Patches are a way of life for any network administrator and are the most efficient method in place to ensure systems are running the most up-to-date and secure versions of their various software applications. For the most part, updates take place behind the scenes, with the average person only noticing a patch being installed when they are asked to reboot their machine to install the new version.

In early 2021, a new vulnerability, identified as CVE-2021-27928, was discovered and published. It affects multiple versions of the open-source relational database management systems (RDMBS) MariaDB and Percona Server, and the wsrep (write set replication) plugin for MySQL. Fortunately, security professionals swiftly released a patch to ensure that affected systems could be updated to mitigate risks.

Over the past three years, the second Tuesday of each month has turned into a hectic period of planning and remediation, driven by a 25% average annual growth rate in CVEs. Just last Tuesday, Microsoft revealed a critical TCP/IP remote code execution (RCE) vulnerability in the IPv6 stack, which has a CVSS score of 9.8 due to its criticality and ease of exploitation. For a more in-depth look, we recommend these resources.

OpenAI has launched a prototype called SearchGPT, a new AI-driven search tool that integrates advanced AI capabilities with real-time web information. This temporary prototype, currently available to a select group of users and publishers, aims to enhance how people find information online by providing fast, accurate answers with precise citations. The ultimate goal is to gather feedback and refine these features before integrating them into the broader ChatGPT platform.

When navigating between all your devices, one term you may have been asked to provide or seen on your tech travels—perhaps when setting up a Wi-Fi connection or troubleshooting— is the network key. A network key functions like a Wi-Fi password to secure your internet connection via a Wi-Fi router or anywhere else. As we know, anything that connects to the Internet requires a strong password to protect it from leaks, hacks, or breaches, and for that, you will need a strong network key.

1Password Extended Access Management includes (among other things) a device trust agent.

Meta has announced the launch of Purple Llama, an umbrella project promoting open trust and safety in generative AI. The project features tools and evaluations designed to enable developers to deploy generative AI models and experiences responsibly in line with best practices outlined in Meta’s Responsible Use Guide.

FoondaMate, a rapidly growing AI-powered study aid known as “study buddy” in Zulu, has become an indispensable resource for middle and high school students in emerging markets. Leveraging the advanced capabilities of Meta’s Llama technology, this virtual assistant provides conversational support via WhatsApp and Messenger, helping students with schoolwork and academic challenges.

External cybersecurity threats are a well-known problem, but organizations should also be aware of managerial insider threats. These threats originate from individuals with privileged access and authority and can cause devastating damage to an organization’s data, reputation, and bottom line. In this guide, we’ll examine managerial insider threats and offer insights and strategies you can use to detect, prevent, and mitigate these risks.

By Michael Aguilera, Lead Penetration Tester, Razorthorn Security Over the past decade, crowdsourced penetration testing has grown in popularity because of its convenience and cost effectiveness. However, this surge in popularity does not come without its caveats. In this blog, we’ll explore the benefits and risks of crowdsourced penetration testing, compare it with traditional methods and help you make an informed decision for your organisation’s cybersecurity needs.