Cyber ​​attack prevention

Cisco VPN vulnerability test model revealedSecurity researcher publishes proof-of-concept model (PoC) leveraging a recently fixed flaw in Cisco's VPN software, highlighting potential security threat to corporate networksA security researcher recently revealed a proof of concept (PoC) model targeting a recently fixed security vulnerability in the Cisco AnyConnect Secure Mobility Client and Secure Client for Windows VPN applications. This software allows remote working employees to connect to the organization's network...

Accurx and Leicester NHS Trust: an alliance to fight waiting listsTechnology and healthcare come together in an innovative partnership to solve the problem of long waiting lists in hospitalsHealthcare organization University Hospitals of Leicester NHS Trust (UHL) has entered into an Innovation Partnership agreement with Accurx, a software company dedicated to integrating healthcare communications around individual patients. Like all NHS bodies, UHL aims to reduce its elective waiting list...

DarkBERT: the AI weapon in the fight against cybercrimeAn advanced language model trained on the dark web promises to revolutionize defense against cyberthreatsThe artificial intelligence (AI) sector has seen impressive growth in recent months, with large language models (LLMs) making their way onto the scene. The emblematic case is ChatGPT, an AI chatbot, capable of generating contents of various kinds - texts, images, audio - thanks to the analysis of an...

Revolutionizing transport: the future of ADAS in vehiclesAn insight into the trends, opportunities, and legal landscape impacting the deployment of Advanced Driver-Assistance Systems over the next half-decadeThe future of transportation holds immense promise with the evolution of Advanced Driver-Assistance Systems (ADAS). In the past decade, billions of dollars have been invested in these technologies, aiming to revolutionize our roads and transport logistics. Market predictions suggest ADAS could generate...

Enel launches the Cyber Harbour: Turin's cybersecurity hubThe energy giant puts Turin at the center of its strategies with a new research and development center that aims to protect critical infrastructures and companies from cyber attacksEnel has decided to focus on Turin as the site of its new research center for information security, called "Cyber Harbour". The project, unveiled on June 19 at the Lingotto, the energy giant's new operational base, envisages that the center is not only a stronghold of security but also a place of connection...

Jiuzhang: the quantum revolution in the computing worldFrom a chinese laboratory comes a supercomputer capable of eclipsing any traditional rival, opening new horizons for artificial intelligenceIn the world of quantum computers, one stands out for its incredible performance: the Jiuzhang, created by a group of scientists led by Pan Jianwei, recognized in China as the "father of quantum computing". According to the South China Morning Post, the Jiuzhang can perform artificial intelligence (AI)...

Cyber security: a priority for the sports worldThe increase in cyberattacks in the sports sector underlines the importance of preventive strategies and collaboration with cybersecurity expertsWe live in an age where the use of the Internet is increasingly predominant and as such, cyber security plays a crucial role. Every entity, from companies to government institutions, and every individual, is susceptible to being the target of cyber attacks. That's why taking preventive measures to defend...

New frontiers of technological surveillanceBetween state-of-the-art prison monitoring systems and government data collection, privacy is increasingly under siegeA prison in Atlanta, Georgia has introduced a state-of-the-art monitoring system that not only records the whereabouts of inmates, but also their heartbeat. This system, developed by Talitrix, uses hundreds of sensors attached to inmate-wearable bracelets, similar to those of Fitbits. Although prison...

Cybersecurity 2023: new technological frontiers to defend against cybercrimeFrom artificial intelligence to blockchain: how emerging innovations are revolutionizing digital securityThe importance of cybersecurity is now essential for companies and individuals in an era characterized by the incessant increase in cyber attacks and data breaches. The continuing evolution of cybercriminals and the changing nature of cyber threats have heightened the need for advanced cybersecurity...

Vulnerability Etag: the anonymity of Tor at riskA recent discovery shows how the Etag HTTP header can be exploited to reveal the hidden IP address of Tor servicesTor is known for providing a higher level of anonymity online, making it difficult for users to be identified and tracked. However, a recent discovery has exposed a possible vulnerability. This comes from the use of an HTTP header called Etag, which can potentially reveal the true IP address of a service.Etag...

