This Week in Security News – February 4th, 2022

This Week in Security News – February 4th, 2022

Read on:  The Samba Vulnerability: What is CVE-2021-44142 and How to Fix It An earlier version of an out-of-bounds (OOB) vulnerability in Samba was disclosed via Trend Micro Zero Day Initiative’s (ZDI) Pwn2Own Austin 2021. While we have not seen any active attacks exploiting this vulnerability, CVE-2021-44142 received a CVSS rating of 9.9 out of the three variants reported. If abused, this security gap can be used by remote attackers to execute arbitrary code as…

Read More

Why Cyber Change Outpaces Boardroom Engagement

Why Cyber Change Outpaces Boardroom Engagement

Humans are addicted to stories. But sometimes the stories we tell are overly simplistic. In cybersecurity, a recurring narrative is one of C-suite executives perpetually at odds with IT leaders. They’re disinterested in what the security team does, and release funds begrudgingly and often reactively once a serious incident has occurred. This leads to mounting cyber risk, and an increasing likelihood that the organization will suffer serious reputational and financial damage stemming from future incidents—or…

Read More

Codex Exposed Helping Hackers in Training

Codex Exposed Helping Hackers in Training

In June 2020, OpenAI released version 3 of its Generative Pre-trained Transformer (GPT-3), a natural language transformer that took the tech world by storm with its uncanny ability to generate text seemingly written by humans. But GPT-3 was also trained on computer code, and recently OpenAI released a specialized version of its engine, named Codex, tailored to help — or perhaps even replace — computer programmers. In a series of blog posts, we explore different…

Read More

How to Use Zero Trust Security for the Hybrid Cloud

How to Use Zero Trust Security for the Hybrid Cloud

Applying a zero trust approach to DevOps processes is critical to ensuring secure apps. Especially considering some parts of the part are built in-house, other components use tech purchased or leased from other vendors, and some of it is composed of open source code. The software supply chain must be protected by authenticating users’ credentials, continuously monitoring the network and user behavior, and vetting any third-party or open source technology brought on board. Will all…

Read More

This Week in Security News – January 28th, 2022

This Week in Security News – February 4th, 2022

Read on: Codex Exposed Task Automation and Response Consistency In this blog series, Trend Micro explores different aspects of Codex and assess its capabilities with a focus on the security aspects that affect not only regular developers, but also malicious users. Being able to automate tasks or programmatically execute them unsupervised is an essential part of both regular and malicious computer usage. In this series, Trend Micro explores if a tool like Codex is reliable…

Read More

3 Remote Work Security Tips for CISOs

3 Remote Work Security Tips for CISOs

Remote and hybrid work environments are here to stay, which means CISOs need to establish an effective security strategy for managing the expanding attack surface. Organizations can no longer afford (quite literally) to play catch-up with remote work security as ransomware cases and demands continue to rise. Greg Young, Trend Micro’s VP of cybersecurity and Mick McCluney, technical lead for Trend Micro Australia, explore how to create a resilient work from home (WFH) security strategy….

Read More

Codex Exposed How Low Is Too Low When We Generate Code

Codex Exposed How Low Is Too Low When We Generate Code

Codex Exposed How Low Is Too Low When We Generate Code In a series of blog posts, we explore different aspects of Codex and assess its capabilities with a focus on the security aspects that affect not only regular developers but also malicious users. This is the second part of the series. By: Forward-Looking Threat Research Team January 14, 2022 Read time:  ( words) In June 2020, OpenAI released version 3 of its Generative Pre-trained…

Read More

This Week in Security News – January 14, 2022

This Week in Security News – February 4th, 2022

Read on: Defending Systems Against Attacks with Layers of Remote Control As organizations brace themselves for the year ahead, now is an opportune time to take stock of how they can strengthen their security posture and shore up their defenses. While organizations may have the power of leading-edge cybersecurity solutions on their side, malicious actors continue to work diligently to refine their methods and take advantage of vulnerabilities every chance they get. Congress To Update…

Read More

Make it Personal with C1Conversations

Make it Personal with C1Conversations

Make it Personal with C1Conversations | Security Magazine This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more. This Website Uses CookiesBy closing…

Read More

Codex Exposed Exploring the Capabilities and Risks of OpenAIs Code Generator

Codex Exposed Exploring the Capabilities and Risks of OpenAIs Code Generator

While GPT-3, the general-purpose language transformer that powers Codex, has recently been opened to the public, Codex itself remains a technical preview open to a limited selection of users. Codex powers the functionality of GitHub’s Copilot, a programming assistant available as a plug-in for Visual Studio Code that is able to offer AI-powered autocomplete and code translation on the fly. Its capabilities are still rough around the edges, but they give a good idea of…

Read More
1 13 14 15 16 17 18