Copilot Plus? More like Copilot Minus: Redmond realizes Recall requires radical rethink.

The post Recall ‘Delayed Indefinitely’ — Microsoft Privacy Disaster is Cut from Copilot+ PCs appeared first on Security Boulevard.

Protect AI warns of a dozen critical vulnerabilities in open source AI/ML tools reported via its bug bounty program.

The post Easily Exploitable Critical Vulnerabilities Found in Open Source AI/ML Tools appeared first on SecurityWeek.

Amidst public pressure, Microsoft changes the set-up experience of Copilot+ PCs to disable the controversial Windows Recall feature by default.

The post Microsoft Bows to Public Pressure, Disables Controversial Windows Recall by Default appeared first on SecurityWeek.

It remembers everything you do on your PC. Security experts are raging at Redmond to recall Recall.

The post Microsoft Recall is a Privacy Disaster appeared first on Security Boulevard.

AI tool development platform Hugging Face has detected a Spaces hack that resulted in the exposure of secrets.

The post Secrets Exposed in Hugging Face Hack appeared first on SecurityWeek.

SecurityWeek editor-at-large Ryan Naraine examines the broad tension between tech innovation and privacy rights at a time when ChatGPT-like bots and generative-AI apps are starting to dominate the landscape. 

The post Microsoft’s Windows Recall: Cutting-Edge Search Tech or Creepy Overreach? appeared first on SecurityWeek.

The 2024 World CyberCon META Edition, a resounding success held at Al Habtoor Palace in Dubai, featured a prominent all-women panel discussion titled "Strategic Investments in Cybersecurity: Leveraging AI and ML for Enhanced Threat Detection." The panel, moderated by Jo Mikleus, Senior Vice President of Cyble Inc., featured contributions from an array of distinguished experts including Sithembile (Nkosi) Songo, Chief Information Security Officer at ESKOM; Dina Alsalamen, VP and Head of Cyber and Information Security at Bank ABC; Afra Mohammed Almansoori, Business Analyst at Digital Dubai; and Irene Corpuz, Co-Founder of Women in Cyber Security Middle East. The session commenced with exploring how AI and machine learning (ML) are revolutionizing threat detection and response in cybersecurity. Afra Mohammed Almansoori highlighted the transformative impact of these technologies: "AI isn't just a substitute; it's a game-changer for cybersecurity. By harnessing AI and machine learning, we enhance threat detection capabilities, allowing us to focus on strategic security initiatives.

World CyberCon META Edition: Transforming Threat Detection and Response

AI and ML are redefining the landscape of cybersecurity through various applications. Behavioral analytics, anomaly detection, and automated incident response are now integral to modern cybersecurity strategies. AI's ability to analyze vast datasets and identify patterns that elude traditional methods enables organizations to preemptively address potential threats. Irene Corpuz reinforced this notion, stating, "AI isn't a replacement, it's a force multiplier for cybersecurity. Leveraging AI and machine learning strengthens our defenses by automating threat detection, freeing us to focus on strategic security initiatives." [caption id="attachment_71219" align="aligncenter" width="1024"] (L-R: Sithembile (Nkosi) Songo – Chief Information Security Officer, ESKOM; Afra Mohammed Almansoori – Business Analyst, Digital Dubai; Dina Alsalamen, VP, Head of Cyber and Information Security Department, Bank ABC; Irene Corpuz – Co-Founder, Women in Cyber Security Middle East and Jo Mikleus – Senior Vice President, Cyble Inc.)[/caption]

Enhanced Accuracy and Speed

The panel discussed notable use cases where AI and ML have significantly enhanced the accuracy and speed of threat detection. In one instance, Bank ABC utilized AI-driven analytics to thwart a sophisticated phishing attack that traditional security measures failed to detect. By rapidly identifying and responding to anomalies, AI systems have proven to be a vital asset in the fight against cybercrime. However, the integration of AI and ML into cybersecurity is not without challenges. The panel emphasized the importance of adopting applicable policies and standards to mitigate risks associated with these technologies. Regulatory frameworks must evolve to address issues such as data privacy, ethical use of AI, and the potential for AI-generated threats.

Integration with Existing Infrastructure

Integrating AI and ML capabilities with existing security infrastructure is another critical consideration. Organizations must ensure seamless integration to maximize the benefits of AI without disrupting their current operations. This involves upgrading legacy systems, training staff on new technologies, and continually assessing the performance of AI tools. Best practices in reorienting strategic investments were also discussed. Companies are increasingly allocating resources towards AI capabilities to stay ahead of emerging threats. By investing in AI and ML, businesses can enhance their threat detection and response mechanisms, thereby safeguarding their digital assets more effectively.

Overcoming Implementation Challenges

The panel acknowledged the challenges and limitations of implementing AI and ML in cybersecurity, especially for small and medium-sized enterprises (SMEs). Resource constraints, lack of expertise, and integration issues are common hurdles. To overcome these challenges, organizations should consider collaborative approaches, such as partnering with cybersecurity firms and leveraging cloud-based AI solutions. A key theme was the envisioned collaboration between humans and machines in cybersecurity operations. AI and ML technologies can augment the capabilities of human analysts by handling routine activities, thus allowing experts to focus on more strategic tasks. This symbiotic relationship enhances overall security posture and operational efficiency. The reception from key stakeholders, including Boards, CEOs, and CFOs, was noted as increasingly positive. As cyber threats become more sophisticated, there is growing recognition of the need for enhanced cybersecurity measures. Business leaders are supporting CISOs in making the necessary investments to protect their organizations.

