ICS Network Controllers Open to Remote Exploit, No Patches Available
CISA advisory warns of critical ICS device flaws, but a lack of available fixes leaves network administrators on defense to…
April 2024
GPT-4 Can Exploit Most Vulns Just by Reading Threat Advisories
Existing AI technology can allow hackers to automate exploits for public vulnerabilities in minutes flat. Very soon, diligent patching will…
Russian APT Group Thwarted in Attack on US Automotive Manufacturer
The group gained access to the victim network by duping IT employees with high administrative-access privileges.
Rebalancing NIST: Why ‘Recovery’ Can’t Stand Alone
The missing ingredient in NIST's newest cybersecurity framework? Recovery.
Break Security Burnout: Combining Leadership With Neuroscience
Industry leaders aim to solve the threat to both the mental health of workers and security of organizations with solutions…
Sneaky Shellcode: Windows Fibers Offer EDR-Proof Code Execution
Two new code-execution techniques, Poison Fiber and Phantom Thread, take advantage of a little-known Windows OS workhorse to sneak shellcode…
Nigeria & Romania Ranked Among Top Cybercrime Havens
A survey of cybercrime experts assessing the top cybercrime-producing nations results in some expected leaders — Russia, Ukraine, and China…
Open Source Tool Looks for Signals in Noisy AWS Cloud Logs
Permiso Security announced Cloud Console Cartographer during Black Hat Asia to help defenders look inside Amazon Web Services events logs…
Countering Voice Fraud in the Age of AI
Caller ID spoofing and AI voice deepfakes are supercharging phone scams. Fortunately, we have tools that help organizations and people…
For Service Accounts, Accountability Is Key to Security
Modern networks teem with machine accounts tasked with simple automated tasks yet given too many privileges and left unmonitored. Resolve…