Blog

Artificial intelligence is coming to Windows: Are your security policy settings ready?

What’s in your Windows security policy? Do you review your settings on an annual basis or more often? Do you provide education and training regarding the topics in the policy? Does it get revised when the impact of an incident showcases that an internal policy violation led to the root cause of the issue? And, importantly, do you have a security policy that includes your firm’s overall policies around the increasing race towards artificial intelligence, which is seemingly in nearly every application released these days? From word processing documents to the upcoming Windows 11, which will include AI prompting in the Explorer platform, organizations should review how they want their employees to treat customer data or other confidential information when using AI platforms. To read this article in full, please click here
http://news.poseidon-us.com/SqbY1G

Building a hyper-connected future with 6G networks

The advent of 6G communication systems brings forth new possibilities and advancements compared to previous generations. With hyper-connectivity and machine-to-machine communication at its core, 6G aims to bridge the gap between humanity and the world of machines. In this Help Net Security interview, Shamik Mishra, Capgemini‘s CTO of Connectivity, delves into the emerging themes and technologies shaping 6G, its performance metrics compared to 5G, the role of advanced AI algorithms, the impact of higher frequencies, … More → The post Building a hyper-connected future with 6G networks appeared first on Help Net Security.
http://news.poseidon-us.com/SqbNB4

Incorporating cloud security teams into the SOC enhances operational efficiencies

Security leaders are recognizing that cloud and the way cloud security teams work today are becoming increasingly critical to business and IT operations, according to Trend Micro. As a result, cloud security and the foundational practices of their teams will be absorbed into the SOC to increase efficiencies in the coming years. “Valuable innovations always cross the threshold and are absorbed into standard operations — happened with virtualization, and it will happen again with cloud,” … More → The post Incorporating cloud security teams into the SOC enhances operational efficiencies appeared first on Help Net Security.
http://news.poseidon-us.com/SqbN6h

Maximizing the defender’s advantage: Five steps cyber leaders can take today

Dan VanBelleghem, a senior director, cybersecurity programs, at General Dynamics Information Technology (GDIT), explains how agencies can stay ahead of cyber attackers.
http://news.poseidon-us.com/SqZ98k

Regular business, like your agency’s budget, is coming back to life in Congress

Committees in the House will take up two important issues this week: Agency budgets for 2024 and the next National Defense Authorization Act (NDAA). This will transpire as Congress recovers from its exertions over the debt ceiling.
http://news.poseidon-us.com/SqYmhw

Threat intelligence programs poised for growth

In my last CSO article, I detailed cybersecurity professionals’ opinions on the characteristics of a mature cyber-threat intelligence (CTI) program. According to ESG research, the top attributes of a mature CTI program include dissemination of reports to a broad audience, analysis of massive amounts of threat data, and CTI integration with lots of security technologies. Alas, most CTI programs are far from mature, but this may change over the next few years as most enterprise organizations bolster CTI program investment. Sixty-three percent of enterprises plan to increase CTI program spending “significantly” over the next 12 to 18 months, while another 34% plan to increase CTI program spending “somewhat.” To read this article in full, please click here
http://news.poseidon-us.com/SqXhYy

Lack of adequate investments hinders identity security efforts

Organizations are still grappling with identity-related incidents, with an alarming 90% reporting one in the last 12 months, a 6% increase from last year, according to The Identity Defined Security Alliance (IDSA). Protecting digital identities As identities continue to significantly grow, identity stakeholders are faced with an increasing number of barriers without the needed support from leadership. A staggering 49% report that their leadership teams understand identity and security risks and proactively invest in protection … More → The post Lack of adequate investments hinders identity security efforts appeared first on Help Net Security.
http://news.poseidon-us.com/SqX5fB

ISC Stormcast For Monday, June 12th, 2023 https://isc.sans.edu/podcastdetail/8534, (Mon, Jun 12th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
http://news.poseidon-us.com/SqX3NC

Fortinet patches pre-auth RCE, update your Fortigate firewalls ASAP! (CVE-2023-27997)

Fortinet has released several versions of FortiOS, the OS/firmware powering its Fortigate firewalls, without mentioning that they include a fix for CVE-2023-27997, a remote code execution (RCE) flaw that does not require the attacker to be logged in to exploit it. The vulnerability has been fixed in FortiOS versions 7.2.5, 7.0.12, 6.4.13, 6.2.15 and, apparently also in v6.0.17 (even though Fortinet officially stopped supporting the 6.0 branch last year). Enterprise admins are advised to upgrade … More → The post Fortinet patches pre-auth RCE, update your Fortigate firewalls ASAP! (CVE-2023-27997) appeared first on Help Net Security.
http://news.poseidon-us.com/SqWSRl

DShield Honeypot Activity for May 2023 , (Sun, Jun 11th)

It is always interesting to review what my DShield honeypot has stored the previous month, what is also interesting is how the activity vary from week to week. Beside the graph, it is the Top 10 IPs for May.
http://news.poseidon-us.com/SqW9SC