Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Automation. Show all posts
Trust
AI Automation Biometrics consent Cybersecurity Data Ethics Intelligence Privacy Regulation Security surveillance Technology Transparency Trust

Public Wary of AI-Powered Data Use by National Security Agencies, Study Finds

 

A new report released alongside the Centre for Emerging Technology and Security (CETaS) 2025 event sheds light on growing public unease around automated data processing in national security. Titled UK Public Attitudes to National Security Data Processing: Assessing Human and Machine Intrusion, the research reveals limited public awareness and rising concern over how surveillance technologies—especially AI—are shaping intelligence operations.

The study, conducted by CETaS in partnership with Savanta and Hopkins Van Mil, surveyed 3,554 adults and included insights from a 33-member citizens’ panel. While findings suggest that more people support than oppose data use by national security agencies, especially when it comes to sensitive datasets like medical records, significant concerns persist.

During a panel discussion, investigatory powers commissioner Brian Leveson, who chaired the session, addressed the implications of fast-paced technological change. “We are facing new and growing challenges,” he said. “Rapid technological developments, especially in AI [artificial intelligence], are transforming our public authorities.”

Leveson warned that AI is shifting how intelligence gathering and analysis is performed. “AI could soon underpin the investigatory cycle,” he noted. But the benefits also come with risks. “AI could enable investigations to cover far more individuals than was ever previously possible, which raises concerns about privacy, proportionality and collateral intrusion.”

The report shows a divide in public opinion based on how and by whom data is used. While people largely support the police and national agencies accessing personal data for security operations, that support drops when it comes to regional law enforcement. The public is particularly uncomfortable with personal data being shared with political parties or private companies.

Marion Oswald, co-author and senior visiting fellow at CETaS, emphasized the intrusive nature of data collection—automated or not. “Data collection without consent will always be intrusive, even if the subsequent analysis is automated and no one sees the data,” she said.

She pointed out that predictive data tools, in particular, face strong opposition. “Panel members, in particular, had concerns around accuracy and fairness, and wanted to see safeguards,” Oswald said, highlighting the demand for stronger oversight and regulation of technology in this space.

Despite efforts by national security bodies to enhance public engagement, the study found that a majority of respondents (61%) still feel they understand “slightly” or “not at all” what these agencies actually do. Only 7% claimed a strong understanding.

Rosamund Powell, research associate at CETaS and co-author of the report, said: “Previous studies have suggested that the public’s conceptions of national security are really influenced by some James Bond-style fictions.”

She added that transparency significantly affects public trust. “There’s more support for agencies analysing data in the public sphere like posts on social media compared to private data like messages or medical data.”
Read more »
Technology
AI Automation Business Enterprise Organization security Technology

Threat Alert: Hackers Using AI and New Tech to Target Businesses

Threat Alert: Hackers Using AI and New Tech to Target Businesses

Hackers are exploiting the advantages of new tech and the availability of credentials, commercial tools, and other resources to launch advanced attacks faster, causing concerns among cybersecurity professionals. 

Global Threat Landscape Report 2025

The 2025 Global Threat Landscape Report by FortiGuard Labs highlights a “dramatic escalation in scale and advancement of cyberattacks” due to the fast adoption of the present hostile tech and commercial malware and attacker toolkits.  

According to the report, the data suggests cybercriminals are advancing faster than ever, “automating reconnaissance, compressing the time between vulnerability disclosure and exploitation, and scaling their operations through the industrialization of cybercrime.”

According to the researchers, hackers are exploiting all types of threat resources in a “systematic way” to disrupt traditional advantages enjoyed by defenders. This has put organizations on alert as they are implementing new defense measures and leveling up to mitigate these changing threats. 

Game changer AI

AI has become a key tool for hackers in launching phishing attacks which are highly effective and work as initial access vectors for more harmful attacks like identity theft or ransomware.

A range of new tools such as WormGPT and FraudGPT text generators; DeepFaceLab and Faceswap deepfake tools; BlackmailerV3, an AI-driven extortion toolkit for customizing automatic blackmail emails, and AI-generated phishing pages like Robin Banks and EvilProxy, making it simple for threat actors to make a swift and dirty cybercrime business. 

The report highlights that the growing cybercrime industry is running on “cheap and accessible wins.” With AI evolving, the bar has dropped for cybercriminals to access tactics and intelligence needed for cyberattacks “regardless of an adversary's technical knowledge.”

These tools also allow cybercriminals to build better and more convincing phishing threats and scale a cybercriminal enterprise faster, increasing their success rate. 

Attackers leveraging automated scanning

Attackers are now using automated scanning for vulnerable systems reaching “unprecedented levels” at billions of scans per month, 36,000 scans every second. The report suggests a yearly rise in active scanning to 16.7%. The defenders have less time to patch vulnerable systems due to threat actors leveraging automation, disclosing security loopholes impacting organizations. 

According to researchers, “Tools like SIPVicious and commercial scanning tools are weaponized to identify soft targets before patches can be applied, signaling a significant 'left-of-boom' shift in adversary strategy.”

