Microsoft has deactivated a tool designed to simplify the installation of Windows applications after hacking groups began exploiting the functionality to distribute malware loaders, leading to infections involving backdoors and ransomware.
The National Institute of Standards and Technology is failing to provide adequate information about how it plans to award funding opportunities to research institutions and private organizations through a newly established Artificial Intelligence Safety Institute, according to a group of lawmakers.
Marc Lueck, EMEA CISO at Zscaler, describes generative AI as the bridge between traditional AI and machine learning. He said it offers the ability to engage in humanlike conversations while tapping into vast data repositories and is both a powerful defense mechanism and a potential vulnerability.
Microsoft said Iranian state hackers are using a newly developed backdoor to target organizations in the American defense industrial base. The Iranian state threat actor that Microsoft tracks as Peach Sandstorm employed a custom backdoor named FalseFont.
The DFIR landscape is constantly evolving, driven by technological advancements and new cyberthreats. "Tsurugi," developed by Giovanni Rattaro, senior cybersecurity expert, and Marco Giorgi, senior DFIR analyst, is an open-source Linux distribution project designed for blue teams.
The U.S. National Institute of Standards and Technology is soliciting public guidance on implementation of an October White House executive order seeking safeguards for artificial intelligence. The order directed the agency to establish guidelines for developers of AI to conduct red-teaming tests.
Automating decision-making in the security operations center strengthens an organization's ability to detect, respond to and mitigate security threats effectively. But the focus has shifted from micro-automation to a unified platform, according to Michael Lyborg, CISO of Swimlane.
The recently released ISC2 workforce study highlights a staggering deficit of 4 million professionals needed in the cybersecurity industry. Despite the challenges, CISO Jon France sees room for optimism. "It's a great profession to come into - never a dull moment," he said.
Marta Rybczyńska, technical program manager at Eclipse Foundation, discussed best practices for reporting vulnerabilities, adopting AI and bridging the gap between developers and security researchers to adhere to cybersecurity best practices for open-source software.
U.S. regulators for the first time detailed the risks artificial intelligence poses to the financial system and classified the technology as an "emerging vulnerability." The Financial Stability Oversight Council in its annual report flagged AI's ability to introduce "certain risks."
Erhan Temurkan, technology and security director at Fleet Mortgages, shares his insights on the integration of generative AI into the multifaceted world of cybersecurity and the dynamic threat landscape. Organizations must find a balance between security and usability, he said.
Criminal use of social engineering at scale continues to surge, as AI-driven automation and easy access to stolen personal information enables attackers to create ever-more sophisticated and tough-to-detect assaults, says Sharon Conheady of First Defense Information Security.
Kai Roer, CEO and founder of Praxis Security Labs, delved into the transformative potential of generative AI in reshaping the mindset and behaviors of security teams and organizations. Amid the buzz around large language models, he highlighted the need for a proactive and adaptive approach.
A U.S. federal court at the behest of Microsoft seized multiple domains used by a Vietnamese cybercrime group that created 750 million fraudulent Microsoft accounts while raking in millions of dollars in illicit revenue. Storm-1152 also sold services to bypass CAPTCHA.
A sweeping executive order tasks AI developers with sharing the results of red-team safety tests with the federal government. But experts tell ISMG the guidance lacks clear directions and critical enforcement measures for federal agencies to review those tests and prevent major safety risks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.