The tech paraphernalia of 2023: maximize the growth of your startupLearn about the leading software tools that are revolutionizing how new businesses operate and thrive in the digital ageStarting a business can be challenging, especially if you have limited resources and budget. However, there are a number of pieces of software that can help you establish your business quickly and efficiently without draining your budget. One of them is Eye10, a simplified search engine optimization...

Safe surfing in the sea of telecommuting: 10 key cyberthreatsDiscover the most frequent risks of remote working to protect your data and keep your digital security barrier strongWith the rise of remote working, catalysed by the Covid-19 pandemic, cybersecurity has become critical for businesses. While telecommuting offers work flexibility and cost savings, it also introduces a number of cybersecurity risks that need to be addressed. In this article, we'll explore the 10 most...

Exponential growth expected in the industrial cyber security marketThe industrial sector faces complex challenges in the digital age: the risks of cyber security and the importance of employee trainingAccording to a recent report by Future Market Insights (FMI), the Industrial Cyber Security Market is forecast to expand with a compound annual growth rate (CAGR) of 7.7% from 2022 to 2032. The market is projected to reach a valuation of $20.7 billion in 2022 and $43.5 billion by 2032.The challenges...

Boom of SMS scams: 330 million dollars lost in the last year aloneFTC report shows a worrying increase in message scams: FBI and cybersecurity experts share tips on how to recognize and prevent themThe report released last week by the Federal Trade Commission (FTC) reveals a disturbing reality: SMS scams have caused economic damage in excess of $ 330 million in the last year alone. This figure marks a notable increase from the previous year's 131 million and the 86 million recorded in 2020.Smishing:...

Trend Micro revolutionizes threat hunting with generative AIAI assistant, based on GPT 3.5, promises to streamline security center operations and speed up incident investigationsTrend Micro Inc. today launched "Companion", a new GPT 3.5-based generative AI assistant. This tool is designed to be a trusted point of reference for Security Operations Center (SOC) teams, to which they can turn to answer questions related to threat hunting. Companion integrates with Trend Vision One...

Safeguard the energy sector from cyberattacksFour essential strategies to strengthen the resilience of the energy sector against increasingly sophisticated cyber threatsIn the context of digital evolution, energy operators are increasingly connecting decades-old systems, combining information (IT) and operational (OT) technologies. Traditional security techniques, based on the model of total separation between digital and physical systems, have proved inadequate to...

Zilla Security launches SaaS innovations for corporate identity securityWith Zilla Secure and SOD, the company aims to revolutionize the security management of cloud and SaaS applications, making it easier to identify and fix improper access configurationsZilla Security has unveiled two new software-as-a-service (SaaS) solutions, Zilla Secure and Segregation of Duties (SOD). These innovations aim to improve enterprise-level identity security for cloud-based applications and infrastructure, SaaS and legacy applications.The need for new security tools in...

Zscaler innovates cloud security: new services for the Zero Trust ExchangeThe new offering enhances branch office monitoring, attack mitigation and secure connection, revolutionizing IT managementZscaler, the innovative security company, unveiled four new services and capabilities to further enhance its Zscaler Zero Trust Exchange cloud security platform. The new additions deliver significant improvements in monitoring and remediating sophisticated attacks, as well as providing a new way to securely...

Cryptographic attack revealed: cameras become hacking toolsThe secret keys of smart cards and smartphones could be compromised thanks to an innovative attack that uses video cameras and power LEDsResearchers have developed an innovative attack that allows the recovery of secret encryption keys contained in smart cards and smartphones. This is accomplished by using iPhone cameras or commercial surveillance systems to record power LEDs, which indicate when the smart card reader or smartphone is...

Security flaw exposed in WooCommerce Stripe Gateway pluginMajor vulnerability could allow attackers to access and disclose sensitive information, affecting over 900,000 active installationsA security flaw has been discovered in the WordPress WooCommerce Stripe Gateway plugin, which could lead to unauthorized disclosure of sensitive information. This vulnerability has been tracked under the designation CVE-2023-34000, which affects plugin versions 7.4.0 and earlier.Fixed the problem and...

