Tue.Sep 19, 2023

article thumbnail

Expert: Keep Calm, Avoid Overhyping China's AI Capabilities

Data Breach Today

China's Ability to Diffuse AI Across Economy Lags Ability to Make Big Breakthroughs A researcher advised lawmakers to "keep calm and avoid overhyping China's AI capabilities" since the authoritarian regime struggles to drive widespread adoption of new technology. He urged Congress to embrace an "open system of innovation" around AI even it that results in some IP leaking to China.

IT 275
article thumbnail

12,000 Juniper SRX firewalls and EX switches vulnerable to CVE-2023-36845

Security Affairs

Researchers discovered approximately 12,000 Juniper SRX firewalls and EX switches vulnerable to a recently disclosed CVE-2023-36845 RCE flaw. VulnCheck researchers discovered approximately 12,000 internet-exposed Juniper SRX firewalls and EX switches that are vulnerable to the recently disclosed remote code execution flaw CVE-2023-36845. In mid-August, Juniper addressed four medium-severity (CVSS 5.3) vulnerabilities (CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847) impacting EX s

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Why Entities Should Review Their Online Tracker Use ASAP

Data Breach Today

Any healthcare organization that embeds tracking technologies in its website should carefully review whether it is inadvertently violating HIPAA or other federal regulations, said Nick Heesters, senior adviser for cybersecurity at the Department of Health and Human Services' Office for Civil Rights.

article thumbnail

Trend Micro addresses actively exploited zero-day in Apex One and other security Products

Security Affairs

Trend Micro addressed a zero-day code execution vulnerability (CVE-2023-41179) in Apex One that has been actively exploited in the wild. Trend Micro has released security updates to patch an actively exploited zero-day vulnerability, tracked as CVE-2023-41179, impacting endpoint security products, including Apex One, Apex One SaaS, and Worry-Free Business Security products.

Security 140
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Cyber Experts Urge House Committee to Avoid Federal Shutdown

Data Breach Today

Annual Federal Funding Will Expire in 12 Days Cybersecurity experts urged Congress to avoid a government shutdown on Oct. 1 - the start of the new federal fiscal year - telling a House panel that a lapse would damage efforts to keep the nation secure. Congress has yet to approve funding bills necessary to keep most federal agencies operational.

More Trending

article thumbnail

CrowdStrike to Buy AppSec Startup Bionic for Reported $350M

Data Breach Today

Deal Will Offer Visibility Into Application Behavior, Vulnerability Prioritization CrowdStrike will buy an application security firm founded by two Israel Defense Forces veterans to deliver risk visibility and protection across the cloud. The deal will provide visibility into application behavior and vulnerability prioritization for server-based and serverless infrastructure.

Cloud 247
article thumbnail

ShroudedSnooper threat actors target telecom companies in the Middle East

Security Affairs

ShroudedSnooper threat actors are targeting telecommunication service providers in the Middle East with a backdoor called HTTPSnoop. Cisco Talos researchers recently discovered a new stealthy implant dubbed HTTPSnoop that was employed in attacks against telecommunications providers in the Middle East. The HTTPSnoop backdoor supports novel techniques to interface with Windows HTTP kernel drivers and devices to listen to incoming requests for specific HTTP(S) URLs.

IT 127
article thumbnail

Generative AI: Embrace It, But Put Up Guardrails

Data Breach Today

In this episode of CyberEd.io's podcast series, "Cybersecurity Insights," Daniel DeSantis, director of CISO Advisory at Cisco, and Pam Lindemoen, CISO adviser at Cisco, discuss how generative AI will change and elevate the role of the CISO as well as what the future holds for network security.

IT 237
article thumbnail

Recent cyber attack is causing Clorox products shortage

Security Affairs

The cyber attack that hit the cleaning products manufacturer Clorox in August is still affecting the supply of the products to customers. The Clorox Company is a multinational consumer goods company that specializes in the production and marketing of various household and professional cleaning, health, and personal care products. The cleaning product giant announced in mid-August it was the victim of a cybersecurity incident that forced it to take some systems offline “The Clorox Company has ide

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Journey to the Cloud: Navigating the Transformation - Part 2

Data Breach Today

Nikko Asset Management's Marcus Rameke on the Advantages of HCI On-Premises In Part 2 of this three-part blog post, Nikko Asset Management's Marcus Rameke discusses why he prefers HCI over traditional three-tier architecture data centers and IaaS and why the vision to move the workload to SaaS or PaaS is preferable. Part 3 will continue this discussion.

Cloud 206
article thumbnail

Earth Lusca expands its arsenal with SprySOCKS Linux malware

Security Affairs

China-linked threat actor Earth Lusca used a new Linux malware dubbed SprySOCKS in a recent cyber espionage campaign. Researchers from Trend Micro, while monitoring the activity of the China-linked threat actor Earth Lusca , discovered an encrypted file hosted on a server under the control of the group. Additional analysis led to the discovery of a previously unknown Linux backdoor tracked as SprySOCKS.

