Unauthenticated, remote attackers can execute arbitrary OS commands with root privileges against certain Palo Alto’s GlobalProtect firewalls, using a just announced critical severity vulnerability which is being actively exploited in the wild. While limited to specific versions and configurations, unauthenticated remote command execution vulnerabilities are among the most severe security vulnerabilities that exist. Indeed, CVE-2024-3400 has a critical 10 out of 10 rating under CVSS.

As large language models (LLMs) continue to push the boundaries of natural language processing, their widespread adoption across various industries has highlighted the critical need for robust security measures. These powerful AI systems, while immensely beneficial, are not immune to potential risks and vulnerabilities. In 2024, the landscape of LLM security tools has evolved to address the unique challenges posed by these advanced models, ensuring their safe and responsible deployment.

Incident response is a crucial aspect of cybersecurity that involves identifying, containment, eradicating, and recovering from security incidents. It is designed to minimise the impact of security breaches, protect sensitive data, and restore normal operations as quickly as possible. To facilitate a smooth incident response, organisations should create a comprehensive checklist that outlines the necessary steps, resources, and communication channels.

The recent discovery of a backdoor in XZ Utils (CVE-2024-3094), a data compression utility used by a wide array of various open-source, Linux-based computer applications, underscores the importance of open-source software security. While it is often not consumer-facing, open-source software is a critical component of computing and internet functions, such as secure communications between machines.

Cybersecurity is vital in today’s fast-paced digital world, where keeping your private information safe is as crucial as the technology itself. Proxies are key players in this arena, not just for the tech-savvy but for everyone online. They work quietly behind the scenes, rerouting your internet traffic to keep your activities private, speed up your browsing, and even unlock content that’s out of reach due to geographic restrictions.

Your digital footprint is the trail of data you leave behind online. It’s important to have a positive digital footprint to maintain your relationships, help you in all your personal and professional endeavors, and keep cybercriminals at bay. To create a positive digital footprint, you need to remove any negative posts, post positive content, think before you post, and interact with others with respect and kindness.

SecOps teams face an unyielding barrage of security signals raised by various systems and tools. It’s estimated that 56% of large companies receive 1,000 or more alerts per day. SOC analysts are expected to wade through these alerts and determine which ones are important, which are low priority, and which are imperative. According to IDC, 83% of cybersecurity employees say they’re struggling to cope with the overwhelming alert volume.

Given the recent exciting news of Splunk becoming part of Cisco, for this edition of Splunk SOAR Playbook of the Month, we thought what better way to showcase how the combination of Cisco and Splunk can help users achieve more comprehensive security than through a playbook that combines the power of Cisco Umbrella and Splunk SOAR.

Despite investing in costly security solutions, keeping up with patches, and educating employees about suspicious emails, breaches still occur, leaving many organizations to wonder why they are vulnerable and which security areas need improvement.

The very fabric that stitches our society together — our councils and local governing bodies — is under a silent siege from cyber attacks. The recent ransomware assault on Leicester Council is another real life cybercrime added to a growing list of attacks in the UK.