Microsoft addresses 73 software vulnerabilities on June 2023 Patch TuesdayTech giant fixes a number of critical security flaws, including a Chromium zero-day bug, in its latest updateMicrosoft released updates to fix important security holes in its Windows operating system and other software components during the June 2023 Patch Tuesday updates. Of 73 identified vulnerabilities, six are rated Critical, 63 Important, two Moderated, and one Low as for gravity. This also includes three...

The cybersecurity in the nuclear domain: an examination of NNSAAn in-depth exploration of the National Nuclear Security Administration's approach to managing cybersecurity risks in its digital and nuclear weapon systemsThe National Nuclear Security Administration (NNSA) is responsible for managing the cybersecurity risks of complex systems that extend beyond typical computer networks. These systems are incorporated in nuclear weapon components and the weapons themselves. While the NNSA has been creating policies and...

Fortinet releases patches to fix a serious vulnerability in FortiGate firewallsCritical vulnerability CVE-2023-27997 discovered by a Lexfo researcher could allow remote code execution if exploited by a threat actorFortinet has released a series of patches to fix a critical security vulnerability in its FortiGate firewalls. The aforementioned vulnerability could be exploited by a threat actor to remotely execute code. Lexfo security researcher Charles Fol, who discovered and reported the flaw, said in a tweet over...

The new frontiers of cybersecurity: interview with the director of the National AgencyFrattasi, the director of the Cybersecurity Agency, commits to faster cyber education, artificial intelligence adoption, and agency expansionBruno Frattasi, director general of the National Cybersecurity Agency, in an interview, talks about the constant progress of the Agency. Key topics include Pnrr implementation, 5G transition, contracts and resilience. The Agency is also considering a possible move to a new location. Through the use of...

IT security of SMEs: risks and solutionsHow to protect SME IT security from human error and the use of personal devicesThe IT security of companies, especially small and medium-sized enterprises, is increasingly exposed to cyber risks and attacks, as recently reported by Kaspersky. Many of these attacks come from inside the company and are caused by employee misconduct. According to Pierluigi Paganini, cyber security...

June 2023 Android security updates: fix critical vulnerability CVE-2022-22706Fixed a serious vulnerability that put the security of mobile devices at riskGoogle has released the Android Security Bulletin for June 2023, which contains fixes for 56 vulnerabilities found in its operating system, across all its versions 11 to 13. Among the 56 vulnerabilities, 5 were classified as critical. Exploiting vulnerabilities can lead to attacks of various nature,...

Patched critical security vulnerability in Windows: details emergeThe exploit, now fixed, gave attackers potential access to system privileges. Cybersecurity firm Numen Cyber reveals how the important loophole could have been exploitedDetails are emerging about a now-fixed security vulnerability that was being actively exploited in Microsoft Windows. This could be used by a threat actor to gain elevated privileges on affected systems. This vulnerability, identified as CVE-2023-29336, has been rated with a severity rating of 7.8 and...

Protecting hospitals from cyber attacks: the objectives of the new NHS Cyber Security StrategyFocus on the strategy that aims to protect the british healthcare system from cyber risks, prevent attacks and guarantee the security of sensitive dataThe growing attention of cybercriminals towards the NHS poses a direct threat to people's lives. The numerous organizations in the healthcare system must guarantee the maximum possible protection of the privacy of their patients, an objective to which the new NHS Cyber Strategy promoted by the British...

Inauguration of the Global Cybersecurity Forum Institute: cybersecurity for a global futureA new international platform to address the challenges and opportunities of cyberspace, enhancing collaboration and innovation among global stakeholdersThe recent establishment of the Global Cybersecurity Forum Institute represents a significant step forward in addressing systemic challenges and exploiting the many opportunities presented by cyberspace. This new body, aimed at promoting collaboration among the world's key cybersecurity stakeholders,...

Security challenges in AI: detailed analysis by the EU Agency for CybersecurityReports from ENISA highlight fundamental challenges of AI in terms of privacy and security, gaps in research and best practices to secure AI systemsThe EU Cybersecurity Agency, ENISA, recently released a series of reports highlighting the challenges Artificial Intelligence (AI) faces in cybersecurity. These reports were released simultaneously with the AI Cybersecurity Conference, organized by ENISA, during which the cybersecurity implications for...

