White House issues Executive Order for safe, secure, and trustworthy AI
President Biden issued a landmark Executive Order to ensure that America leads the way in seizing the promise and managing the risks of artificial intelligence (AI). New …
Citrix Bleed: Mass exploitation in progress (CVE-2023-4966)
CVE-2023-4966, aka “Citrix Bleed”, a critical information disclosure vulnerability affecting Citrix NetScaler ADC/Gateway devices, is being massively exploited by …
Logging Made Easy: Free log management solution from CISA
CISA launched a new version of Logging Made Easy (LME), a straightforward log management solution for Windows-based devices that can be downloaded and self-installed for free. …
Google expands bug bounty program to cover AI-related threats
Google has expanded its bug bounty program, aka Vulnerability Rewards Program (VRP), to cover threats that could arise from Google’s generative AI systems. …
The dangers of dual ransomware attacks
At some point in the movie “Groundhog Day,” Phil Connors breaks his bedside radio when he is woken up (yet again) by the song “I Got You Babe”. This déjà vu seems to await …
AI threat landscape: Model theft and inference attacks emerge as top concerns
Generative AI has emerged as a powerful tool, heralded for its potential but also scrutinized for its implications. Enterprises will invest nearly $16 billion worldwide on …
Companies scramble to integrate immediate recovery into ransomware plans
More than one-third of companies still do not have a well-rounded, holistic ransomware strategy in place, according to Zerto. Immediate recovery crucial for businesses’ …
Cyberattacks cause revenue losses in 42% of small businesses
85% of small business leaders say they are ready to respond to a cyber incident despite a record-high 73% reporting an attack in 2023, according to Identity Theft Resource …
Week in review: VMware patches critical vulnerability, 1Password affected by Okta breach
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: GOAD: Vulnerable Active Directory environment for practicing attack …
Apple news: iLeakage attack, MAC address leakage bug
On Wednesday, Apple released security updates for all supported branches of iOS and iPadOS, macOS, tvOS, watchOS and Safari. This time around, the updates did not garner as …
Raven: Open-source CI/CD pipeline security scanner
Raven (Risk Analysis and Vulnerability Enumeration for CI/CD) is an open-source CI/CD pipeline security scanner that makes hidden risks visible by connecting the dots across …
New infosec products of the week: October 27, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Darktrace, Data Theorem, Jumio, Malwarebytes, Progress, and Wazuh. Progress Flowmon …
Featured news
Sponsored
Don't miss
- Signatures should become cloud security history
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts