Microsoft boosts Windows 11 security with encrypted DNS server discovery and SMB encryption for outbound connections
With the release of the latest Canary build of Windows 11, Microsoft has introduced welcome new security options. The first gives administrators the option of requiring encryption of all outbound SMB client connections.
The second is the arrival of support for Discovery of Network-designated Resolvers (DNR) which allows for the automatic discovery of encrypted DNA servers. Eliminating the need for manual configuration is an ease-of-use move that makes adoption more likely.
How organizations can stay secure in the face of increasingly powerful AI attacks
It’s almost impossible to escape the hype around artificial intelligence (AI) and generative AI. The application of these tools is powerful. Text-based tools such as OpenAI’s ChatGPT and Google’s Bard can help people land jobs, significantly cut down the amount of time it takes to build apps and websites, and add much-needed context by analyzing large amounts of threat data. As with most transformative technologies, there are also risks to consider, especially when it comes to cybersecurity.
AI-powered tools have the potential to help organizations overcome the cybersecurity skills gap. This same technology that is helping companies transform their businesses is also a powerful weapon in the hands of cybercriminals. In a practice, that’s sometimes referred to as offensive AI, where cybercriminals use AI to automate scripts that exploit vulnerabilities in an organization’s security system or make social engineering attacks more convincing. There’s no doubt that it represents a growing threat to the cybersecurity landscape that security teams must prepare for.
Google Chrome will soon offer to hide your IP address for added privacy and security
Google is preparing to launch a new Chrome feature which will give users the ability to hide their IP address. Previously known as Gnatcatcher, the feature is now called IP Protection and makes use of proxies to help prevent online tracking.
IP Protection is described as "a privacy proxy that anonymizes IP addresses for qualifying traffic". One of its primary aims is to limit the possibility for fingerprinting as a means of tracking users online, which is something that has become increasingly common as steps are taken to block, and even kill off, third-party cookies.
Proactively preventing your company from becoming the next cyberattack headline
The news last month of yet another cyberattack on MGM Resorts, initiating a system shutdown and disrupting its operations, is yet another in a very long list of attacks that we have witnessed in the past couple of years. Having the right preventive and defensive cybersecurity measures in place for such attacks is a given, and it is what most organizations focus on. But it is also about understanding how the organization will recover from an incident and how they can limit the extent of an attack.
Today, being impacted by a cyberattack is almost inevitable. The global average cost of a data breach in 2023 was $4.45 million, a 15 percent increase over 3 years, according to IBM. Therefore, companies also need to think about how they can proactively recover, how quickly they can recover, and the cost of recovery to the business.
Global Encryption Day: Protecting our first line of defense
Today, Global Encryption Day 2023, marks the perfect opportunity to reflect on what has been a highly challenging year for the technology.
Encryption acts as a fundamental safeguard of data privacy, securing data both during transmission and while at rest. It often serves as a primary defense against hackers and is indispensable in preventing unauthorized access to sensitive information. With the risk of reputational damage and massive fines for those who are breached, it is essential for any organizations looking to ensure regulatory compliance.
Sleuthing for the threat of a Business Email Compromise
In this new era of generative artificial intelligence, one of the biggest security risks involves business email compromise attacks. Countless malicious phishing emails are already being cloned, refined, and delivered by smart AI bots around the world.
A business email compromise (BEC) is a sophisticated cybercrime that uses emails to trick the receiver into giving up funds, credentials, or proprietary information through social engineering and computer intrusion techniques. Many BEC attacks combine multi-channel elements to make the frauds seem more convincing, such as incorporating fake text messages, web links, or call center numbers into the mix with email payloads. For example, the attackers might spoof a legitimate business phone number to confirm fraudulent banking details with a victim.
BitLocker could be cutting the performance of SSDs almost in half in Windows 11
A new report goes some way to showing that the BitLocker security feature of Windows 11 could be massively reducing the performance of SSDs.
An investigation found that the data encryption tool, which is enabled by default in Windows 11 Pro, can slow solid state drives by as much as 45 percent. While it would be reasonable to expect a bit of a performance drop overall as the software works away encrypting and decrypting files, few people would expect the hit to be quite so significant.
Cybersecurity Awareness Month: Another year of challenging the 'inevitable'
Cybersecurity Awareness Month does precisely what its name suggests. It serves as a reminder of the sector's importance for businesses and consumers across the globe.
