actively exploited zero-day vulnerabilities, including one in Microsoft Word that has a proof-of-concept code available publicly. "Definitely put this one on the top of your test-and-deploy list," wrote Dustin Childs.
U.S. federal agencies are advising organizations to hone their real-time verification capabilities and passive detection techniques to alleviate the impact of deepfakes. The technology's easy accessibility means less capable malicious actors can make use of deepfakes' mounting verisimilitude.
To some extent, ransomware has become like COVID-19 - a threat we all need to learn to live alongside. But Aaron Bugal, field CTO of Sophos, says there is still much that security and technology leaders can do to reduce their risk by addressing activity that often precedes a ransomware attack.
The European Union will open up supercomputers to artificial intelligence startups in a bid to boost innovation inside the trading bloc, European Commission President Ursula von der Leyen said Wednesday. She said Europe has a "narrowing window of opportunity" to guide responsible innovation.
Kubernetes is warning all users to immediately update their clusters to the latest version - released Aug. 23 - to patch a trio of critical command injection vulnerabilities attackers can use to remotely execute code. Akamai has released proof-of-concept code for exploiting one of the flaws.
Booking and reservation systems, as well as slot machines, hotel room door locks, ATMs and more remain offline at multiple MGM Resorts properties as the publicly traded casino hotel giant battles "a cybersecurity issue" that one group of security researchers has tied to a ransomware group attack.
In Part 1 of this three-part blog post, Nikko Asset Management's Marcus Rameke provides an introduction and defines the requirements for making the transformative journey to the cloud. Parts 2 and 3 will discuss more detailed aspects of making the shift to the cloud.
As tech companies have jumped to incorporate AI in products, artificial intelligence with no human supervision runs the risk of catastrophe, warned two tech executives before a panel of U.S. senators who intend to introduce regulatory legislation later this year.
Google released a fix on Monday for a Chrome zero-day that allows an attacker to remotely target a vulnerable version of the browser. The bug is tracked as a heap buffer overflow in the WebP image format, which is specifically designed to optimize web images.
Hackers aligned with the Iranian state are targeting vulnerable Microsoft Exchange Servers to deploy a new malware backdoor that has already victimized over two dozen Israeli organizations as part of an ongoing espionage campaign. Hackers' initial access point into systems likely was ProxyLogon.
Federal regulators have smacked a large California health plan with a $1.3 million fine to settle potential HIPAA violations for two relatively small breaches that affected about 2,250 individuals. But officials indicate "long-standing HIPAA deficiencies" were a "systemic" problem at the insurer.
Adobe, IBM, Nvidia, and five additional tech giants on Tuesday signed onto a White House-driven initiative for developing secure and trustworthy generative artificial intelligence models. The commitments, at least for now, are the closet approximation of targeted AI regulation in the United States.
Netcraft purchased an online brand protection vendor to incorporate security analysts into the company's highly automated cybercrime takedown process. The deal will expedite the takedown of fraudulent websites by capitalizing on their joint knowledge of the global infrastructure provider landscape.
In this episode of CyberEd.io's podcast series "Cybersecurity Insights," Censys CEO Brad Brooks discusses the stresses a CISO experiences in trying to prevent cyberattacks and in dealing with those that do occur. Topics include breach disclosure and cybersecurity marketing to CISOs.
How does an organization achieve peace of mind with security while overcoming the challenges of complex hybrid and multi-cloud networks? Here are the top reasons why your organization should consider implementing a cloud-native firewall service to protect your AWS environments and applications.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.