The challenge of cybersecurity: defending against AI threats and exploiting their opportunitiesIn-depth analysis of new threats and innovative strategies of effective proactive defense based on artificial intelligenceTechnologies based on artificial intelligence (AI) are rapidly transforming the world, but at the same time, they represent a source of cybersecurity risk. New cyber threats are increasingly sophisticated thanks to the ease of access to tools and methodologies that were unthinkable until recently. Furthermore,...

VMware addresses critical vulnerabilities in Aria Operations for NetworksThe tech giant quickly responds to three serious vulnerabilities, protecting businesses from possible remote code execution attacksVMware, the virtualization technology giant, released urgent fixes on Wednesday to address security flaws in its Aria Operations for Networks product. These vulnerabilities put enterprises at risk by exposing them to possible remote code execution attacks.Three critical vulnerabilities in network and...

Strengthening SaaS security: challenges and effective strategiesThe increase in security incidents related to SaaS applications requires a revolution in threat prevention and detection strategiesCurrent security strategies for Software-as-a-Service (SaaS) applications are unsatisfactory, according to a report from Adaptive Shield. This is evidenced by the many recent security incidents related to SaaS applications. “We wanted to gain a deeper understanding of incidents in SaaS applications a...

Optimize cybersecurity with behavior analyticsImplementation of UEBA and other analytical tools to improve threat detection and incident responseBehavior analysis is a powerful tool in the field of information security. Methodologies such as User and Entity Behavior Analysis (UEBA), Network Traffic Analysis (NTA), Anomaly Detection, Threat Hunting, and Risk Assessment and Prioritization play a crucial role in identifying and counter security...

Public vs private sector: differences in application securityHow government organizations can overcome security challenges in software applications to ensure effective data protectionApplications developed by public sector organizations tend to have more security flaws than those created by the private sector, as noted by Veracode. These findings are of particular significance as an increase in flaws and vulnerabilities in applications translates into increased levels of risk. The...

Apple strengthens privacy and security with several innovationsNew tools and updates in Safari private browsing, Communication safety and Lockdown mode for safer and more controlled browsingApple announced its latest privacy and security innovations, including major updates to Safari Private Browsing, Communication Safety and Lockdown Mode, as well as app privacy improvements. Additionally, the company introduced new features designed with privacy and security at its core, including Check...

OpenAI and Microsoft unveil groundbreaking AI cybersecurity grant initiativeFostering innovation in cybersecurity: A bold new approach to empower defenders and elevate discourseOpenAI, with the backing of Microsoft, recently launched an inventive cybersecurity grant initiative. This groundbreaking move is part of their broader effort to strengthen artificial intelligence (AI)-based cybersecurity measures. This commitment to cybersecurity enhancement is showcased by the proactive...

New web skimmer attack: Akamai reveals threat to e-commerce sitesAkamai investigation exposes growing harmfulness of e-skimming techniques, putting personal data and credit card information at riskAkamai, a leading cybersecurity company, has recently detected a sophisticated Magecart-style web skimming campaign targeting the theft of Personally Identifiable Information (PII) and credit card data from e-commerce portals. During the operation, attackers use a combination of evasive strategies including...

Trellix boosts cybersecurity in Africa with scalable XDR platformUnveiling AI and machine learning-based security solutions to strengthen the digital landscape in Africa, Trellix fortifies local partnerships and empowers businesses with its "living security" app...Trellix, a leading global cybersecurity firm, is looking to extend its presence in Africa by implementing its versatile Extended Detection and Response (XDR) cybersecurity platform. The corporation intends to cater to business-specific needs by offering state-of-the-art enterprise-level cybersecurity...

The race for artificial intelligence: Josh Lospinoso's alarmThe cybersecurity expert highlights the threats of AI and the need for security in military and commercial operationsBefore founding his current startup, Shift5, which works with the US military, railway operators and airlines such as JetBlue, Josh Lospinoso had already created a cybersecurity startup that was purchased in 2017 by Raytheon/Forcepoint. A former Army captain and 2009 West Point graduate, Lospinoso spent...