Delivering ROI

Finally, the panel discussed how to position business cases for AI in cybersecurity to deliver ROI. Demonstrating the tangible benefits of AI investments, such as reduced incident response times and minimized breach impact, is crucial for securing buy-in from stakeholders. [caption id="attachment_71215" align="aligncenter" width="1024"] Jo Mikleus, Senior Vice President at Cyble Inc.[/caption] Jo Mikleus summed up the session by stating, "It was a privilege to moderate the World CyberCon panel, discussing AI as a critical strategic investment for cybersecurity and managing threat intelligence."

The Middle East's Cybersecurity Imperative

As digitalization surges across the Middle East, the importance of strong cybersecurity measures cannot be overstated. The region's rapid technological advancement necessitates a proactive approach to combat the escalating cyber threat landscape. Leveraging AI and ML to complement traditional cybersecurity defenses is advantageous, but proactive measures are essential to mitigate AI-related risks. Shadow AI in the workplace is growing, with an alarming 156% increase in employees inputting sensitive corporate data into chatbots like ChatGPT and Gemini. The World CyberCon Meta Edition 2024 underlines the critical role of AI and ML in modern cybersecurity strategies. As cyber threats continue to evolve, strategic investments in these technologies will be pivotal in safeguarding the digital future.

Source: www.cybertalk.org – Author: slandau EXECUTIVE SUMMARY: Email is the #1 means of communication globally. It’s simple, affordable and easily available. However, email systems weren’t designed with security in mind. In the absence of first-rate security measures, email can become a hacker’s paradise, offering unfettered access to a host of tantalizingly lucrative opportunities. Optimize your […]

La entrada 7 best practices for tackling dangerous emails – Source: www.cybertalk.org se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Slack reveals it has been training AI/ML models on customer data, including messages, files and usage information. It's opt-in by default.

The post User Outcry as Slack Scrapes Customer Data for AI Model Training appeared first on SecurityWeek.

Microsoft today released updates to fix more than 60 security holes in Windows computers and supported software, including two “zero-day” vulnerabilities in Windows that are already being exploited in active attacks. There are also important security patches available for macOS and Adobe users, and for the Chrome Web browser, which just patched its own zero-day flaw.

First, the zero-days. CVE-2024-30051 is an “elevation of privilege” bug in a core Windows library. Satnam Narang at Tenable said this flaw is being used as part of post-compromise activity to elevate privileges as a local attacker.

“CVE-2024-30051 is used to gain initial access into a target environment and requires the use of social engineering tactics via email, social media or instant messaging to convince a target to open a specially crafted document file,” Narang said. “Once exploited, the attacker can bypass OLE mitigations in Microsoft 365 and Microsoft Office, which are security features designed to protect end users from malicious files.”

Kaspersky Lab, one of two companies credited with reporting exploitation of CVE-2024-30051 to Microsoft, has published a fascinating writeup on how they discovered the exploit in a file shared with Virustotal.com.

Kaspersky said it has since seen the exploit used together with QakBot and other malware. Emerging in 2007 as a banking trojan, QakBot (a.k.a. Qbot and Pinkslipbot) has morphed into an advanced malware strain now used by multiple cybercriminal groups to prepare newly compromised networks for ransomware infestations.

CVE-2024-30040 is a security feature bypass in MSHTML, a component that is deeply tied to the default Web browser on Windows systems. Microsoft’s advisory on this flaw is fairly sparse, but Kevin Breen from Immersive Labs said this vulnerability also affects Office 365 and Microsoft Office applications.

“Very little information is provided and the short description is painfully obtuse,” Breen said of Microsoft’s advisory on CVE-2024-30040.

The only vulnerability fixed this month that earned Microsoft’s most-dire “critical” rating is CVE-2024-30044, a flaw in Sharepoint that Microsoft said is likely to be exploited. Tenable’s Narang notes that exploitation of this bug requires an attacker to be authenticated to a vulnerable SharePoint Server with Site Owner permissions (or higher) first and to take additional steps in order to exploit this flaw, which makes this flaw less likely to be widely exploited as most attackers follow the path of least resistance.

Five days ago, Google released a security update for Chrome that fixes a zero-day in the popular browser. Chrome usually auto-downloads any available updates, but it still may require a complete restart of the browser to install them. If you use Chrome and see a “Relaunch to update” message in the upper right corner of the browser, it’s time to restart.

Apple has just shipped macOS Sonoma 14.5 update, which includes nearly two dozen security patches. To ensure your Mac is up-to-date, go to System Settings, General tab, then Software Update and follow any prompts.

Finally, Adobe has critical security patches available for a range of products, including Acrobat, Reader, Illustrator, Adobe Substance 3D Painter, Adobe Aero, Adobe Animate and Adobe Framemaker.

Regardless of whether you use a Mac or Windows system (or something else), it’s always a good idea to backup your data and or system before applying any security updates. For a closer look at the individual fixes released by Microsoft today, check out the complete list over at the SANS Internet Storm Center. Anyone in charge of maintaining Windows systems in an enterprise environment should keep an eye on askwoody.com, which usually has the scoop on any wonky Windows patches.

Update, May 15, 8:28 a.m.: Corrected misattribution of CVE-2024-30051.