Aggregator

Featurespace's AI Expertise Will Enhance Visa's Fraud, Risk and Payments Technology
Visa has signed a definitive agreement to acquire AI-driven fraud prevention leader Featurespace. This acquisition will reinforce Visa's fraud detection capabilities, integrating advanced machine learning technology to strengthen financial crime prevention and protect global transactions.

As Superman has kryptonite, software has weaknesses — with misconfigurations leading the pack.

A vulnerability has been found in Linux Kernel up to 6.1.108/6.6.49/6.10.8 and classified as problematic. This vulnerability affects unknown code of the component AMD Display. The manipulation leads to Privilege Escalation. This vulnerability was named CVE-2024-46812. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.10.9. This affects the function rt_mutex_handle_deadlock. The manipulation leads to deadlock. This vulnerability is uniquely identified as CVE-2024-46829. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.10.9. Affected by this issue is the function get_cpu_for_acpi_id. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2024-46822. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

Илон Маск неожиданно изменил свою тактику в споре с властями.

The US has sanctioned Cryptex, PM2BTC and a Russian national for processing hundreds of millions of dollars derived from cybercrime

A vulnerability classified as critical has been found in Google Chrome up to 54.0. Affected is an unknown function of the component Product Security. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2016-5194. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

2024年9月最值得关注的安全动态

New and updated coverage for Windows Downdate Attacks, Quick Share Vulnerability Exploit, MagicRAT, and More

The post Cicada3301 Ransomware, LummaC2 Infostealer, Obfuscated Net Loader, and More: Hacker’s Playbook Threat Coverage Round-up: September 2024 appeared first on SafeBreach.

The post Cicada3301 Ransomware, LummaC2 Infostealer, Obfuscated Net Loader, and More: Hacker’s Playbook Threat Coverage Round-up: September 2024 appeared first on Security Boulevard.

В сети оказались конфиденциальные данные двух известных  политиков.

ESET research examines the group's malicious wares as used to spy on targets in Ukraine in the past two years

Порой даже минута простоя может вылиться в гигантские суммы убытков…

Feds indict Russian money launderer, Mallox ransomware affiliate rebrands Kryptina to target Linux, and Kimsuky deploys two new malware strains.

The post The Good, the Bad and the Ugly in Cybersecurity – Week 39 appeared first on SentinelOne.

Learn how GitGuardian can help you go from a world of secrets sprawl to a future with secrets-free machine identity frameworks by adopting SPIFFE/SPIRE.

The post How To Get There: Bridging The Technology Gap Preventing You From Adopting A Secrets-free Machine Identity Framework appeared first on Security Boulevard.

A new NIST program will revise security frameworks like NIST’s CSF as AI risks intensify. Plus, the U.S. may ban cars with Russian and Chinese IoT components. Meanwhile, the CSA adds AI insights to its zero trust guide. And get the latest on cybersecurity budgets, SBOMs and the Ghost cybercrime platform!

Dive into six things that are top of mind for the week ending September 27.

1 - NIST unveils program for AI privacy and cybersecurity

How will AI advancements impact risks to cybersecurity and privacy? How should existing frameworks be adapted? What new resources will have to be developed?

These are some of the key questions the new Cybersecurity, Privacy, and AI Program from the National Institute of Standards and Technology (NIST) will seek to answer.

The program will focus both on “the cybersecurity and privacy of AI” and on “the use of AI for cybersecurity and privacy,” Katerina Megas, who leads the NIST Cybersecurity for the Internet of Things (IoT) Program, wrote in a blog.

“The program will coordinate with other NIST programs, federal agencies, and commercial entities as needed to ensure a holistic approach to addressing AI-related cybersecurity and privacy challenges and opportunities,” Megas wrote.

 

 

Part of the program is the creation of a “community profile” to adapt security frameworks, starting with the NIST Cybersecurity Framework (CSF), as AI technology – and its risks – quickly evolve.

For starters, the AI community profile will focus on:

• Cybersecurity and privacy risks faced by organizations that use AI
• Defenses against AI-enabled attacks 
• Ways for organizations to use AI to boost their cyber defenses and privacy protections

To join the AI community profile effort, you can visit the project’s home page and enter your information.

