Fortinet announces industry’s first GenAI IoT security assistant and new GenAI capabilities for network and security operations – Express Computer

Fortinet, announced new updates to its generative AI (GenAI) portfolio to enhance both network and security operations, including the industry’s first generative AI IoT security assistant. The cybersecurity sector faces a significant skills gap approaching 4 million professionals. 1  GenAI tackles this challenge by augmenting the need for technical proficiency. FortiAI, Fortinet’s GenAI assistant, supports … Read more

FBI warns of email spoofing by North Korean threat actor Kimsuky | SC Media

The North Korean threat actor Kimsuky is leveraging new email spoofing tactics in its recent spearphishing campaigns, the Federal Bureau of Investigation (FBI), U.S. Department of State and National Security Agency (NSA) warned in a joint advisory Thursday. Kimsuky, also known as Emerald Sleet or APT43, is a subunit of the North Korean military’s Reconnaissance … Read more

F5 looks to squelch ‘ball of fire’ that is application security | Network World

F5 is enhancing its tools for enterprise customers that are struggling to combat rising security threats against on-premise and cloud-based applications. The vendor announced web application scanning for its core Distributed Cloud Services, new firewalls for its BIG-IP intelligent traffic management and load balancing service, and NGINX App Protect for open source deployments. F5’s Distributed Cloud … Read more

UK cracks down on default passwords for smart devices | SC Media

The UK has become the first country worldwide to prohibit Internet of Things device manufacturers from using default usernames and passwords in their products following the approval of the Product Security and Telecommunications Infrastructure act, which seeks to bolster smart device cybersecurity, The Hacker News reports. Aside from banning default credentials for smartphones, smart TVs, … Read more

CISA: Immediate GitLab account takeover flaw remediation crucial amid attacks | SC Media

(Photo Illustration by Rafael Henrique/SOPA Images/LightRocket via Getty Images) Ongoing intrusions targeting GitLab instances impacted by the maximum severity account takeover vulnerability, tracked as CVE-2023-7028, have prompted the flaw’s inclusion in the Cybersecurity and Infrastructure Security Agency’s Known Exploited Vulnerabilities catalog, with federal agencies urged to remediate the security issue by May 22, reports BleepingComputer. … Read more

Arista targets lateral security threat in campus and data center networks | Network World

Arista Networks is bolstering a key part of its security software with new features that help customers reduce the blast radius of security breaches by setting up “microperimeters” to restrict lateral movement in campus and data center networks. The new features are in the vendor’s Macro-Segmentation Service (MSS) software, which is an extension of its … Read more

Path traversal vulnerability elimination in software sought by feds | SC Media

Software firms have been urged by the FBI and Cybersecurity and Infrastructure Security Agency to ensure the absence of path traversal or directory traversal vulnerabilities in their products prior to shipping, BleepingComputer reports. Mitigating such flaws, which could be exploited to facilitate code execution and authentication bypass, could be achieved through random identifier generation for … Read more

Biden’s new memo solidifies, expands CISA’s oversight roles

Hubbard Radio Washington DC, LLC. All rights reserved. This website is not intended for users located within the European Economic Area. The White House issued National Security Memorandum-22 updating an Obama-era policy for how agencies oversee and manage 16 critical infrastructure sectors. Incidents like Volt Typhoon and the dramatic increase of ransomware attacks against U.S. … Read more

Your 2024 corporate guide to cyber security and data breaches | Wolters Kluwer

Wolters Kluwer is a global provider of professional information, software solutions, and services for clinicians, nurses, accountants, lawyers, and tax, finance, audit, risk, compliance, and regulatory sectors. Trusted clinical technology and evidence-based solutions that drive effective decision-making and outcomes across healthcare. Specialized in clinical effectiveness, learning, research and safety. Enabling tax and accounting professionals and … Read more