Security
Headlines
HeadlinesLatestCVEs

Source

DARKReading

PIXM: Stopping Targeted Phishing Attacks With 'Computer Vision'

Chris Cleveland, founder of PIXM, talks about phishers’ evasive maneuvers and how organizations can tap Computer Vision to keep email and its users safe.

DARKReading
#vulnerability#web#git
Intel Adds New Circuit to Chips to Ward Off Motherboard Exploits

The countermeasure, which compares the time and voltage at which circuits are activated, is being implemented in 12th Gen Intel Core processors.

NIST Weighs in on AI Risk

NIST is developing the AI Risk Management Framework and a companion playbook to help organizations navigate algorithmic bias and risk.

Patch Now: 2 Apple Zero-Days Exploited in Wild

The fact that the flaws enable remote code execution, exist across all major Apple OS technologies, and are being actively exploited heightens the need for a quick response.

Cybersecurity Solutions Must Evolve, Says Netography CEO

Just as cyber criminals change tactics and strategy for more effectiveness, so must infosec pros and their organizations, according to Martin Roesch of Netography.

State-Sponsored APTs Dangle Job Opps to Lure In Spy Victims

APTs continue to exploit the dynamic job market and the persistent phenomenon of remote working, as explored by PwC at Black Hat USA.

BlackByte Ransomware Gang Returns With Twitter Presence, Tiered Pricing

Version 2.0 of the ransomware group's operation borrows extortion tactics from the LockBit 3.0 group.

Cyber Resiliency Isn't Just About Technology, It's About People

To lessen burnout and prioritize staff resiliency, put people in a position to succeed with staffwide cybersecurity training to help ease the burden on IT and security personnel.

Easing the Cyber-Skills Crisis With Staff Augmentation

Filling cybersecurity roles can be costly, slow, and chancy. More firms are working with third-party service providers to quickly procure needed expertise.

China's APT41 Embraces Baffling Approach for Dropping Cobalt Strike Payload

The state-sponsored threat actor has switched up its tactics, also adding an automated SQL-injection tool to its bag of tricks for initial access.