Eclypsium Automata discovers vulnerabilities in IT infrastructure
Eclypsium launches Automata, a new AI-assisted feature for its digital supply chain security platform. Available now, Automata is an automated binary analysis system that replicates the knowledge and tooling of expert security researchers to discover.....»»
Why cloud vulnerabilities need CVEs
When considering vulnerability management’s purpose in a modern world, it’s imperative to recognize the huge transition to new technologies and how you manage risk within these different paradigms and environments (e.g., the cloud). Patch net.....»»
Critics question tech-heavy lineup of new Homeland Security AI safety board
CEO-heavy board to tackle elusive AI safety concept and apply it to US infrastructure. Enlarge (credit: Benj Edwards | Getty Images) On Friday, the US Department of Homeland Security announced the formation of an Artific.....»»
UK enacts IoT cybersecurity law
The Product Security and Telecommunications Infrastructure (PSTI) Act has come into effect today, requiring manufacturers of consumer-grade IoT products sold in the UK to stop using guessable default passwords and have a vulnerability disclosure poli.....»»
Study reveals cancer vulnerabilities in popular dog breeds
Medium-sized dogs have a higher risk of developing cancer than the very largest or smallest breeds, according to a UC Riverside study......»»
DHS establishes AI Safety and Security Board to protect critical infrastructure
The Department of Homeland Security announced the establishment of the Artificial Intelligence Safety and Security Board (the Board). The Board will advise the Secretary, the critical infrastructure community, other private sector stakeholders, and t.....»»
Extraordinary Vietnam fraud case exposes the inherent vulnerabilities of banks
The financial crisis of 2008 showed just how much the world depends on banks being well run. Since then, regulators have been given new powers to keep some of the biggest institutions on a much shorter leash to stamp out risk, greed and corruption......»»
Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359)
A state-sponsored threat actor has managed to compromise Cisco Adaptive Security Appliances (ASA) used on government networks across the globe and use two zero-day vulnerabilities (CVE-2024-20353, CVE-2024-20359) to install backdoors on them, Cisco T.....»»
Nation-state hackers exploit Cisco firewall 0-days to backdoor government networks
Perimeter devices ought to prevent network hacks. Why are so many devices allowing attacks? Enlarge (credit: Getty Images) Hackers backed by a powerful nation-state have been exploiting two zero-day vulnerabilities in Ci.....»»
A shade closer to more efficient organic photovoltaics
Transparent solar cells will transform the look of infrastructure by enabling many more surfaces to become solar panels. Now, materials called non-fullerene acceptors that can intrinsically generate charges when exposed to sunlight could make semitra.....»»
Secureworks enables users to view known vulnerabilities in the context of threat data
Secureworks announced the ability to integrate vulnerability risk context with threat detection to prevent attackers from exploiting known vulnerabilities and expedite response times, improving an organization’s security posture. The integration be.....»»
MITRE breached by nation-state threat actor via Ivanti zero-days
MITRE has been breached by attackers via two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Ivanti’s Connect Secure VPN devices. The attackers have also managed to move laterally and compromise the company network’s VMware i.....»»
Cloud Console Cartographer: Open-source tool helps security teams transcribe log activity
Cloud Console Cartographer is an open-source tool that maps noisy log activity into highly consolidated, succinct events to help security practitioners cut through the noise and understand console behavior in their environment. “Infrastructure.....»»
How to optimize your bug bounty programs
In this Help Net Security interview, Roy Davis, Manager – Vulnerability Management & Bug Bounty at Zoom, discusses the role bug bounty programs play in identifying security vulnerabilities and facilitating collaboration with researchers. He off.....»»
AuditBoard expands executive team to support the next phase of growth
AuditBoard announced it has brought on public SaaS company veteran Jeff Harper as Chief Human Resources Officer (CHRO) to help scale the organization and infrastructure, continue to attract and retain exceptional talent, and steward AuditBoard’s aw.....»»
Hubble discovers over 1,000 new asteroids thanks to photobombing
Astronomers have used 19 years' worth of Hubble data to detect over 1,000 previously unknown asteroids in our solar system......»»
Ivanti patches critical Avalanche flaw exploitable via a simple message (CVE-2024-29204)
The newest version of Ivanti Avalanche – the company’s enterprise mobile device management (MDM) solution – carries fixes for 27 vulnerabilities, two of which (CVE-2024-29204, CVE-2024-24996) are critical and may allow a remote unau.....»»
92% of enterprises unprepared for AI security challenges
Most industries continue to run almost two or more months behind in patching software vulnerabilities, endpoints remain vulnerable to threats, and most enterprise PCs must be replaced to support AI-based technologies, according to the Absolute Securi.....»»
Damn Vulnerable RESTaurant: Open-source API service designed for learning
Damn Vulnerable RESTaurant is an open-source project that allows developers to learn to identify and fix security vulnerabilities in their code through an interactive game. “I wanted to create a generic playground for ethical hackers, developer.....»»
US Infrastructure Is Broken. Here’s an $830 Million Plan to Fix It
WIRED spoke with US transportation secretary Pete Buttigieg about recent grants to fix ancient roads, bridges, and other critical infrastructure before it’s too late......»»
The South"s aging water infrastructure is getting pounded by climate change. Fixing it is also a struggle
Climate change is threatening America's water infrastructure as intensifying storms deluge communities and droughts dry up freshwater supplies in regions that aren't prepared......»»