News

Latest news on the subject of B2B cyber security >>> PR agencies: Add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

TotalAI Platform: Vulnerability Assessment of AI Workloads
TotalAI Platform: Vulnerability Assessment of AI Workloads Image: Bing - AI

The new TotalAI solution enables holistic detection and vulnerability assessment of AI workloads to detect data leaks, injection issues and model theft. The platform protects against security and compliance issues by leveraging generative AI and LLM. With TotalAI, Qualys is expanding its portfolio, which is aimed at the growing challenges and risks associated with securing generative AI and large language model (LLM) applications. AI workloads: Securing for the enterprise As companies increasingly integrate AI and LLM into their products and solutions, they are faced with an expanded attack surface and increased cyber risks. Traditional cybersecurity practices are proving inadequate,...

Read more

Those who don’t pay: Ransomware groups are putting more pressure on
If you don't pay: Ransomware groups are putting more pressure on you Image: Bing AI

A new report shows how ransomware groups use information about semi-legal activities from stolen data to force victims to pay. The dark web report “Turning the Screws: The Pressure Tactics of Ransomware Gangs” reveals. In its new dark web report “Turning the Screws: The Pressure Tactics of Ransomware Gangs”, Sophos reveals important findings. In the report, the security specialists describe in detail how cyber criminals use stolen data as a means of increasing the pressure on targets who are unwilling to pay. The pressure methods include passing on contact details, publishing information about family members of CEOs…

Read more

Local AI appliance for protected Gen-AI applications
Local AI appliance for protected GenAI applications Image by Kohji Asakawa on Pixabay

Silent AI is a new AI appliance for generative AI applications (GenAI) that ensures the highest level of data security and privacy. This enables companies to use the latest AI technology without any internal knowledge leaving the company. Silent AI is based on a local large language model (LLM) with retrieval-augmented generation (RAG) and local vector databases. This appliance offers a comprehensive service for connecting various knowledge sources without internal knowledge ever leaving the appliance. Main features of Silent AI Local large language model with RAG The appliance integrates a local LLM, which is supplemented by retrieval-augmented generation (RAG). This technology improves the accuracy and…

Read more

Critical vulnerability in Microsoft Copilot Studio
B2B Cyber ​​Security ShortNews

Experts discovered a critical vulnerability in Microsoft Copilot Studio. The attackers penetrated via server-side request forgery (SSRF) and were thus able to access the internal infrastructure of Copilot Studio. Updates have probably already been implemented. The Tenable Research Team discovered a critical information disclosure vulnerability in Microsoft Copilot Studio using server-side request forgery (SSRF). This vulnerability gave researchers access to potentially sensitive data on internal processes of the service with potential cross-tenant impact. The vulnerability is due to improper handling of redirect status codes for user-configurable actions within Copilot Studio....

Read more

No DLP: Data leakage through generative AI
No DLP: Data leakage through generative AI - Image by Gerd Altmann on Pixabay

More than a third of the data entered into generative AI apps is sensitive business information. The use of generative AI has more than tripled in the last 12 months. Data Loss Prevention (DLP) solutions are lacking here. The new study shows that more than a third of the sensitive data exchanged with generative AI tools is regulated data - data that companies are legally obliged to protect. This poses a potential risk for costly data breaches for companies. AI apps only partially blocked The new study by Netskope Threat Labs...

Read more

AI assistant for security analysis in enterprise solutions
AI assistant for security analysis in enterprise solutions Image by T Hansen on Pixabay

Upgrade for business solutions: With ESET AI Advisor, artificial intelligence now supports security managers in their day-to-day security work. SMEs and other companies also receive help with endpoint and XDR solutions. ESET's generative AI-based cybersecurity assistant improves incident response and interactive risk analysis. This enables companies to take advantage of Extended Detection and Response (XDR) solutions even if they have limited IT resources. ESET AI Advisor was first presented at the RSA Conference 2024 and is now available in ESET PROTECT MDR Ultimate and ESET Threat Intelligence, among others. The…

Read more

Risk of VPN attacks: every second company affected
Risk of VPN attacks: every second company affected Image: Bing - AI

The VPN Risk Report shows that more than half of companies were affected by cyberattacks via VPN in 2023. According to the Zscaler ThreatLabz Report 2024, 78 percent of companies plan to implement a Zero Trust strategy in the next 12 months. ThreatLabz VPN Risk Reports 2024: As part of this study, Cybersecurity Insiders surveyed over 600 IT security, IT and networking professionals. 56 percent of participating companies said they had been the target of cyberattacks in the past year that exploited security vulnerabilities in VPNs. These incidents underscore the vulnerability of traditional perimeter-based…

Read more

Deepfakes and AI-based cyberattacks on companies
Deepfakes and AI-based cyberattacks on companies Image: Bing - AI

More protection for all environments against the growing threat of attacks and fraud attempts using artificial intelligence (AI) and deepfakes. Trend Micro announces new features of its cybersecurity solutions for companies. Deepfakes (images, audio or video recordings that appear deceptively real and are manipulated using artificial intelligence) pose a significant risk to companies and individuals. If a fraud is successful using undetected deepfakes, this can lead to financial losses, damage to reputation, legal problems, job loss, identity theft and even damage to the mental or physical health of those affected. In a recent study conducted by Trend Micro, 36...

Read more

Reduce risky account permissions in identity systems
Reduce risky account permissions in identity systems Image: Bing - AI

Companies should reduce risky account permissions in identity systems. The Semperis Delegation Manager helps IT teams enforce a security-focused delegation model for identity systems to reduce overprivileged accounts and excessive access rights. The Delegation Manager, an Active Directory (AD) rights management solution, enables granular control of permissions for specific groups. This saves IT teams responsible for access control time while closing security gaps that cyber attackers routinely exploit. CISA lists AD misconfigurations The CISA (Cybersecurity and Infrastructure Security Agency) lists various AD misconfigurations in its list of the most common AD misconfigurations that can be exploited by attackers.

Read more

AI: Dangerous deepfakes & robocalls
AI: Dangerous Deepfakes & Robocalls Image: Bing - AI

What companies need to know about deepfakes & robocalls: AI now makes it possible to do things that can perfectly deceive employees. Even if legislators increase the penalties for this, the danger remains for companies. You and some of your colleagues are taking part in a video conference and your Chief Revenue Officer (CRO) asks you to make a transfer. Would you do it? - An employee in Hong Kong made the transfer and thereby transferred the equivalent of 24 million euros to a gang of fraudsters in February of this year. He was the victim of an AI-based...

Read more