Tag: cisco
AI-driven cybersecurity dominates RSA in San Francisco
Artificial Intelligence (AI)-driven cybersecurity is set to dominate RSA, the world’s largest cybersecurity event, which kicked off yesterday in San Francisco and runs from April 28 to May 1. Networking giant Cisco set the pace with an announcement that it is deepening its partnership with ServiceNow, a leading AI platform for business transformation. It is claimed that the combination of Cisco's infrastructure and security platforms and ServiceNow's AI-driven platform and security solutions will unlock mutual customers' ability to secure and scale their use of AI while decreasing risk and complexity. The first such integration will bring together Cisco's AI Defense capabilities with ServiceNow SecOps.
Cyber Tsunami Set to Overwhelm Paris Olympics
The Olympic games, which kick off in Paris towards the end of next month, are expected to attract over 15 million visitors to the French capital and generate around €11 billion. But there are also growing fears that the four-yearly global event will be the target of a tsunami of cybercrime and terrorism. “The Tokyo Games in 2021 suffered 450 million computer attacks. Paris expects eight times more!” says the networking giant Cisco, an official partner for Paris 2024.
91% of Orgs Report Use of Gen AI for Cybersecurity – May 1st
Splunk reported that 91% of organizations reported the use of Generative AI for specific cybersecurity usage. The report “State of Security 2024: The Race to Harness AI” also disclosed that 93% of security leaders said public Gen AI was in use across their respective organizations, among other insightful statistics on Gen AI's impact on cybersecurity.
Rise in ‘brute force’ attacks on VPNs
The past four weeks have seen a sharp global increase in ‘brute force’ attacks on virtual private network (VPN) services, which supply private networks using encryption over the internet. ‘Brute force’ attacks use trial and error to crack passwords, login credentials, and encryption keys. New life has been breathed into what is an old hacking technique with widely available software using artificial intelligence (AI) that can carry out large numbers of attempts automatically. Cisco Talos Intelligence Group reports a sharp rise worldwide in this type of attack against targets, including virtual private network (VPN) services and web authentication interfaces. “Cisco Talos has been actively monitoring a global increase in brute-force attacks against a variety of targets, including Virtual Private Network (VPN) services, web application authentication interfaces, and SSH services since at least March 18, 2024. The traffic related to these attacks has increased with time and is likely to continue to rise,” predicts Cisco Talos
Cisco bets the farm on Splunk
Cisco’s US$28 billion acquisition of cybersecurity firm Splunk is the largest acquisition in the networking giant’s history. It is now being seen as a clear signpost for the future value of cybersecurity companies worldwide. The price paid for the 20-year-old San Francisco company represented over 12 percent of Cisco’s US$198 billion market capitalization. The $28 billion acquisition was closed within only six months, at a time when many large mergers are being blocked or delayed by regulators. “We will revolutionize the way our customers leverage data to connect and protect every aspect of their organization as we help power and protect the AI revolution,” said Cisco CEO Chuck Robbins.
Finland Police Accuse Chinese APT31 Group of 2020 Parliament Attack – March 29th
Following the US-led sanctions on Chinese individuals behind the Chinese APT31 group, the Police of Finland formally accused the group of hacking Finland's parliament in 2020. The country's law enforcement confirmed the connections between the breach and the Chinese group, claiming to have identified one specific suspect.
Facebook’s “Project Ghostbusters” Discovered to Spy on Snapchat Traffic – March 27th
A federal court in California earlier this week released documents that revealed Facebook's 2016 "Project Ghostbusters" campaign. The campaign was designed to mine Snapchat user data to understand their behavior better. The project was a part of Facebook's In-App Action Panel (IAPP) program, which used techniques to intercept and decrypt encrypted app traffic from Snapchat and, later, from YouTube and Amazon.
Ransomware Payments Reach a Collective Payout Estimated at $1B in 2023 – February 8th
According to Chainalysis, the estimated total value received by ransomware attackers reached $1.1B in 2023. The Chainalysis report also states that the estimated $1.1B only pertains to ransomware demands collected, and does not account for operational and third-party disruption costs.
Businesses turn their back on GenAI
The reaction of businesses to the introduction of generative AI (GenAI) in the year since the launch of Microsoft-backed ChatGPT is one of increasing suspicion and disappointment. Over one in four organizations have banned the use of GenAI outright. The majority of companies are now also refusing to trust a technology that has already gained a reputation for making errors and even entirely fabricating information, a failing that is referred to as “hallucinating”. According to Cisco’s newly-released 2024 Data Privacy Benchmark Study, 68 percent of organizations mistrust GenAI because it gets results wrong and 69 percent also believe it could hurt their company’s legal rights. The study draws on responses from 2,600 privacy and security professionals across 12 geographies.
Google to Test Third-Party Cookies Restrictions by End of 2024 – January 5th
As part of Google's "Privacy Sandbox" initiative, Google Chrome plans to test removing third-party cookies for 1% of its users by the end of 2024. Going against the pleas of Google-focused advertisers, Google's move to remove these third-party cookies used to track user data to build targeted advertiser profiles aims to enhance the web browser's data privacy.
New Sophisticated Attacks Demonstrated by Disney+ Impersonators – December 6th
Abnormal Security published a study revealing a Disney+ impersonation attack, demonstrating never-before-seen phishing tactics. The cybercriminals initiated the impersonation attack through an auto-generated notification email, about pending charges for their Disney+ subscription. The emails also demonstrated customized PDFs, with legitimate numbers & emails, inflated charges, and believable branding.
SiegedSec threat actors breach NATO – October 6th
Cybersecurity firm, CloudSEK is looking deeper into the leaked data from NATO, an attack claimed by the SiegedSec threat actors. SiegedSec threat actors, who announced this attack on a Telegram group, claim to not be a state-sponsored group. Instead, their attacks are based on 'hacktivism' or 'just for fun'. This attack on NATO has reportedly compromised 845MB of sensitive information from the organization, impacting 31 nations. NATO is now investigating the SiegedSec claims and is working together with firms to strengthen their cybersecurity efforts so this kind of attack will not be replicated.