Link Trap: GenAI Prompt Injection Attack

Credit to Author: Jay Liao| Date: Tue, 10 Dec 2024 00:00:00 +0000

Prompt injection exploits vulnerabilities in generative AI to manipulate its behavior, even without extensive permissions. This attack can expose sensitive data, making awareness and preventive measures essential. Learn how it works and how to stay protected.

Read more

MITRE ATT&CK 2024 Results for Enterprise Security

Credit to Author: Mike Grodzki| Date: Mon, 09 Dec 2024 00:00:00 +0000

Enterprise 2024 will incorporate multiple, smaller emulations for a more nuanced and targeted evaluation of defensive capabilities. We’re excited to offer two distinct adversary focus areas: Ransomware targeting Windows and Linux, and the Democratic People’s Republic of Korea’s targeting macOS.

Read more

AI Pulse: What’s new in AI regulations?

Credit to Author: AI Team| Date: Mon, 30 Sep 2024 00:00:00 +0000

Fall is in the air and frameworks for mitigating AI risk are dropping like leaves onto policymakers’ desks. From California’s SB 1047 bill and NIST’s model-testing deal with OpenAI and Anthropic to REAIM’s blueprint for military AI governance, AI regulation is proving to be a hot and complicated topic.

Read more

Cybersecurity Compass: Bridging the Communication Gap

Credit to Author: Juan Pablo Castro| Date: Thu, 26 Sep 2024 00:00:00 +0000

Discover how to use the Cybersecurity Compass to foster effective conversations about cybersecurity strategy between non-technical and technical audiences, focusing on the phases of before, during, and after a breach.

Read more

Vulnerabilities in Cellular Packet Cores Part IV: Authentication

Credit to Author: Richard Y Lin| Date: Wed, 18 Sep 2024 00:00:00 +0000

Our research reveals two significant vulnerabilities in Microsoft Azure Private 5G Core (AP5GC). The first vulnerability (CVE-2024-20685) allows a crafted signaling message to crash the control plane, leading to potential service outages. The second (ZDI-CAN-23960) disconnects and replaces attached base stations, disrupting network operations. While these issues are implementation-specific, their exploitation is made possible by a systemic weakness: the lack of mandatory authentication procedures between base stations and packet-cores.

Read more

Confidence in GenAI: The Zero Trust Approach

Credit to Author: Sara Atie| Date: Thu, 22 Aug 2024 00:00:00 +0000

Enterprises have gone all-in on GenAI, but the more they depend on AI models, the more risks they face. Trend Vision One™ – Zero Trust Secure Access (ZTSA) – AI Service Access bridges the gap between access control and GenAI services to protect the user journey.

Read more

Bringing Security Back into Balance

Credit to Author: Eva Chen| Date: Sun, 04 Aug 2024 00:00:00 +0000

This article by Trend Micro CEO Eva Chen brings focus back to striking the cybersecurity strategies balance between business C-suite and information technology (IT) departments.

Read more

Cybersecurity Compass: An Integrated Cyber Defense Strategy

Credit to Author: Juan Pablo Castro| Date: Fri, 02 Aug 2024 00:00:00 +0000

Explore how the Cybersecurity Compass can guide various security professionals’ and stakeholders’ decision-making before, during, and after a breach.

Read more

AI Pulse: Brazil Gets Bold with Meta, Interpol’s Red Flag & more

Credit to Author: AI Team| Date: Tue, 30 Jul 2024 00:00:00 +0000

The second edition of AI Pulse is all about AI regulation: what’s coming, why it matters, and what might happen without it. We look at Brazil’s hard não to Meta, how communities are pushing back against AI training data use, Interpol’s warnings about AI deepfakes, and more.

Read more

How to Write a Generative AI Cybersecurity Policy

Credit to Author: Greg Young| Date: Mon, 29 Jul 2024 00:00:00 +0000

It’s clear that generative AI is a permanent addition to the enterprise IT toolbox. For CISOs, the pressure is on to roll out AI security policies and technologies that can mitigate very real and present risks.

Read more