All posts in Vulnerabilities
12 Sep, 2024
Cyber security, Cybersecurity, Data management, dependencies, Open Source, Patches, Security, Security News, software, Vulnerabilities
0
Patches deployed for dependency vulnerabilities cause breakages 75% of the time, a new report has revealed. Minor updates were found to break clients 94% of the time, and for version upgrades this was 95%. Software dependencies — the external code or libraries that a project requires to function properly — . . . Read more
29 Aug, 2024
China, Cyber security, Hackers, International, isp, msp, Security, Security News, servers, Tech & Work, Tech Industry, Vulnerabilities, zero day
0
Volt Typhoon, a Chinese state-sponsored hacking group, has been caught exploiting a zero-day vulnerability in Versa Director servers, used by managed service providers and internet service providers. CVE-2024-39717 was added to CISA’s “Known Exploited Vulnerabilities Catalog” on Aug. 23 after Lumen Technologies discovered its active exploitation. Data from Censys shows . . . Read more
26 Apr, 2024
ai, artificial intelligence, Cyber security, Developer, gpt4, Open Source, openai, Python, Security, Security News, Vulnerabilities
0
The GPT-4 large language model from OpenAI can exploit real-world vulnerabilities without human intervention, a new study by University of Illinois Urbana-Champaign researchers has found. Other open-source models, including GPT-3.5 and vulnerability scanners, are not able to do this. A large language model agent — an advanced system based on . . . Read more
12 Feb, 2024
artificial intelligence, budgeting, buy-in, cloud, CXO, Cybersecurity, data theft, digital transformation, google, google cloud security, International, Ransomware, Security, Security News, United Kingdom, Vulnerabilities, Zero Day Exploits
0
Image: Adobe/Sundry Photography As senior director and global head of the office of the chief information security officer (CISO) at Google Cloud, Nick Godfrey oversees educating employees on cybersecurity as well as handling threat detection and mitigation. We conducted an interview with Godfrey via video call about how CISOs and . . . Read more
20 Dec, 2023
"cybersecurity awareness", artificial intelligence, cloud, Cloud Security, CXO, Cyber security, cyber threats, Cybersecurity, cybersecurity threats, cybersecurity training, Malware, Phishing, Ransomware, Security, Security News, Vulnerabilities
0
The rise and rapid adoption of new innovative technologies, such as generative artificial intelligence, no-code apps, automation and the Internet of Things, have dramatically changed the global cybersecurity and compliance landscape for every industry. Cybercriminals are turning to new techniques, tools and software to launch attacks and create greater damage. . . . Read more
31 Oct, 2023
artificial intelligence, artificial intelligence security, bug bounties, generative ai, google, Google Bard, International, Open Source, open source security, Security, Security News, supply chain security, Vulnerabilities
0
Google’s Vulnerability Reward Program offers up to $31,337 for discovering potential hazards. Google joins OpenAI and Microsoft in rewarding AI bug hunts. Image: Markus Mainka/Adobe Stock Google expanded its Vulnerability Rewards Program to include bugs and vulnerabilities that could be found in generative AI. Specifically, Google is looking for bug . . . Read more
09 Sep, 2023
Apple, cyber threats, Cyberattacks, International, Microsoft, Mobility, NSO Group, Pegasus, Security, Security News, storm-0558, Threats, Vulnerabilities
0
Image: 2ragon/Adobe Stock Revelations this week from Microsoft and Apple speak to the COVID-like persistence of cyber threats and the ability of threat actors to adapt in the wild, steal credentials and sidestep patches. Microsoft explained this week how it had discovered and attempted to harden ramparts in the face . . . Read more
Zero-day exploits — or 0days, in hacker-speak — allow attackers to quietly access a network or software. Due to their scarcity and the high stakes attached to high-value targets like Apple or banks, these bugs are often sold on the Dark Web for thousands of dollars. This cheat sheet is . . . Read more
New research on operational technology vulnerabilities by Armis found that 56% of engineering workstations have at least one unpatched critical severity. Image: Siphosethu Fanti/peopleimages.com/Adobe Stock As operational technology (OT) merges with IT, vulnerabilities in operational tech systems are a new threat, not least because these networks involve control frameworks for . . . Read more
Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.