As we look back on yet another year where threats have continued to evolve, and the task at hand seems greater than ever -- it's important to take cognizance of the cyber-dangers out there and recognize our roles in the fight against 'hackers'.
Cybersecurity Awareness Month turns 20! What are the biggest cybersecurity challenges currently facing organizations?
It’s the 20th anniversary of Cybersecurity Awareness Month, and it’s safe to say a lot has changed in the cybersecurity industry since then. For example, just over the last year, we have seen the meteoric rise of generative AI and the huge impact it is already having on the cybersecurity industry.
Aaron Kiemele, CISO at Jamf, argues that now with the rise of generative AI, the threat posed by techniques such as phishing has completely changed: "With the advancements in large language models for machine learning, such as ChatGPT, cybercriminals are leveraging AI to automate attacks, analyze vast amounts of data, and craft more effective phishing emails or malware to achieve their nefarious ends. We can no longer rely on bad spelling or sketchy formatting."
WhatsApp adds passkey support to boost security
The Meta-owned messaging app WhatsApp has joined the growing legions of apps and services to support passkeys.
Initially available to Android users, the passwordless authentication feature makes it possible to secure a WhatsApp account with face recognition, a fingerprint or a PIN. It is a security feature that is billed as not only offering greater protection than passwords, but also being faster to use.
Apple will soon be able to update iOS on new iPhones in sealed boxes
It can be frustrating to buy a new phone only to discover that there is an OS update to install before you can start using it. For iPhone users this could soon be a thing of the past thanks to an innovative new system developed by Apple.
The recently released iPhone 15 suffered with an overheating issue that was later fixed with a software update, putting the onus on owners of new devices to download and install the patch. But a new "proprietary pad-like device" will allow Apple Stores to install the latest software on handsets without the need to open the box.
Security researchers can pocket financial rewards in the new Microsoft AI Bounty Program
Microsoft now has a bug bounty program that aims to find issues in artificial intelligence. Specifically, the Microsoft AI Bounty Program is focused on tracking down vulnerabilities in the company’s own AI-powered "Bing experience". This catch-all term covers a surprising number of products and services.
Interestingly, with this bounty program Microsoft is only offering rewards for the discovery of vulnerabilities considered Critical or Important. Those that are deemed of Moderate or Low severity will go unrewarded.
The top 5 tips for identifying and deterring suspicious API traffic
With the increasing reliance on APIs, detecting suspicious API traffic has become crucial to ensure the security and integrity of these interactions. Suspicious API traffic poses a huge threat to the overall system and its data, the traffic can indicate malicious intent such as unauthorized access attempts, data breaches, or even potential attacks targeting vulnerabilities in the API infrastructure.
API traffic refers to the data and requests that are transmitted between different applications or systems using APIs. This allows software programs to communicate and exchange information, enabling seamless integration and interaction between various platforms. API traffic also involves the transfer of data, such as requests for data retrieval or updates, between the client application and the server hosting the API.
The dark estate: Reclaiming productivity and millions
The modern workforce is more distributed and dependent on devices than ever before. In this hybrid work environment, digital employee experiences are siloed. IT teams are on the hook to ensure end-user productivity despite strained financial resources and the IT talent war.
Despite their technical expertise, IT service teams are limited in their ability to be in multiple locations at once. Distributed workforces further cause significant blind spots and open up businesses to vulnerabilities hiding in the dark estate. That’s where hidden issues live, yet IT teams can’t see them. The potential for unknown risks is nothing new in IT. So why should businesses care about the dark estate, especially now when IT departments are already burdened by lengthy lists of service requests, putting out fires, and keeping up with security challenges?
Cloud vs. on-premises: Unraveling the mystery of the dwell time disparity
In the ever-evolving realm of the cloud, dwell times are now measured in moments, not days. Whereas Mandiant’s 2023 M-Trends report highlighted a global median dwell time of 16 days for on-premises environments, the Sysdig Threat Research Team (TRT) recently reported in their 2023 Global Cloud Threat Report that cloud dwell time is five minutes.
To better understand the stark difference between defenders' abilities to find attackers in the cloud and on-premises, I sat down with the Sysdig TRT to discuss their findings. They circled around four distinct, but closely related reasons.
Recent Headlines
Most Commented Stories
© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.