Recent Security News
-
AI Gives Defenders the Advantage in Enterprise Defense
January 19, 2024 at 02:46PM The International Conference on Cyber Security at Fordham University highlighted the increasing use of AI for enterprise defense against adversaries. While CISOs acknowledge the importance of AI, they are also prioritizing supply chain security, authentication technologies, and addressing the implications of global conflicts on critical infrastructure. CISOs believe AI provides…
-
CISA emergency directive: Mitigate Ivanti zero-days immediately
January 19, 2024 at 02:30PM CISA issued an emergency directive to address widespread exploitation of Ivanti Connect Secure and Ivanti Policy Secure flaws by threat actors. Federal agencies must immediately implement mitigation measures, report indications of compromise, and take action to restore impacted appliances. Threat monitoring service has detected compromised Ivanti appliances being used for…
-
CISOs Struggle for C-Suite Status Even As Expectations Skyrocket
January 19, 2024 at 01:12PM A survey of 663 security executives revealed that CISOs are increasingly expected to take on C-suite responsibilities without being recognized as such. The evolving role is driven by heightened regulatory scrutiny and demands for accountability. There’s a lack of board guidance for CISOs, who are often not integrated into the…
-
Critical Vulnerabilities Found in Open Source AI/ML Platforms
January 19, 2024 at 12:24PM Members of the Huntr bug bounty platform discovered critical vulnerabilities in MLflow and Hugging Face. The vulnerabilities in MLflow, with a CVSS score of 10, enabled attackers to delete files, access sensitive information, or execute remote code. Hugging Face also had a flaw allowing the injection of malicious code. ClearML…