U.K. and U.S. Warn of Pro-Russia Hacktivist Attacks on Operational Technology Systems

U.K. and U.S. Warn of Pro-Russia Hacktivist Attacks on Operational Technology Systems

The U.K.’s National Cyber Security Centre (NCSC) and other international cyber authorities, including the Federal Bureau of Investigation (FBI), have warned about pro-Russia hacktivist attacks targeting providers of operational technology. OT is hardware and software that interacts with the physical environment and includes smart water metres, automated irrigation systems, dam monitoring systems, smart grids and IoT sensors for precision agriculture. In the alert published on May 1, the cyber authorities provide advice to OT providers…

Read More

OpenAI's GPT-4 Can Autonomously Exploit 87% of One-Day Vulnerabilities

OpenAI's GPT-4 Can Autonomously Exploit 87% of One-Day Vulnerabilities

The GPT-4 large language model from OpenAI can exploit real-world vulnerabilities without human intervention, a new study by University of Illinois Urbana-Champaign researchers has found. Other open-source models, including GPT-3.5 and vulnerability scanners, are not able to do this. A large language model agent — an advanced system based on an LLM that can take actions via tools, reason, self-reflect and more — running on GPT-4 successfully exploited 87% of “one-day” vulnerabilities when provided with…

Read More

Prompt Hacking, Private GPTs and Zero-Day Exploits: The Impacts of AI on Cyber Security Landscape

Prompt Hacking, Private GPTs and Zero-Day Exploits: The Impacts of AI on Cyber Security Landscape

AI’s newfound accessibility will cause a surge in prompt hacking attempts and private GPT models used for nefarious purposes, a new report revealed. Experts at the cyber security company Radware forecast the impact that AI will have on the threat landscape in the 2024 Global Threat Analysis Report. It predicted that the number of zero-day exploits and deepfake scams will increase as malicious actors become more proficient with large language models and generative adversarial networks….

Read More

Devices Infected With Data-Stealing Malware Increased by 7 Times Since 2020

Devices Infected With Data-Stealing Malware Increased by 7 Times Since 2020

The number of devices infected with data-stealing malware in 2023 was 9.8 million, a sevenfold increase over the same figure for 2020, according to new research from Kaspersky Digital Footprint Intelligence. However, the researchers believe that the true figure could be as high as 16 million, as credentials from devices infected in 2023 may not be leaked onto the dark web until later this year (Figure A). Figure A: Number of infections of data-stealing malware…

Read More

Mentorship key in building security careers

Mentorship key in building security careers

Throughout my time as a journalist, I have talked with many people throughout various industries and professions about their careers and the path that led them to where they are today. Every one of them may have a different starting point, but a common thread among them has always been mentorship. I have found the same to be true in the world of security. During my conversations with security leaders, we often discuss the topic…

Read More

AI Deepfakes Rising as Risk for APAC Organisations

AI Deepfakes Rising as Risk for APAC Organisations

AI deepfakes were not on the risk radar of organisations just a short time ago, but in 2024, they are rising up the ranks. With AI deepfakes’ potential to cause anything from a share price tumble to a loss of brand trust through misinformation, they are likely to feature as a risk for some time. Robert Huber, chief security officer and head of research at cyber security firm Tenable, argued in an interview with TechRepublic…

Read More

Asia-Pacific Ransomware Threats Depend on Country and Sector, Says Rapid7

Asia-Pacific Ransomware Threats Depend on Country and Sector, Says Rapid7

Raj Samani, Chief Scientist. Image: Rapid7 New research from cyber security firm Rapid7 has shown the ransomware attacks that IT and security professionals are up against in APAC are far from uniform, and they would be better off tapping intelligence that sheds light on attack trends in their specific jurisdiction or sector. Raj Samani, chief scientist at Rapid7, said actual ransomware threats often differ from assumptions based on news coverage. Attack surface research revealed significant…

Read More

Tap into connection points between security and privacy

Tap into connection points between security and privacy

Data privacy and information security are both critical components of building customer trust for organizations. Privacy protects our personal data and empowers us to control its use, while security shields information against unauthorized access and threats. Balancing these needs is key, like finding the sweet spot between convenience and robust protection. In the face of challenges posed by emerging technologies, evolving regulations and the escalating volume of data, privacy and security teams often find themselves…

Read More

Security's Top Cybersecurity Leaders 2024

Security's Top Cybersecurity Leaders 2024

Security magazine presents the honorees of our fourth annual Top Cybersecurity Leaders program, which recognizes enterprise information security executives and professionals and their industry accomplishments. This year’s nominees represent the wide range of cybersecurity professionals making a difference across the field and in their organizations. Our 2024 awardees lead by example and improve security through innovative approaches to risk and technology. The goal of the Top Cybersecurity Leaders program is to spotlight cybersecurity professionals who…

Read More

Jorge Mario Ochoa | Top Cybersecurity Leaders 2024

Jorge Mario Ochoa | Top Cybersecurity Leaders 2024

Learning is a lifelong process and is something Jorge Mario Ochoa has certainly taken to heart. The cybersecurity leader complements his knowledge with master’s degrees in seven disciplines including leadership, business administration, project management, talent management, big data and data analysis, cybersecurity, artificial intelligence and deep learning, as well as a Ph.D. in psychology. Jorge Mario considers a well-rounded education an important tool for cybersecurity professionals. “I am a firm advocate for education and collaboration,”…

Read More
1 3 4 5 6 7 129