Generative AI: A benefit and a hazard
If there’s one thing people will remember about AI advances in 2022, it’ll be the advent of sophisticated generative models: DALL.E 2, Stable Diffusion, …
WithSecure
Understanding your attack surface makes it easier to prioritize technologies and systems
It has been observed that attackers will attempt to start exploiting vulnerabilities within the first fifteen minutes of their disclosure. As the time to patch gets shorter, …
Why encrypting emails isn’t as simple as it sounds
The quality of protected communications matters – a lot. If the sent material is highly sensitive and the legislation and/or policy demands high security, opportunistic …
Red, purple, or blue? When it comes to offensive security operations, it’s not just about picking one color
When people find out that I’ve spent much of my career being hired by companies to steal their secrets, they usually ask, “Are we doing enough? Do we need a red team?” …
IRISSCERT brings eminent cybersecurity experts to its conference in Dublin
The Irish Reporting and Information Security Service’s (IRISSCERT) Conference on Cybercrime will be on the 10th of November 2022 in the Aviva stadium. This all-day conference …
Data visualization: An invaluable tool in a defender’s arsenal
Visibility is always a priority, but it’s vital when responding to an incident. Time is always working against incident responders. Looking through rows of text data and …
Top outcomes organizations want from their security investments
Preventing data breaches and safeguarding remote workers are among the top security priorities and outcomes organizations want from their security investments, according to …
Weakness in Microsoft Office 365 Message Encryption could expose email contents
WithSecure researchers are warning organizations of a security weakness in Microsoft Office 365 Message Encryption (OME) that could be exploited by attackers to obtain …
Thwarting attackers in their favorite new playground: Social media
For years, LinkedIn has been utilized by threat actors looking to refine their attacks. From simple spear-phishing attacks to reconnaissance, the professional networking site …
Incident response in the cloud can be simple if you are prepared
If your business has moved toward off-premises computing, there’s a bonus to the flexibility and scalability services that AWS and Microsoft 365 can provide. Incident response …
Introducing the book: If It’s Smart, It’s Vulnerable
All our devices and gadgets are going online, just like our computers did. But once we’ve successfully connected our devices to the internet, do we have any hope of keeping …
Targeted campaign uses infostealer to hijack Facebook Business accounts
WithSecure researchers have discovered an ongoing operation, dubbed “DUCKTAIL”, that targets individuals and organizations operating on Facebook’s Ads and …