If the pitches reaching my inbox are any indication, one of the hot new things in generative AI is “copilots” for cybersecurity. Microsoft has one. Google, too. So does Vicarius, the vulnerability remediation platform — recently, it launched a text-generating AI tool, vuln_GPT, that helps write system breach detection and remediation scripts. Perhaps it’s Vicarius’ … Read more
What happens when you hack a cybersecurity researcher? Kaspersky, a Moscow-based security firm, presented new details regarding zero-day vulnerabilities in Apple products on Wednesday. Kaspersky researchers are calling this the most sophisticated attack they’ve ever seen, exposing a previously unknown hardware feature. The attack has been front of mind for Kaspersky researchers because it’s been … Read more
Google, Amazon, Microsoft, and Cloudflare revealed this week that they battled massive, record-setting distributed denial of service attacks against their cloud infrastructure in August and September. DDoS attacks, in which attackers attempt to overwhelm a service with junk traffic to bring it down, are a classic internet menace, and hackers are always developing new strategies … Read more
Qualys As security holes go, CVE-2023-4911, aka “Looney Tunables,” isn’t horrid. It has a Common Vulnerability Scoring System (CVSS) score of 7.8, which is ranked as important, not critical. On the other hand, this GNU C Library’s (glibc) dynamic loader vulnerability is a buffer overflow, which is always big trouble, and it’s in pretty much … Read more