433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | [email protected] | Office: (813) 563-2652

5 ways threat actors can use ChatGPT to enhance attacks

The Cloud Security Alliance (CSA) has revealed five ways malicious actors can use ChatGPT to enhance their attack toolset in a new report exploring the cybersecurity implications of large language models (LLMs). The Security Implications of ChatGPT paper details how threat actors can exploit AI-driven systems in different aspects of cyberattacks including enumeration, foothold assistance, reconnaissance, phishing, and the generation of polymorphic code. By examining these topics, the CSA said it aims to raise awareness of the potential threats and emphasize the need for robust security measures and responsible AI development. To read this article in full, please click here
http://news.poseidon-us.com/SnCgHM

BrandPost: The evolution of security service edge (SSE) and zero trust

With the recent publication of Gartner’s updated Magic Quadrant for Security Service Edge, we have been asked by several CXOs about this fast-growing solution category and how it relates to zero trust. The short answer is that they are closely intertwined. Zero trust is a framework for securing organizations in the cloud and mobile world that asserts that no user or application should be trusted by default. Zero trust is a way of thinking permeating across several areas, not just new architecture or technology. There are practical zero trust implementations from vendors, like Zscaler, that have solutions with zero trust frameworks at their core. Once deployed, zero trust technology provides secure access to public or private destinations for users, things, and workloads. To read this article in full, please click here
http://news.poseidon-us.com/SnBLrw

What’s next for agencies in their zero trust journey

A year after President Biden outlined the federal zero trust architecture strategy along with the requirements for meeting specific cybersecurity standards and objectives by fiscal year 2024, agencies are in a crucial stage of development.
http://news.poseidon-us.com/SnBGsg

PaperCut vulnerabilities leveraged by Clop, LockBit ransomware affiliates

Clop and LockBit ransomware affiliates are behind the recent attacks exploiting vulnerabilities in PaperCut application servers, according to Microsoft and Trend Micro researchers. The detected campaings “Microsoft is attributing the recently reported attacks exploiting the CVE-2023-27350 and CVE-2023-27351 vulnerabilities in print management software PaperCut to deliver Clop ransomware to the threat actor tracked as Lace Tempest (overlaps with FIN11 and TA505),” Microsoft shared. “Lace Tempest (DEV-0950) is a Clop ransomware affiliate that has been observed … More → The post PaperCut vulnerabilities leveraged by Clop, LockBit ransomware affiliates appeared first on Help Net Security.
http://news.poseidon-us.com/Sn8jL9

Why Russia’s cyber arms transfers are poor threat predictors

The history of international cyber conflict is remarkably long and storied. The timeline of major cyber threat events stretches back nearly four decades, but it is really only the last decade that has seen the widespread proliferation of national cyber forces. As of 2007, only 10 countries had operational cyber commands, three of which were members of the NATO alliance. Just eight years later, that figure jumped to 61 nations, a full two-thirds of which were outside of the NATO alliance. Clearly, national governments have become more willing to see cybersecurity as a key responsibility. States are also cooperating and sharing the burden of securing cyberspace. To read this article in full, please click here
http://news.poseidon-us.com/Sn8Q8p

The true numbers behind deepfake fraud

The use of artificial intelligence can result in the production of deepfakes that are becoming more realistic and challenging to differentiate from authentic content, according to Regula. Companies view fabricated biometric artifacts such as deepfake videos or voices as genuine menaces, with about 80% expressing concern. In the United States, this apprehension appears to be the highest, with approximately 91% of organizations believing it to be an escalating danger. AI-generated deepfakes The increasing accessibility of … More → The post The true numbers behind deepfake fraud appeared first on Help Net Security.
http://news.poseidon-us.com/Sn7vzJ

Over half of GAO’s high-risk areas stem from critical skills gaps

22 of the 37 items on GAO’s list of vulnerable federal programs and broad government challenges stem from issues of mission-critical skills gaps in the federal workforce.
http://news.poseidon-us.com/Sn7HK5

VA’s new EHR hits another outage, as agency reconsiders FY 2024 request for project

The VA on Tuesday experienced a systemwide outage of its Oracle-Cerner EHR that’s currently running at five sites.
http://news.poseidon-us.com/Sn7Bfx

Managed services deal size grew in 2022 despite economy woes

Outsourcing IT remains an effective long-term cost savings strategy for many companies, driving growth in the managed services category.
http://news.poseidon-us.com/Sn5bYv

Embracing zero-trust: a look at the NSA’s recommended IAM best practices for administrators

By now, most of the industry has realized we’re seeing a shift from the legacy perimeter-based security model to an identity-centric approach to cybersecurity. If defenders haven’t realized this, malicious actors certainly have, with 80% of web application attacks utilizing stolen credentials and 40% of breaches that don’t involve insider threats and user error involving stolen credentials, according to sources such as the 2022 Verizon Data Breach Investigation Report. Compromised credentials were involved in incidents such as the 2021 Colonial national gas pipeline breach, the 2021 Oldsmar Florida water treatment plant attack, and an attack on the South Staffordshire water treatment plant in the UK in 2022, illustrating that these incidents can and have spilled over from the digital realm to the physical, impacting critical infrastructure. To read this article in full, please click here
http://news.poseidon-us.com/Sn5Jkp