Credit to Author: Matt Wixey| Date: Tue, 28 Nov 2023 11:00:13 +0000
Despite concern over illicit applications of ChatGPT and similar models, Sophos X-Ops’ exploration of cybercrime forums suggests many threat actors are still skeptical – and wrestling with the same issues and problems as the rest of us
Read moreA vulnerability in the ownCloud file sharing app could lead to the exposure of sensitive credentials like admin passwords.
Read moreCredit to Author: Jon Clay| Date: Mon, 27 Nov 2023 00:00:00 +0000
Heading to AWS re:Invent 2023? Don’t miss out on our talk with Melinda Marks, ESG Practice Director for Cybersecurity, about cloud detection and response (CDR) and what’s trending in cloud security.
Read more
Many business professionals require highly secure messaging solutions, particularly when they travel. Apple’s iMessage will soon offer a new secure identity verification system enterprise professionals might find useful. It’s called Contact Key Verification.
Apple actually announced the system in 2022. It is now expected to go live across the Apple ecosystem with the release of iOS 17.2 and updates for Macs and iPads.
Credit to Author: Reece Rogers| Date: Mon, 27 Nov 2023 15:15:01 +0000
Yes, your iPhone automatically turns on NameDrop with the latest software update. But you shouldn’t really be worried about it—regardless of what the police are saying.
Read more
Credit to Author: gallagherseanm| Date: Mon, 27 Nov 2023 11:30:18 +0000
Generative artificial intelligence technologies such as OpenAI’s ChatGPT and DALL-E have created a great deal of disruption across much of our digital lives. Creating credible text, images and even audio, these AI tools can be used for both good and ill. That includes their application in the cybersecurity space. While Sophos AI has been working […]
Read moreCredit to Author: Alifiya Sadikali| Date: Mon, 27 Nov 2023 00:00:00 +0000
Today’s attack surface requires modern processes and security solutions. Explore the tenants of modern attack surface management (ASM) and what Cloud teams need to look for in an ASM solution.
Read moreCredit to Author: Microsoft Threat Intelligence| Date: Wed, 22 Nov 2023 17:00:00 +0000
Microsoft has uncovered a supply chain attack by the threat actor Diamond Sleet (ZINC) involving a malicious variant of an application developed by CyberLink Corp. This malicious file is a legitimate CyberLink application installer that has been modified to include malicious code that downloads, decrypts, and loads a second-stage payload. The file, which was signed using a valid certificate issued to CyberLink Corp., is hosted on legitimate update infrastructure owned by the organization.
The post Diamond Sleet supply chain compromise distributes a modified CyberLink installer appeared first on Microsoft Security Blog.
Read more