Goto

Collaborating Authors

Results


Difference Between Agent-Based and Network-Based Internal Vulnerability Scanning

#artificialintelligence

For years, the two most popular methods for internal scanning: agent-based and network-based were considered to be about equal in value, each bringing its own strengths to bear. However, with remote working now the norm in most if not all workplaces, it feels a lot more like agent-based scanning is a must, while network-based scanning is an optional extra. This article will go in-depth on the strengths and weaknesses of each approach, but let's wind it back a second for those who aren't sure why they should even do internal scanning in the first place. While external vulnerability scanning can give a great overview of what you look like to a hacker, the information that can be gleaned without access to your systems can be limited. Some serious vulnerabilities can be discovered at this stage, so it's a must for many organizations, but that's not where hackers stop.


Europe's Only Deeptech Demo Day: Deeptech Labs' Unveil 6 New Accelerator Start-ups

#artificialintelligence

Deeptech Labs, the accelerator and VC fund for post-Seed, pre-Series A deeptech companies will unveil its Spring cohort of 6 deeptech start-ups to an online audience of investors on 21st June. More than 120 VCs and Corporate Entities have previously attended its virtual demo days, demonstrating the significant and growing interest in the European deeptech sector. Deeptech Labs is a Cambridge-based accelerator programme and VC fund, founded in 2020 by ARM, Cambridge Innovation Capital, Martlet Capital, Ewan Kirk and the University of Cambridge. The accelerator supports deeptech entrepreneurs as they move from prototype and proof of concept to scalable products and services, and connects them to Deeptech Labs' extensive network of deeptech investors. The Deeptech Labs accelerator programme and investment fund was founded to fill a significant gap in the European venture market and accelerate the growth of promising early-stage deeptech companies.


Report on Constellation Network (DAG)

#artificialintelligence

Constellation is a distributed network that enables fast, scalable solutions for organizations who need to process and transfer data securely and build interoperability for connected sensors and devices. As computing moves increasingly to the edge, Constellation provides the only scalable, secure solution for a world with more connectivity, more centralization, and more concentrated risk. Constellation Network is a decentralized, open-source, and permissionless programming platform that allows anybody to create apps. Constellation also provides complete control over the tokenomic structure and incentives of apps. Constellation Network, on the other hand, is much more than a decentralized playground and toolbox.


Wazuh and Its XDR Approach

#artificialintelligence

Today's cyber security technological evolution milestones in the context of effective detection and response are the endpoint detection and response (EDR), Manage Detection and Response (MDR), and Network Detection and Response (NDR). However, these all solutions are running independently and missing the correlated high level processed alert to which Extended Detection and Response (XDR) is a solution that emerged, rather than adding another tool, XDR aims to change this security landscape and enable a more compelling activity of the security stack. What problem does XDR solve? Attackers often target endpoints, but they also target other layers of the IT domain in the corporate network, such as email servers and cloud systems, and they may bounce between layers or hide in the interface between them to evade detection. XDR solves both problems at once.


digital-transformation-trends

#artificialintelligence

The past two years have seen radical digital transformation. Companies and industries that have traditionally been hesitant to adopt new technology suddenly embraced their digital transformations--they needed to find new ways to work. Interestingly, many experts believe that these radical shifts are only the beginning. In a recent Deloitte survey, three-quarters of executives stated that they expect more changes in the next five years than there were in the past five years. The rate of change only increases as organizations are more open and willing to make the changes they need to keep up with the competition. Digital transformation (DX) encourages business organizations to adopt new technologies in order to deliver better value to their customers.


How safe is YOUR smart device? Popular gadgets including Amazon Echo and Google Nest can be HACKED

Daily Mail - Science & tech

Smart home devices from companies such as Amazon and Google can be hacked and used to crash websites, steal data and snoop on users, an investigation reveals. Consumer group Which? has found poor security on eight smart devices, some of which are no longer supported with vital security updates due to their age. Examples include the first generation Amazon Echo smart speaker, released in 2014, and a Virgin Media internet router from 2017. All of the products had vulnerabilities that could leave users exposed to cybercriminals, Which? Domestic abuse survivors can also be tracked and controlled by ex-partners who exploit weak security on devices including Wi-Fi routers and security cameras.


