%term

The Road Ahead: What Awaits in the Era of AI-Powered Cyberthreats?

Jan 16, 2024 By Rik Ferguson In Forescout

Artificial intelligence (AI) is rapidly infiltrating the business world and our daily lives. While revolutionizing how – and how efficiently – work gets done, it also introduces a new set of cybersecurity challenges. In response to the evolving, AI-shaped threat landscape, I foresee organizations adopting robust countermeasures.

Read Post

Forescout

Read more about The Road Ahead: What Awaits in the Era of AI-Powered Cyberthreats?

CVE-2024-21887 and CVE-2023-46805: Actively Exploited Vulnerabilities in Ivanti Secure Products Chained Together to Achieve Unauthenticated RCE

Jan 16, 2024 By Steven Campbell In Arctic Wolf

In mid-December 2023, Volexity observed UTA0178–a potential Chinese nation-state threat actor–leveraging two zero-day vulnerabilities in Ivanti Connect Secure (formerly known as Pulse Connect Secure) VPN appliances to steal configuration data, modify and download files, establish a reverse tunnel, and ultimately place webshells (GLASSTOKEN) on multiple internal and external-facing web servers.

Read Post

Arctic Wolf

Read more about CVE-2024-21887 and CVE-2023-46805: Actively Exploited Vulnerabilities in Ivanti Secure Products Chained Together to Achieve Unauthenticated RCE

Navigating the Cloud Misconfiguration Maze: A Cybersecurity Odyssey

Jan 16, 2024 By Komodo Research In Komodo Consulting

Imagine a world where digital fortresses are impervious to cyber threats – a utopia for any cybersecurity professional. Yet, we live in a realm where one misstep in cloud configurations opens the gates to potential havoc. As someone who has journeyed through the labyrinth of cybersecurity for over two decades, I've witnessed firsthand how a simple misconfiguration can escalate from a minor hiccup to a full-blown security nightmare.

Read Post

Komodo Consulting

Read more about Navigating the Cloud Misconfiguration Maze: A Cybersecurity Odyssey

Top 9 Cyber Risk Scenarios That Can Lead to Financial Loss in 2024

Jan 16, 2024 By Kovrr In Kovrr

Pursuing a cybersecurity initiative takes more than a simple decision made by an organization’s chief information security officer (CISO). It requires resources, time, and, most crucially, buy-in from an organization’s key stakeholders, such as C-suite executives and board members. But trying to persuade the budget approvers while speaking in the technical language of cybersecurity can be off-putting. ‍

Read Post

Kovrr

Read more about Top 9 Cyber Risk Scenarios That Can Lead to Financial Loss in 2024

CVE-2024-20272: Critical Unauthenticated Arbitrary File Upload Vulnerability in Cisco Unity Connection

Jan 16, 2024 By Steven Campbell In Arctic Wolf

On January 10, 2024, Cisco disclosed a critical vulnerability, CVE-2024-20272, with a CVSS score of 7.3, in their Cisco Unity Connection software. This vulnerability allows an unauthenticated remote attacker to upload arbitrary files and execute commands on the underlying operating system. Cisco has released a patch to address the issue.

Read Post

Arctic Wolf

Read more about CVE-2024-20272: Critical Unauthenticated Arbitrary File Upload Vulnerability in Cisco Unity Connection

What Happens if You Answer a Spam Call?

Jan 16, 2024 By Tim Tran In Keeper

If you accidentally answer a spam call, scammers know your number is connected to a real person and can target you with more spam calls. These targeted spam calls will try to trick you into giving up your personal information which allows cybercriminals to steal your money, your identity and even your voice. You should avoid answering spam calls to help prevent cybercriminals from trying to steal your personal information.

Read Post

Keeper

Read more about What Happens if You Answer a Spam Call?

Top VR Games Of 2023

Jan 16, 2024 By SecuritySenses In SecuritySenses

VR games have been steadily gaining popularity for several years now, and this immersive form of gaming could potentially revolutionize the industry. Is there a new VR game coming in 2024? Definitely, 2024 is a year of big discoveries and good projects in VR. Having said that, the future of VR gaming is still uncertain, so we will focus on what is already known. We have thoroughly researched the top VR games of 2023 and compiled our findings below. After reading, you'll likely be eager to grab a headset and dive into the action!

Read Post

SecuritySenses

Read more about Top VR Games Of 2023

Granular Sharing Enforcements

Jan 15, 2024 By Keeper In Keeper

Keeper’s new granular sharing enforcements provide Keeper administrators with more control over global user record and folder management. These policies offer administrators a wide range of flexible restrictions that can be applied to users when both creating and sharing records.

View Video

Keeper

Read more about Granular Sharing Enforcements

Security Key as the Only 2FA Method

Jan 15, 2024 By Keeper In Keeper

Two-Factor Authentication or “2FA” provides an extra layer of security when logging into your Keeper Vault. While support for hardware security keys for 2FA is not new to Keeper, historically, users were required to have a backup method in addition to a security key. Keeper Administrators now have the ability to enforce the use of a hardware-based security key as the only two-factor method via a role enforcement policy setting.

View Video

Keeper

Read more about Security Key as the Only 2FA Method

Machine Learning in Action - An In-Depth Look at Identifying Operating Systems Through a TCP/IP Based Model

Jan 15, 2024 By Asaf Fried In Cato Networks

In the previous post, we’ve discussed how passive OS identification can be done based on different network protocols. We’ve also used the OSI model to categorize the different indicators and prioritize them based on reliability and granularity. In this post, we will focus on the network and transport layers and introduce a machine learning OS identification model based on TCP/IP header values.

Read Post