Plus: The SEC lets SolarWinds off the hook, Microsoft stops a historic DDoS attack, and FBI documents reveal the agency spied on an immigration activist Signal group in New York City. Eight years after a researcher warned WhatsApp that it was possible to extract user phone numbers en masse from the Meta-owned app, another team of researchers found that they could still do exactly that using a similar technique. The issue stems from WhatsApp's discovery feature, which allows someone to enter a person's phone number to see if they're on the app. By doing this billions of times--which WhatsApp did not prevent--researchers from the University of Vienna uncovered what they're calling "the most extensive exposure of phone numbers" ever . Vaping is a major problem in US high schools.

A natural question is how LLMs can be applied to the cybersecurity domain, specifically for generating As the complexity of modern systems increases, so does the importance attack graphs. of assessing their security posture through effective vulnerability The aim of this paper is to investigate the potential of using large management and threat modeling techniques. One powerful language models such as ChatGPT for automating the generation tool in the arsenal of cybersecurity professionals is the attack graph, of attack graphs. Our approach leverages LLM capabilities to understand a representation of all potential attack paths within a system that an and chain Common Vulnerabilities and Exposures (CVEs) adversary might exploit to achieve a certain objective. Traditional based on their preconditions and postconditions. By interpreting methods of generating attack graphs involve expert knowledge, CVE descriptions and associated metadata, LLMs can generate links manual curation, and computational algorithms that might not between vulnerabilities, offering a dynamic way to visualize possible cover the entire threat landscape due to the ever-evolving nature attack vectors. In addition, this paper explores using LLMs for of vulnerabilities and exploits. This paper explores the approach generating attack graphs based on textual threat reports, which are of leveraging large language models (LLMs), such as ChatGPT, to often rich sources of data but require manual analysis to transform automate the generation of attack graphs by intelligently chaining into actionable insights. Common Vulnerabilities and Exposures (CVEs) based on their preconditions Our work makes several contributions: and effects. It also shows how to utilize LLMs to create attack graphs from threat reports.

Thanks to science fiction movies and literature, many people are already familiar with the idea of virtual worlds One only needs to think of various popular films and books to imagine how people might navigate a different reality via an avatar. Increasingly, however, companies want to turn fiction into reality, with Facebook (now known as Meta) just one example of a brand leading the charge, evolving from a pure social media platform into a tech company pushing for an entirely virtual universe known as the metaverse. But what exactly is the metaverse? What opportunities does it offer for everyday life?

Is it finally the year for the rise of the machines? Until not too long ago, AI was just an overused marketing term. Many software vendors who sold solutions based on algorithms and fancy regular expressions branded their stuff as artificial intelligence, even though it wasn't. Times have changed, and the market is--in a helicopter view--divided into two camps: vendors who use a predefined AI framework and vendors who create their own. I'm not looking into the pros and cons of each, but what does this mean for the users?

Less than four months after the revelation of one of the biggest hacking events in history--Russia's massive breach of thousands of networks that's come to be known as the SolarWinds hack--the US has now sent the Kremlin a message in the form of a punishing package of diplomatic and economic measures. But even as the retribution for SolarWinds becomes clear, the question remains: What exactly is that message? By most any interpretation, it doesn't seem to be based on a rule that the United States has ever spelled out before. On Thursday, the Biden administration fulfilled its repeated promises of retaliation for both the SolarWinds hacking campaign and a broad array of other Russian misbehavior that includes the Kremlin's continuing disinformation operations and other interference in the 2020 election, the poisoning of Putin political adversary Aleksey Navalny, and even older Russian misdeeds including the NotPetya worm and the cyberattack on the 2018 Winter Olympics. The Treasury Department has leveled new sanctions at six cybersecurity companies with purported ties to Russian intelligence services, as well as four organizations associated with its disinformation operations.

The service desk acts as the "go-to" place for all IT-related needs and issues, typically managing incidents or service disruptions, requests, and changes. The service desk scope of work can be enormous and wide-ranging, depending on the nature and size of the organisation in question. As a critical function used by employees across a company, it needs to be managed appropriately. Technology has upended the way business is done across all industries around the world. At the same time, traditional IT service management (ITSM) solutions have become inefficient in maintaining customer satisfaction levels and meeting increasing customer expectations in a fast-paced digital world.

Cloud and hybrid IT are the top priority for IT organizations today (91%), with automation (79%) and big data analytics (78%) following not too far behind, according to the annual SolarWinds IT Trends Index report. But guess what's not very high on the priority list for IT? Artificial intelligence (32%), machine learning (30%), and blockchain (11%). All these need to get in line behind a host of other technologies before they get more attention from IT. These findings are among many in this year's IT Trends Index report that surveyed 803 IT pros -- both leaders and rank-and-file -- in several regions around the world. The report delves into IT attitudes around technologies that include containers, the Internet of Things (IoT), software-defined everything, and robotics, among others. Given all the hype around artificial intelligence, we wondered why we are hearing so much about it if it's not an IT priority?

IT professionals remain unfazed by any existential threat that artificial intelligence (AI) may pose to their careers, a survey has found. Just 18% of respondents in the survey commissioned by SolarWinds were concerned about the impact of AI on job security – far lower than the growing concern over cyber security that was cited by 91% of respondents. From cyber security experts to data scientists, the competition for IT talent has never been stiffer. This is evident in the findings of our annual IT Salary Survey in ANZ and ASEAN, where about 50% of respondents received salary increments compared to a year ago. You forgot to provide an Email Address.