Orange Business Services leverages AI for IT

#artificialintelligence

Orange Business Services announced Tuesday the launch of Service Manage-Watch. The new solution, aimed at enterprise IT departments, monitors network services and applications and uses artificial intelligence (AI) for predictive analysis to monitor potential problems. Service Manage-Watch (or Watch for short) was developed to answer enterprise needs to monitor interconnected IT services, said the company. "Monitoring and measuring, however, are increasingly complex as IT estates expand, potentially resulting in lack of global visibility to identify root causes of issues or recurring glitches, inability to anticipate incidents, and poor alert management. Traditional monitoring tools take a siloed approach based on one tool per service, proving inadequate for today's distributed infrastructure," said Orange Business Services.


What AI can (and can't) do for organisations' cyber resilience

#artificialintelligence

Technologies such as artificial intelligence (AI), machine learning, the internet of things and quantum computing are expected to unlock unprecedented levels of computing power. These so-called fourth industrial revolution (4IR) technologies will power the future economy and bring new levels of efficiency and automation to businesses and consumers. AI in particular holds enormous promise for organisations battling a scourge of cyber attacks. Over the past few years, cyber attacks have been growing in volume and sophistication. The latest data from Mimecast's State of Email Security 2022 report found that 94% of South African organisations were targeted by e-mail-borne phishing attacks in the past year, and six out of every 10 fell victim to a ransomware attack.


Automotive Cybersecurity Market - Insights, Forecast to 2026

#artificialintelligence

The global Automotive Cybersecurity Market size is projected to grow from USD 2.0 billion in 2021 to USD 5.3 billion by 2026, at a CAGR of 21.3%. Increasing incidents of cyber-attacks on vehicles and massive vehicles recalls by OEMs have increased awareness about automotive cybersecurity among OEMs globally. Moreover, increasing government mandates on incorporating several safety features, such as rear-view camera, automatic emergency braking, lane departure warning system, and electronic stability control, have further opened new opportunities for automotive cybersecurity service providers globally. As a result, there are various start-ups present in the automotive cybersecurity ecosystem. Government initiatives toward building an intelligent transport system have also further escalated the demand for cybersecurity solutions all over the world.


Lamboozling Attackers

Communications of the ACM

Deception is a powerful resilience tactic that provides observability into attack operations, deflects impact from production systems, and advises resilient system design. A lucid understanding of the goals, constraints, and design trade-offs of deception systems could give leaders and engineers in software development, architecture, and operations a new tactic for building more resilient systems--and for bamboozling attackers. Unfortunately, innovation in deception has languished for nearly a decade because of its exclusive ownership by information security specialists. Mimicry of individual system components remains the status-quo deception mechanism despite growing stale and unconvincing to attackers, who thrive on interconnections between components and expect to encounter systems. Consequently, attackers remain unchallenged and undeterred. This wasted potential motivated our design of a new generation of deception systems, called deception environments. These are isolated replica environments containing complete, active systems that exist to attract, mislead, and observe attackers. By harnessing modern infrastructure and systems design expertise, software engineering teams can use deception tactics that are largely inaccessible to security specialists. To help software engineers and architects evaluate deception systems through the lens of systems design, we developed a set of design principles summarized as a pragmatic framework. This framework, called the FIC trilemma, captures the most important dimensions of designing deception systems: fidelity, isolation, and cost. The goal of this article is to educate software leaders, engineers, and architects on the potential of deception for systems resilience and the practical considerations for building deception environments. By examining the inadequacy and stagnancy of historical deception efforts by the information security community, the article also demonstrates why engineering teams are now poised--with support from advancements in computing--to become significantly more successful owners of deception systems.