For more information about AI and cybersecurity, check out these Tenable blogs:

• “Do You Think You Have No AI Exposures? Think Again”
• “Securing the AI Attack Surface: Separating the Unknown from the Well Understood”
• “Never Trust User Inputs -- And AI Isn't an Exception: A Security-First Approach”
• “AI Is About To Take Cybersecurity By Storm: Here's What You Can Expect”
• “Compromising Microsoft's AI Healthcare Chatbot Service”

2 - U.S. gov’t to ban cars with Russian, Chinese IoT components

Citing national security concerns, the U.S. Department of Commerce wants to ban digitally connected vehicles that have components made in Russia and China, a move that spotlights automotive IoT’s cyber risk potential.

Specifically, the proposed rule would impact vehicle-connectivity systems (VCS) and automated driving systems (ADS). VCS wares enable vehicles to exchange data with external systems via Bluetooth, cellular, satellite and Wi-Fi modules. Meanwhile, ADS equipment allows vehicles to operate without a driver.

“Commerce has determined that certain technologies used in connected vehicles from the PRC and Russia present particularly acute threats. These countries of concern could use critical technologies within our supply chains for surveillance and sabotage to undermine national security,” reads a White House statement issued this week.

 

 

For example, Russia and China could use connected cars to capture data about U.S. geographical areas, infrastructure and critical infrastructure facilities. They could also tamper with the operation of the vehicles.

VCS and ADS software made by manufacturers “with a sufficient nexus” to the Chinese and Russian governments would be banned starting with 2027 vehicle models. Meanwhile, VCS hardware would be prohibited starting with 2030 vehicle models.

For more information about automotive cybersecurity and protecting automotive IoT devices:

• “Cybersecurity Concerns Rise in the Automotive Industry” (IoT World Today)
• “Software-Defined Vehicle Fleets Face a Twisty Road on Cybersecurity” (Dark Reading)
• “Increased Automotive Data Use Raises Privacy, Security Concerns” (Semiconductor Engineering)
• “The Internet of Things (IoT) in the Automotive Market: Driving the Future of Transportation” (IoT Business News)
• “Internet Connected Cars are vulnerable to attacks: Report” (CISO Mag)

3 - CSA updates zero trust paper with AI insights

Need clarity on how artificial intelligence intersects with the zero trust security model? Check out the new version of the Cloud Security Alliance’s “Zero Trust Guiding Principles” paper, which has been updated throughout with references to AI.

At a high level, version 1.1 of the paper addresses how AI can help you adopt a Zero Trust framework, and it also explains how zero trust can help you secure your AI systems.

“AI can aid with the implementation of a Zero Trust initiative, and Zero Trust principles should be applied in securing the use of AI, including AI models and training data,” the paper reads.

The first version of “Zero Trust Guiding Principles,” published in mid-2023, barely touched on the confluence of AI and zero trust. Thus, this revision is worth checking out even for people who read version 1.0.

 

 

The main goal of the “Zero Trust Guiding Principles” paper is to clearly explain zero trust, a concept that, according to the paper, “is often misunderstood and overcomplicated.”

“When properly understood, Zero Trust philosophy and strategy are valuable tools that organizations can use to enhance security, increase resilience, and guide digital transformation,” the paper reads.

Eleven guiding principles are discussed in the paper, including:

• Begin by determining your intended outcomes, which can be things like cutting costs, boosting your governance and compliance program and reducing IT complexity.
• Breaches will happen, so focus on strengthening your resilience.
• Be clear about the level of risk your organization can tolerate.
• Start small and look for quick wins.
• Monitor continuously.

For more information about the intersection of AI and zero trust:

• “The Future of Zero Trust with AI: Exploring How AI Automates and Enhances Security” (Security Boulevard)
• “Four Pragmatic Ways AI is Already Improving Zero Trust Network” (The Fast Mode)
• “Zero Trust and AI: Better Together” (Mastercard)
• “Confronting Shadow Access Risks: Considerations for Zero Trust and Artificial Intelligence Deployments” (Cloud Security Alliance)
• “Zero Trust AI Governance” (AI Now Institute)

4 - CISO survey: Security budgets up 8% over 2023

Cybersecurity budgets grew 8% on average in 2024, compared with last year, as cybersecurity’s slice of the overall IT budget increased to 13.2% – almost five percentage points higher than in 2020.

Those stats come from the “2024 Security Budget Benchmark Summary Report” by IANS Research and Artico Search, based on a survey of 750-plus CISOs in the U.S. and Canada.

The major drivers of budget increases were the occurrence of a security incident or breach; and a change in an organization’s risk tolerance. Each triggered an average cybersecurity-budget increase of 26% in 2024.

Other major triggers for cybersecurity budget increases were a company repositioning; regulatory requirements; and company growth. Any of these three led to an average budget bump of 17%.

