February 27, 2024 at 11:27AM The US Department of Energy has invested $45 million in 16 projects to enhance cybersecurity in the energy sector. The projects aim to develop new tools to reduce cyber risks and fortify energy systems, covering areas like attack prevention, vulnerability detection, and quantum communication. General Electric, EPRI, and several universities … Read more
February 15, 2024 at 09:51AM A recent AppSec survey found that costly code reviews, limited security scrutiny, and manual cataloging of applications and APIs are common issues. Only 54% of major code changes undergo full security reviews, and organizations face challenges with the time and cost of the review process. The survey also highlights the … Read more
February 7, 2024 at 10:40AM A recent YouTube video demonstrated how a Raspberry Pi Pico can exploit a vulnerability to access a BitLocker-secured device in under a minute. The technique involves intercepting the unencrypted key passed between the TPM and CPU, using affordable components. While Microsoft acknowledges such attacks, mitigations can be implemented through the … Read more
February 6, 2024 at 08:35AM The fuzzing framework utilizes AI to enhance code coverage and accelerate vulnerability detection. Based on the meeting notes, the key takeaways are: – The fuzzing framework utilizes AI to enhance code coverage – The AI also helps to expedite vulnerability discovery Full Article
October 31, 2023 at 07:41PM Trend Micro offers zero day threat protection for networks by leveraging global research and artificial intelligence. Zero day threats are security vulnerabilities that haven’t been patched by the vendor community. These threats can cause significant damage, such as ransomware attacks, and organizations should take proactive measures to detect and remediate … Read more
October 23, 2023 at 06:21PM Cisco has released a patch for a critical bug in its IOS XE software that allowed criminals to exploit thousands of devices. However, the patch seems to be ineffective as the attackers have updated their implants to evade detection. A new variant of the implant hinders identification of compromised systems. … Read more