IT 124
article thumbnail

China-Linked Actor Taps Linux Backdoor in Forceful Espionage Campaign

Dark Reading

"SprySOCKS" melds features from multiple previously known badware and adds to the threat actor's growing malware arsenal, Trend Micro says.

119
119
article thumbnail

Detecting AI-Generated Text

Schneier on Security

There are no reliable ways to distinguish text written by a human from text written by an large language model. OpenAI writes : Do AI detectors work? In short, no. While some (including OpenAI) have released tools that purport to detect AI-generated content, none of these have proven to reliably distinguish between AI-generated and human-generated content.

IT 115
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

MGM, Caesars Face Regulatory, Legal Maze After Cyber Incidents

Dark Reading

MGM and Caesars are putting new SEC incident disclosure regulations to a real-world test in the aftermath of twin cyberattacks on the casinos, as class-action lawsuits loom.

115
115
article thumbnail

Generative AI as a catalyst for change in the telecommunications industry

IBM Big Data Hub

Generative artificial intelligence (AI) burst into the mainstream in 2023, lighting a fire under businesses to integrate enterprise-grade versions into their processes. By 2024, 60% of C-suite executives are planning to pilot or operate generative AI in some way, indicating that generative AI’s public-facing platforms have awakened the world to its groundbreaking capabilities For Communications Service Providers (CSPs) and Network Equipment Providers (NEPs), in particular, generative AI ho

article thumbnail

Clorox Sees Product Shortages Amid Cyberattack Cleanup

Dark Reading

Everyone's favorite pandemic-era brand is experiencing store shortages in the wake of a cyberattack that impacted its global production lines — and there's no timeline for normal operations to resume.

Cleanup 110
article thumbnail

JNUC 2023 Keynote

Jamf

JNUC 2023 got off to an announcement-packed start with our brand-new CEO John Strosahl. He and other members of the team, along with our partners, spoke about the growth of Apple, the introduction of Trusted Access and Jamf Pro 11— and how closely security and management must work in harmony to keep businesses and schools productive and secure.

Access 107
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Romance Scams That Run Your Crypto Wallet Dry

KnowBe4

Scammers are using dating sites to lure victims into phony cryptocurrency investment schemes, according to Sean Gallagher at Sophos.

article thumbnail

Trend Micro Patches Zero-Day Endpoint Vulnerability

Dark Reading

The critical vulnerability involves uninstalling third-party security products and has been used in cyberattacks.

Security 104
article thumbnail

CyberheistNews Vol 13 #38 No Dice for MGM Vegas As It Battles Ransomware Attack Downtime

KnowBe4

No Dice for MGM Vegas As It Battles Ransomware Attack Downtime

article thumbnail

CapraRAT Impersonates YouTube to Hijack Android Devices

Dark Reading

Pakistani threat group Transparent Tribe targets military and diplomatic personnel in India and Pakistan with romance-themed lures in the latest spyware campaign.

Military 103
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

China's Cyber Offensive: FBI Director Reveals Unmatched Scale of Hacking Operations

KnowBe4

WASHINGTON – In a startling revelation, FBI Director Chris Wray disclosed at a recent conference that China's cyber espionage capabilities are so extensive, they bigger than the efforts of all other major nations combined.

98
article thumbnail

Name That Toon: Somewhere in Sleepy Hollow

Dark Reading

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

102
102
article thumbnail

AI code-generation software: What it is and how it works

IBM Big Data Hub

Using generative artificial intelligence (AI) solutions to produce computer code helps streamline the software development process and makes it easier for developers of all skill levels to write code. The user enters a text prompt describing what the code should do, and the generative AI code development tool automatically creates the code. It can also modernize legacy code and translate code from one programming language to another.

IT 80
article thumbnail

'ShroudedSnooper' Backdoors Use Ultra-Stealth in Mideast Telecom Attacks

Dark Reading

The threat cluster hasn't been seen before, but its custom Windows server backdoors have researchers intrigued thanks to their extremely effective stealth mechanisms.

IT 97
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Buying APM was a good decision (so is getting rid of it)

IBM Big Data Hub

For a long time, there wasn’t a good standard definition of observability that encompassed organizational needs while keeping the spirit of IT monitoring intact. Eventually, the concept of “Observability = Metrics + Traces + Logs” became the de facto definition. That’s nice, but to understand what observability should be , you must consider the characteristics of modern applications: Changes in how they’re developed, deployed and operated The blurring of lines betwe

IT 79
article thumbnail

Qatar Cyber Chiefs Warn on Mozilla RCE Bugs

Dark Reading

The WebP vulnerability affects multiple browsers besides Firefox and Thunderbird, with active exploitation ongoing.

88
article thumbnail

Observing Camunda environments with IBM Instana Business Monitoring

IBM Big Data Hub

Organizations today struggle to detect, identify and act on business operations incidents. The gap between business and IT continues to grow, leaving orgs unable to link IT outages to business impact. Site reliability engineers (SREs) want to understand business impact to better prioritize their work but don’t have a way of monitoring business KPIs.