PyRIT – A Red Team Tool From Microsoft For Generative AI Systems

PyRIT – A Red Team Tool From Microsoft For Generative AI Systems

In a significant move to bolster the security of generative AI systems, Microsoft has announced the release of an open automation framework named PyRIT (Python Risk Identification Toolkit). This innovative toolkit enables security professionals and machine learning engineers to proactively identify and mitigate risks in generative AI systems. Collaborative Effort in AI Security Microsoft emphasizes … Read more

Outlook Users Beware 0-Day Exploit Released On Hacking Forums

Outlook has identified a security flaw that affects how it handles certain hyperlinks.  Malware actors actively exploit the vulnerability in real-world attacks. The assigned CVE number for this vulnerability is CVE-2024-21413, with a severity rating of 9.8 (Critical). Microsoft has successfully resolved the vulnerability in question and implemented the fix in their February 2024 Patch … Read more

Resilience to Acquire BreachQuest for an undisclosed price

In a strategic move to enhance its cyber risk management capabilities, Resilience has announced the acquisition of BreachQuest, an innovative incident response technology firm. This acquisition marks a significant step in Resilience’s efforts to combat the escalating threat of Business Email Compromise (BEC) attacks and other cyber threats. Document Live Account Takeover Attack Simulation How … Read more

Addressing the Menace of Malicious Websites in Google Analytics

Addressing the Menace of Malicious Websites in Google Analytics

In today’s digital landscape, the presence of malicious websites in Google Analytics has emerged as a concerning issue, impacting the integrity of website traffic data and potentially posing serious security risks. This stealthy phenomenon can manifest through the infiltration of spammy referrals and nefarious bots, leading to skewed analytics reports and sabotaging the online presence … Read more

Challenges Remain in Evaluating Ransomware Crackdowns

Challenges Remain in Evaluating Ransomware Crackdowns

An international takedown operation targeting the LockBit ransomware group’s technical infrastructure, and hitting associated individuals with arrests, indictments and sanctions, was celebrated as a major win earlier this week. However, questions remain about what types of long-term effects this law enforcement action will have, both on LockBit and on the ransomware threat landscape as a … Read more

Categories duo

Hackers find a ‘Shortcut’ to data stored on iPhones, iPads, and Macs

Hackers find a ‘Shortcut’ to data stored on iPhones, iPads, and Macs

Apple has advised users to patch their devices against a vulnerability affecting the Apple Shortcuts application that can allow hackers to access sensitive data without invoking user permission. Tracked as CVE-2024-23204, the flaw has a critical rating (CVSS 7.5/10) because of its zero-click exploitation, affecting a range of Apple devices including MacBooks, iPhones, iPads, and … Read more

MIWIC24: Plexal Alumni Receive Multiple Nominations From Peers at This Year’s Awards

MIWIC24: Plexal Alumni Receive Multiple Nominations From Peers at This Year’s Awards

Plexal work with some of the UK’s most exciting start-ups, entrepreneurs and scale-ups who are building emerging technologies and operating across multiple sectors. Plexal help build community, foster talent, and launch graduating companies and professionals into success. They work in conjunction with the government and industry to deliver programmes that support the next generation of … Read more

Cyber Mindfulness Corner Company Spotlight: Jamf

Cyber Mindfulness Corner Company Spotlight: Jamf

At the IT Security Guru we’re showcasing organisations that are passionate about making cybersecurity a healthier, more mindful industry. This week, Aaron Webb, Senior Product Marketing Manager at Jamf, spoke to the Gurus about how leaders can approach the burnout crisis in cybersecurity, what the future of the industry looks like if nothing changes, and why … Read more

Announcing Microsoft’s open automation framework to red team generative AI Systems

Announcing Microsoft’s open automation framework to red team generative AI Systems

Today we are releasing an open automation framework, PyRIT (Python Risk Identification Toolkit for generative AI), to empower security professionals and machine learning engineers to proactively find risks in their generative AI systems. At Microsoft, we believe that security practices and generative AI responsibilities need to be a collaborative effort. We are deeply committed to … Read more

Critical ConnectWise ScreenConnect flaw exploited in the wild: Update

Critical ConnectWise ScreenConnect flaw exploited in the wild: Update

A critical vulnerability patched this week in the ConnectWise ScreenConnect remote desktop software is already being exploited in the wild. Researchers warn that it’s trivial to exploit the flaw, which allows attackers to bypass authentication and gain remote code execution on systems, and proof-of-concept exploits already exist. ScreenConnect is a popular remote support tool with … Read more

jsplaces