A frequent topic I am asked about is what the future of the SOC looks like. At first glance, this seems like a simple question – but scratch beneath the surface and it’s actually really complex. Cybersecurity does not exist in its own little pocket universe. Instead, what happens in security operations is driven mainly […]
There’s a new trend emerging in the generative AI space — generative AI for cybersecurity — and Google is among those looking to get in on the ground floor. At the RSA Conference 2023 today, Google announced Cloud Security AI Workbench, a cybersecurity suite powered by a specialized “security” AI language model called Sec-PaLM. An offshoot of […]
The Iranian threat actor known as MuddyWater is continuing its time-tested tradition of relying on legitimate remote administration tools to commandeer targeted systems. While the nation-state group has previously employed ScreenConnect, RemoteUtilities, and Syncro, a new analysis from Group-IB has revealed the adversary’s use of the SimpleHelp remote support software in June 2022. MuddyWater, active […]
Social media platform Twitter on Friday sent a copyright violation notice to code hosting service GitHub to request the removal of a repository that contained Twitter source code. Twitter, now owned by Elon Musk following last year’s $44 billion takeover deal, was looking to take down a public repository owned by GitHub user ‘FreeSpeechEnthusiast’. According […]
U.S. companies face a wide array of issues potentially impacting their ability to borrow money. In recent months, a banking crisis and high interest rates have stretched some companies thin, leading to layoffs and decreases in spending. At the same time, credit rating agencies, which assess companies’ ability to pay back borrowed money, are increasingly factoring in […]
China has accused the US of exaggerating national security fears about TikTok to suppress the Chinese company. US government agencies have been ordered to wipe the Chinese app from all staff devices within 30 days, because of concern over cyber-security. Similar steps have been taken by Canada and the EU, with some politicians calling for nationwide bans. […]
ChatGPT made a splash with its user-friendly interface and believable AI-generated responses. With a single prompt, ChatGPT provided detailed answers that other AI assistants had not achieved. Powered by a massive dataset that ChatGPT had been trained on, the breadth and variety of topics it could address quickly amazed the tech industry and the public. […]
Twitter quietly announced plans last week that it would remove two-factor authentication for all unpaid accounts in an effort, it says, to reduce abuse of phone-based 2FA by threat actors. “To date, we’ve offered three methods of 2FA … unfortunately we have seen phone-number based 2FA be used — and abused — by bad actors,” […]
When faced with sophisticated cyberattacks in a rigorous simulation setting, deep reinforcement learning was effective at stopping adversaries from reaching their goals up to 95 percent of the time. The outcome offers promise for a role for autonomous AI in proactive cyber defense. Scientists from the Department of Energy’s Pacific Northwest National Laboratory (PNNL) documented […]
For decades, Washington policymakers have struggled over meaningfully addressing the collective cybersecurity risks that are brought on by the internet and shared by governments, critical infrastructure, private businesses, and individuals alike. Until recently, many of the efforts to solve these cross-cutting, multi-sector security challenges have been handled through a mix of voluntary cooperation, public-private partnerships […]