In the sea of cybersecurity: focus on Walmart and the Zero-Trust approachFind out how companies can protect themselves from cyber threats in an increasingly digitized world, taking inspiration from Walmart and the implementation of the Zero-Trust modelThe growing occurrence of cybersecurity breaches involving organizations of all sizes is a serious problem that cannot be ignored. From giants like Apple, T-Mobile and Uber, no company appears to be immune, with breaches costing American businesses millions of dollars. This vulnerability has been amplified...

5G networks: discover the risks and how to mitigate themFrom slow 5G deployment to cybersecurity challenges, we explore the 5G landscape and offer strategies to protect your devicesThe introduction of 5G networks has proved to be a slower process than expected. Although the concept was unveiled in 2016, its global availability was only achieved in 2019. Four years later, the share of the population with 5G-enabled devices remains low in most countries. It is unclear whether the...

Galvanick leads innovation in industrial safety with $10 million in fundingCybersecurity startup plans to revolutionize critical infrastructure defense with backing from well-known investorsGalvanick, an early start-up working on an Extended Detection & Response (XDR) platform for industrial infrastructure, has secured $10 million in venture capital funding. This Los Angeles-based company was co-founded by cybersecurity veterans from the US government and Amazon. Several investment firms...

Fortify your web applications: comprehensive guide to penetration testing and PTaaS for continuou...Discover the seven stages of effective pen testing and the benefits of Pen Testing as a Service (PTaaS) for proactive and continuous web application securityWith the increasing sophistication of cyber-attacks, organizations are recognizing the critical need to protect their web applications from security vulnerabilities. Penetration testing, or pen testing, has emerged as a common practice for identifying and addressing such vulnerabilities. This article...

The revolutionary impact of machine learning in cybersecurityAn overview of the crucial role of machine learning in strengthening defenses against emerging cyber threats and attacksMachine learning has emerged as one of the most dynamic fields in data science, acting as a subset of artificial intelligence that allows systems to learn from data and make accurate predictions, detect anomalies or make recommendations through various techniques. These methods extract insights from...

Microsoft discovers vulnerabilities in macOS operating systemsMigraine vulnerability allows attackers to bypass System integrity protection security feature, with serious implications on data protection and system stabilityTech giant Microsoft and its security team have discovered and reported to Apple a significant vulnerability in macOS operating systems, dubbed "Migraine". This security flaw, which has the identification number CVE-2023-32369, has raised serious concerns in terms of data protection and system stability....

Proactive cyber defense: a necessity in the digital ageHow collective strategy, innovation and holistic approach can ensure the security of our digital ecosystem in a fast-changing worldThe increase in incidents related to cyber crime, which have recently hit law enforcement agencies and one of the country's online payment providers, highlight how in this digital age nothing is inviolable. Importantly, these high-profile attacks occurred during military exercises and a time of rising...

Digital intrigues: the siege of cybercriminals on the video game industryFrom the explosion of DDoS to the exploit of APIs and web applications: how the gaming industry can counter the growing threat of cybercrimeIn recent years, the video game industry has experienced exponential growth, attracting millions of gamers around the world thanks to a wide range of interactive experiences. However, this popularity has attracted the attention of cybercriminals, who seek to exploit its vulnerabilities. The reasons why...

Charlotte AI: the innovative cyber security assistant launched by CrowdStrikeA breakthrough innovation that promises to close the skills gap, automate repetitive tasks and accelerate response to cyber threatsCrowdStrike, a leading cybersecurity company, has announced the launch of Charlotte AI, an innovative assistant powered by generative artificial intelligence. This AI-powered cyber security analyst can be used by users of different skill sets, from newbies to experts, to tackle critical cyber security...

Josh Lospinoso and artificial intelligence: a balance between innovation and securityThe founder of Shift5 illustrates the potential and threats of AI in the field of cyber security, warning about possible vulnerabilitiesJosh Lospinoso, a cybersecurity veteran, has an impressive resume. In 2017, its first cybersecurity startup was acquired by Raytheon/Forcepoint. His second venture, Shift5, partners with the US military, railroad operators, and airlines like JetBlue. Lospinoso, a 2009 West Point graduate and Rhodes Scholar,...