Aurascape Brings Visibility, Security Controls to Manage AI Applications
New cybersecurity startup Aurascape emerged from stealth today with an AI-native security platform to automate security policies for AI applications.
-
-
UK Orgs Pull Back Digital Projects With Looming Threat of Cyberwarfare
Artificial intelligence poses a significant concern when it comes to nation-state cyberthreats and AI’s ability to supercharge attacks.
-
Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw
Fortinet has released security updates to address a critical security flaw impacting FortiSwitch that could permit an attacker to make unauthorized password changes. The vulnerability, tracked as CVE-2024-48887, carries a CVSS score of 9.3 out of a maximum of 10.0. “An unverified password change vulnerability [CWE-620] in FortiSwitch GUI may allow a remote unauthenticated attacker…
-
Amazon EC2 SSM Agent Flaw Patched After Privilege Escalation via Path Traversal
Cybersecurity researchers have disclosed details of a now-patched security flaw in the Amazon EC2 Simple Systems Manager (SSM) Agent that, if successfully exploited, could permit an attacker to achieve privilege escalation and code execution. The vulnerability could permit an attacker to create directories in unintended locations on the filesystem, execute arbitrary scripts with root privileges,
-
2 Android Zero-Day Bugs Under Active Exploit
Neither security issue requires user interaction; and one of the vulnerabilities was used to unlock a student activist’s device in an attempt to install spyware.
-
Cryptocurrency Miner and Clipper Malware Spread via SourceForge Cracked Software Listings
Threat actors have been observed distributing malicious payloads such as cryptocurrency miner and clipper malware via SourceForge, a popular software hosting service, under the guise of cracked versions of legitimate applications like Microsoft Office. “One such project, officepackage, on the main website sourceforge.net, appears harmless enough, containing Microsoft Office add-ins copied from a
-
Sophos Firewall v21.5 early access is now available
Say hello to great new features and enhancements in v21.5.
-
Dangerous, Windows-Hijacking Neptune RAT Scurries Into Telegram, YouTube
The malware’s creators insist a new open source version of Neptune is for educational use by pen testers, but a raft of sophisticated backdoor and evasion capabilities says otherwise.
-
How Democratized Development Creates a Security Nightmare
No-code and low-code platforms offer undeniable benefits. But when security is an afterthought, organizations risk deploying vulnerable applications that expose sensitive data and critical systems.
-
Agentic AI in the SOC – Dawn of Autonomous Alert Triage
Security Operations Centers (SOCs) today face unprecedented alert volumes and increasingly sophisticated threats. Triaging and investigating these alerts are costly, cumbersome, and increases analyst fatigue, burnout, and attrition. While artificial intelligence has emerged as a go-to solution, the term “AI” often blurs crucial distinctions. Not all AI is built equal, especially in the SOC. Many