#ThreatDetection

Security Experts Describe AI Technologies They Want to See

by

January 22, 2024 at 12:19PM The cybersecurity industry seeks transformational technologies to mitigate cyberattacks. AI and Large Language Models (LLMs) have gained traction, particularly in generative-AI applications, attracting significant investment. Security experts envision AI as a proactive guardian, playing a crucial role in real-time defense systems, insider threat detection, and behavioral analytics. AI’s potential lies … Read more

AI Gives Defenders the Advantage in Enterprise Defense

by

January 19, 2024 at 02:46PM The International Conference on Cyber Security at Fordham University highlighted the increasing use of AI for enterprise defense against adversaries. While CISOs acknowledge the importance of AI, they are also prioritizing supply chain security, authentication technologies, and addressing the implications of global conflicts on critical infrastructure. CISOs believe AI provides … Read more

Modernize Federal Cybersecurity Strategy with FedRAMP

by

January 18, 2024 at 12:14PM Government modernization of cybersecurity strategies, including FedRAMP adoption and value-driven digital ecosystem development, is crucial to combat evolving cyber threats. Challenges like outdated technology, budget constraints, and disjointed security operations hinder progress. Yet, strategic investments in endpoint detection and response solutions and FedRAMP-authorized products can enhance security operations and empower … Read more

ESET Launches New Managed Detection and Response (MDR) Service for Small and Midsize Businesses

by

January 17, 2024 at 05:06PM ESET, a leading cybersecurity company, has launched ESET MDR, an innovative solution tailored for SMBs to address evolving cybersecurity challenges. The service combines AI-powered automation, human expertise, and comprehensive threat intelligence to provide unmatched threat detection and incident response. This offering will help SMBs enhance their security postures and meet … Read more

Taking a Page From Data Scientists for Better Security

by

January 12, 2024 at 08:44AM Organizations are facing data challenges as the use of cybersecurity solutions grows, leading to compartmentalized and costly data storage. Implementing a security data lake can break down data silos and improve visibility for threat detection. However, successful implementation requires identifying data gaps, standardizing and normalizing data, and prioritizing security best … Read more

Claroty Welcomes Former US National Cyber Director Chris Inglis to Advisory Board

by

January 11, 2024 at 01:44PM Chris Inglis, former U.S. National Cyber Director, joins Claroty’s advisory board to enhance the company’s mission of safeguarding critical global infrastructure. His vast expertise in cybersecurity and national defense, spanning military, civilian, and government roles, will drive innovation in security solutions. CEO Yaniv Vardi emphasizes Inglis’s invaluable government insights for … Read more

Vulnerability Handling in 2023: 28,000 New CVEs, 84 New CNAs

by

January 8, 2024 at 06:18AM The number of CNA organizations and CVE identifiers increased in 2023. There were 28,902 published CVEs with an average of 80 new CVEs per day, and the average CVSS score was 7.12. The number of new CNAs announced increased to 84, totaling nearly 350 CNAs from 38 countries. The top … Read more

Stealthy AsyncRAT malware attacks targets US infrastructure for 11 months

by

January 7, 2024 at 03:37PM An ongoing campaign has been distributing the AsyncRAT malware for the past 11 months, utilizing various loader samples and domains. AsyncRAT, a Windows remote access tool, facilitates unauthorized access, data theft, and malware deployment. The attacks target specific individuals and companies, employing sophisticated techniques to avoid detection. Researchers provide detection … Read more

Hackers target Apache RocketMQ servers vulnerable to RCE attacks

by

January 5, 2024 at 12:38PM Security researchers have identified critical vulnerabilities, CVE-2023-33246 and CVE-2023-37582, in Apache RocketMQ. Despite an initial patch, these vulnerabilities remain active, impacting the NameServer component in RocketMQ version 5.1 and older. Attackers can exploit these flaws to execute commands and should upgrade to version 5.1.2/4.9.7 or higher to prevent attacks. ShadowServer … Read more

Why Red Teams Can’t Answer Defenders’ Most Important Questions

by

January 5, 2024 at 10:06AM In 1931, Alfred Korzybski emphasized the limitations of models, likening them to maps that cannot fully represent reality. Red-team assessments often fail to test enough attack variants to accurately gauge defense strength, leaving defenders uncertain about their security posture. To address this, organizations can explore alternatives like Atomic Testing and … Read more