AI: Interpreting regulation and implementing good practice
Businesses have been using artificial intelligence for years, and while machine learning (ML) models have often been taken from open-source repositories and built into …
WithSecure
WithSecure’s USB armory enables post-quantum cryptography in space
WithSecure’s USB armory is an open-sourced, single board computer with a unique form factor and capabilities. It has been used in a variety of applications, including (but not …
WithSecure releases Cloud Security Posture Management to identify insecure cloud configurations
WithSecure has released Cloud Security Posture Management, a new module for its WithSecure Elements security platform, that identifies insecure cloud configurations attackers …
Prevent attackers from using legitimate tools against you
Malicious actors are increasingly exploiting legitimate tools to accomplish their goals, which include disabling security measures, lateral movement, and transferring files. …
Outcome-based cybersecurity paves way for organizational goals
Organizations follow a reactive approach to cybersecurity which is stifling their progress in demonstrating value and aligning with business outcomes, according to WithSecure. …
Malware and machine learning: A match made in hell
We’ve been developing machine learning-based cybersecurity systems for many years and began developing automation for analysis in our labs in 2005. These early …
Preventing corporate data breaches starts with remembering that leaks have real victims
When it comes to data breaches, organizations are generally informed about the risks and procedures for mitigating them. They can (typically) respond with minimal collateral …
North Korea targets US, South Korean hospitals with ransomware to fund further cyber operations
US and South Korean agencies have issued a joint cybersecurity advisory describing the tactics, techniques and procedures used by North Korean hackers to deploy …
Generative AI: A benefit and a hazard
If there’s one thing people will remember about AI advances in 2022, it’ll be the advent of sophisticated generative models: DALL.E 2, Stable Diffusion, …
Understanding your attack surface makes it easier to prioritize technologies and systems
It has been observed that attackers will attempt to start exploiting vulnerabilities within the first fifteen minutes of their disclosure. As the time to patch gets shorter, …
Why encrypting emails isn’t as simple as it sounds
The quality of protected communications matters – a lot. If the sent material is highly sensitive and the legislation and/or policy demands high security, opportunistic …
Red, purple, or blue? When it comes to offensive security operations, it’s not just about picking one color
When people find out that I’ve spent much of my career being hired by companies to steal their secrets, they usually ask, “Are we doing enough? Do we need a red team?” …