Cyberipsec

02/05/2023

02/05/2023

Generative AI Is Going Viral In Cybersecurity. Data Is The Key To Making It Useful.

The rush for cybersecurity vendors to tap into generative AI is in full swing — as anyone who attended last week’s RSA Conference, and perused the many booths touting the technology, will confirm.

https://www.crn.com/news/security/generative-ai-is-going-viral-in-cybersecurity-data-is-the-key-to-making-it-useful-

02/05/2023

Boards Are Having the Wrong Conversations About Cybersecurity

Boards that struggle with their role in providing oversight for cybersecurity create a security problem for their organizations. Even though boards say cybersecurity is a priority, they have a long way to go to help their organizations become resilient to cyberattacks. And by not focusing on resilience, boards fail their companies.

https://hbr.org/2023/05/boards-are-having-the-wrong-conversations-about-cybersecurity

02/05/2023

Critical infrastructure: Keeping up with cybersecurity risks

Given the rising frequency and sophistication of cyber-attacks on IT [Information Technology] and OT [Operational Technology] systems, it is now more crucial than ever to remain vigilant and take proactive measures to safeguard critical infrastructure, whether it is oil and gas installations or utilities.

The region’s cybersecurity spending is expected to reach $5 billion in 2023 with a compound annual growth rate of 7-8 per cent, said Jyoti Lalchandani, Group Vice President and Regional Managing Director for the META region, IDC.

https://www.zawya.com/en/projects/industry/critical-infrastructure-keeping-up-with-cybersecurity-risks-x6ttnd43

02/05/2023

Singapore, US run cross-border cybersecurity drills to test banks' resilience

The Monetary Authority of Singapore (MAS) and U.S. Department of Treasury ran a three-day exercise last week to test protocols for data exchange and incident response coordination involving banks in the two jurisdictions. The cross-border drills are critical, the government agencies said in a joint statement Tuesday, amid growing online threats targeting financial services as well as connectivity between both countries' financial ecosystems.

02/05/2023

US and Singapore bolster cybersecurity partnership

The US Department of Treasury and the Monetary Authority of Singapore (MAS) have expanded their collaboration on cyber and operational resilience issues.

The US Department of Treasury and the MAS have expanded their collaboration on cyber and operational resilience issues.

02/05/2023

The cybersecurity skills gap is a real threat — here's how to address it
https://www.weforum.org/agenda/2023/05/the-cybersecurity-skills-gap-is-a-real-threat-heres-how-to-address-it/

27/04/2023

The New Risks ChatGPT Poses to Cybersecurity
https://hbr.org/2023/04/the-new-risks-chatgpt-poses-to-cybersecurity

27/04/2023

Google brings generative AI to cybersecurity

https://techcrunch.com/2023/04/24/google-brings-generative-ai-to-cybersecurity/

27/04/2023

Charming Kitten's New BellaCiao Malware Discovered in Multi-Country Attacks

https://thehackernews.com/2023/04/charming-kittens-new-bellaciao-malware.html

27/04/2023

20 Hottest Cybersecurity Products At RSAC 2023

https://www.crn.com/news/security/20-hottest-cybersecurity-products-at-rsac-2023

27/04/2023

NSA Cybersecurity Director Says ‘Buckle Up’ for Generative AI

The security issues raised by ChatGPT and similar tech are just beginning to emerge, but Rob Joyce says it’s time to prepare for what comes next.

27/04/2023

Cybersecurity nightmare in Japan is everyone else’s problem, too

https://www.japantimes.co.jp/news/2023/04/25/business/japan-cybersecurity-problem/

27/04/2023

Governments are incapable of fixing the insecurity of the internet by themselves, and businesses are unlikely to do it until the economic pain of ignoring the insecurity of the internet becomes greater than the profits it can earn from it. There are no silver bullets beyond restructuring the internet to rely more on new secure private networks, particularly for the operation of critical infrastructure. That will require businesses, governments, and users in democratic nations to act together to transform the internet into networks that rely on the authentication of people rather than IP addresses, mandate strict rules of online behavior, and maintain cyber police (human or machine) to enforce them.

Governments are incapable of fixing the insecurity of the internet by themselves, and businesses are unlikely to do it until the economic pain of ignoring the insecurity of the internet becomes greater than the profits it can earn from it. There are no silver bullets beyond restructuring the interne...

20/04/2023

Apple has released security updates to address two new zero-day vulnerabilities (CVE-2023-28205 and CVE-2023-28206) in their products. The vulnerabilities are reportedly being actively exploited.

20/04/2023

A song that uses Artificial Intelligence to clone the voices of Drake and The Weeknd has gone viral on social media.

Listen to this AI generated song featuring Drake & The Weeknd.

It goes so damn hard.

It's by "Ghostwriter977" on TikTok and it's blowing up on socials + streaming platforms.

UMG, which controls around 1/3 of the global music market, has already asked streaming platforms to ban AI.

A modern Napster moment.

15/12/2022

Vulnerabilities in VMWare Product
Published on 15 Dec 2022

Updated on 15 Dec 2022

VMware has released security updates to address several vulnerabilities in VMware vRealize Network Insight (vRNI), one of which is critical.

The vulnerabilities are:

CVE-2022-31702: Improper input validation within the vRNI REST API. A remote unauthenticated attacker can pass specially crafted data to the affected REST API endpoint and execute arbitrary commands on the system.

CVE-2022-31703: Input validation error when processing directory traversal sequences within the vRNI REST API. A remote attacker can send a specially crafted HTTP request and read arbitrary files on the system.

The following versions are affected by these vulnerabilities:

VMware vRealize Network Insight (vRNI) 6.2, 6.3, 6.4, 6.5.x, 6.6, 6.7
Users and administrators of the affected versions are advised to upgrade to the latest versions immediately.

More information is available here:

https://www.vmware.com/security/advisories/VMSA-2022-0031.html

https://www.cybersecurity-help.cz/vdb/SB2022121329

By: https://www.csa.gov.sg/

CSA is the national agency overseeing cybersecurity strategy, operations, education, outreach, and ecosystem development