(Source: “2024 Security Budget Benchmark Summary Report” by IANS Research and Artico Search, September 2024)

While the 8% average growth in cybersecurity budgets was higher than the 6% recorded in 2023, it’s smaller than the double-digit percentage increases reported in 2021 and 2022 – 16% and 17% respectively.

“During those years, many organizations were still in catch-up mode regarding their cybersecurity programs,” reads an IANS blog about the 2024 cybersecurity budgets report.

That budget “hypergrowth” period has ended, as many organizations have brought their cybersecurity spending up to appropriate levels. At these organizations, the cybersecurity function “is better understood due to increased collaboration among CISOs, the leadership team and the board of directors,” the blog reads.

Overall, about two thirds of respondents reported a budget increase in 2024, while a quarter of respondents said their budget stayed flat and 12% experienced a cut.

Meanwhile, as a percentage of revenue, security budgets grew from 0.50% to 0.69% compared with last year.

To get more details, check out:

• The blog “2024 Security Budget Benchmark Report: Key Findings”
• The “2024 Security Budget Benchmark Summary Report”

For more information about cybersecurity budget trends:

• “Cybersecurity Budgets in 2024: What Tech and Security Pros Need to Know” (Dice)
• “Almost 60% of corporate cybersecurity budgets are higher this year: report” (CFO Dive)
• “Budgets rise as IT decision-makers ramp up cyber security spending” (ComputerWeekly)
• “The C-suite playbook: Putting security at the epicenter of innovation” (PwC)

5 - NCSC outlines SBOM basics

Not entirely clear about what a software bill of materials (SBOM) is and how it can help your organization better secure its software supply chain? A new article from the U.K. National Cyber Security Centre (NCSC) could help clear things up for you.

Titled “SBOMs and the importance of inventory,” the article explains why – in theory – an SBOM can offer valuable visibility into the components of a piece of software. It also points out that an SBOM’s efficacy will depend on a variety of factors, including:

• Your organization’s software development processes and practices
• Your staff’s experience
• Your organization’s risk tolerance

In other words, an SBOM isn’t a silver bullet.

“The mere presence of an SBOM does not guarantee that a supply chain is secure, and is not the answer to resolving all your supply chain risks,” the article reads.

To get all the details, read the article: “SBOMs and the importance of inventory,”

For more information about SBOMs:

• “CISA Aiming to Improve SBOM Implementation With New Guidance” (Bank Infosecurity)
• “US Government and OpenSSF Partner on New SBOM Management Tool” (Infosecurity Magazine)
• “How to create an SBOM, with example and template” (TechTarget)
• “SBOMs – Software Supply Chain Security’s Future or Fantasy?” (SecurityWeek)
• “SBOMs and security: What IT and DevOps need to know” (TechTarget)

VIDEOS

Leveraging SBOM Practices to Facilitate Risk Reduction (Carnegie Mellon University)

An SBOM Primer (The Linux Foundation)

6 - Int’l police operation dismantles Ghost criminal comms platform

Ghost, an encrypted communications platform built for cybercriminals about nine years ago, has been taken down.

That’s according to the Australian Federal Police (AFP), which led a multi-national law enforcement effort dubbed Operation Kraken that has netted at least 38 arrests.

Among those arrested is a 32-year old Australian man charged with the creation and management of Ghost, whose messages the AFP decrypted and read.

The man, the first Australian accused of masterminding and managing a global criminal platform, allegedly sold modified smartphones with a subscription to an encrypted network.

Ghost became popular among cybercriminals thanks to its sophisticated security offerings, including its use of three encryption standards and a self-destruct mechanism for messages.

“This allowed criminal networks to communicate securely, evade detection, counter forensic measures, and coordinate their illegal operations across borders,” reads an Europol statement.

 

 

About 50 Australians face serious charges for using Ghost to sell illicit drugs, launder money, order killings and threaten to commit acts of violence.

Related law-enforcement action took place in Canada, Italy, Ireland and Sweden.

Today Cloudflare reaffirms its commitment to offering a robust Free service tier that continues to improve. We share why Free is a cornerstone of our business strategy, and how it contributes to building a better Internet.

This year for Cloudflare’s birthday, we’ve extended our AI Assistant capabilities to help you build new WAF rules, added new AI bot & crawler traffic insights to Radar, and given customers new AI bot blocking capabilities

The Cloudflare Radar Data Explorer provides a simple Web-based interface to build more complex API queries, including comparisons and filters, and visualize the results. The accompanying AI Assistant translates a user’s natural language statements or questions into the appropriate Radar API calls.