Month: July 2024

Credit to Author: Microsoft Threat Intelligence| Date: Tue, 02 Jul 2024 16:00:00 +0000

Microsoft discovered and responsibly disclosed two vulnerabilities in Rockwell’s PanelView Plus that could be remotely exploited by unauthenticated attackers, allowing them to perform remote code execution (RCE) and denial-of-service (DoS). PanelView Plus devices are graphic terminals, which are known as human machine interface (HMI) and are used in the industrial space.

The post Vulnerabilities in PanelView Plus devices could lead to remote code execution appeared first on Microsoft Security Blog.

Credit to Author: Mark Russinovich| Date: Wed, 26 Jun 2024 17:00:00 +0000

Microsoft recently discovered a new type of generative AI jailbreak method called Skeleton Key that could impact the implementations of some large and small language models. This new method has the potential to subvert either the built-in model safety or platform safety systems and produce any content. It works by learning and overriding the intent of the system message to change the expected behavior and achieve results outside of the intended use of the system.

The post Mitigating Skeleton Key, a new type of generative AI jailbreak technique appeared first on Microsoft Security Blog.

Credit to Author: Steve Vandenberg| Date: Wed, 26 Jun 2024 16:00:00 +0000

Learn about the rise of cybersecurity committees and how the CISO and IT security team can work with them to produce the best result for the organization’s IT security and enable digital transformation.

The post Working with a cybersecurity committee of the board appeared first on Microsoft Security Blog.

Credit to Author: Microsoft Incident Response| Date: Tue, 25 Jun 2024 16:00:00 +0000

Discover key steps to bolster incident response readiness, from disaster recovery plans to secure deployments, guided by insights from the Microsoft Incident Response team.

The post How to boost your incident response readiness appeared first on Microsoft Security Blog.