Read more »
Technology
Automation Cybersecurity Infrastructure Innovation Integration Manufacturing Technology

Critical Infrastructure at Risk: Why OT-IT Integration is Key to Innovation and Cybersecurity

 

As cyberattacks grow more advanced, targeting the essential systems of modern life—from energy pipelines and manufacturing plants to airports and telecom networks—governments are increasing pressure on industries to fortify their digital and physical defenses.

A series of high-profile breaches, including the shutdown of Seattle’s port and airport and disruptions to emergency services in New York, have triggered calls for action. As early as 2020, agencies like the NSA and CISA urged critical infrastructure operators to tighten their cybersecurity frameworks.

Despite this, progress has been gradual. Many businesses remain hesitant due to perceived costs. However, experts argue that merging operational technology (OT)—which controls physical equipment—with information technology (IT)—which manages digital systems—offers both protection and growth potential.

This fusion not only enhances reliability and minimizes service interruptions, but also creates opportunities for innovation and revenue generation, as highlighted by experts in a recent conversation with CIO Upside.

“By integrating (Internet-of-Things) and OT systems, you gain visibility into processes that were previously opaque,” Sonu Shankar, chief product officer at Phosphorus, told CIO Upside. Well-managed systems are a “launchpad for innovation,” said Shankar, allowing enterprises to make use of raw operational data.

“This doesn’t just facilitate operational efficiencies — it would potentially generate new revenue streams born from integrated visibility,” Shankar added.

Understanding OT and Its Role

Operational technology refers to any hardware or system essential to a business’s core services—such as factory machinery, production lines, logistics hubs, and even connected office devices like smart printers.

Upgrading these legacy systems might seem overwhelming, particularly for industries reliant on outdated hardware. But OT-IT convergence doesn’t have to be expensive. In fact, several affordable and scalable solutions already exist.

Technologies such as network segmentation, zero trust architecture, and cloud-based OT-IT platforms provide robust protection and visibility:

Network segmentation breaks a primary network into smaller, isolated units—making it harder for unauthorized users to access critical systems.

Zero trust security continuously verifies users and devices, reducing the risks posed by human error or misconfigurations.

Cloud platforms offer centralized insights, historical logs, automated system upkeep, and AI-powered threat detection—making it easier to anticipate and prevent cyber threats.

Fused OT-IT environments lay the groundwork for faster product development and better service delivery, said James McQuiggan, security awareness advocate at KnowBe4.

“When OT and IT systems can communicate effectively and securely across multiple platforms and teams, the development cycle is more efficient and potentially brings products or services to market faster,” he said. “For CIOs, they are no longer just supporting the business, but shaping what it will become.”

As digital threats escalate and customer expectations rise, the integration of OT and IT is no longer optional—it’s a strategic imperative for security, resilience, and long-term growth
Read more »
Vulnerabilities
Automation Backup Cyber Security Exploits Infrastructure Vulnerabilities

CISA Highlights Major Vulnerabilities in Critical Infrastructure Systems

 

The Cybersecurity and Infrastructure Security Agency (CISA) has released two significant advisories focused on Industrial Control Systems (ICS), urging swift action from organizations operating within vital infrastructure sectors. These advisories—ICSA-25-091-01 and ICSA-24-331-04—highlight newly discovered vulnerabilities that could pose severe threats if left unaddressed.

ICSA-25-091-01 focuses on a critical vulnerability affecting Rockwell Automation's Lifecycle Services, which integrate with Veeam Backup and Replication. This issue stems from improper deserialization of untrusted data (CWE-502)—a known risk that allows remote attackers to execute malicious code. The flaw has received a CVSS v4 score of 9.4, indicating a high-severity, low-complexity threat that is remotely exploitable.

Impacted products include:

  • Industrial Data Center (IDC) with Veeam (Generations 1-5)
  • VersaVirtual Appliance (VVA) with Veeam (Series A-C)
If exploited, the vulnerability could give attackers with admin rights full access to execute arbitrary code, potentially leading to complete system takeover.

"CISA urges organizations to take immediate defensive measures to mitigate the risk, including:
• Minimizing network exposure for all control systems and ensuring they are not directly accessible from the internet.
• Using secure access methods like Virtual Private Networks (VPNs) when remote access is necessary.
• Keeping VPNs up to date to prevent vulnerabilities from being exploited."

Rockwell Automation is collaborating with CISA to inform affected clients—especially those under Infrastructure Managed Service contracts—about available patches and remediation steps.

ICSA-24-331-04 draws attention to multiple security flaws in Hitachi Energy’s MicroSCADA Pro/X SYS600, a system widely used in energy and manufacturing sectors. These vulnerabilities include improper query logic handling, session hijacking via authentication bypass, and path traversal risks.

The most critical issue, CVE-2024-4872, carries a CVSS v3 score of 9.9, making it one of the most severe. It enables attackers with valid credentials to inject harmful code into the system, risking unauthorized access and corruption of persistent data.

Other issues include:
  • CVE-2024-3980: Lack of proper file path limitations
  • Exposure to further system compromise if not promptly patched
"Hitachi Energy has released patches for the affected versions, including a critical update to Version 10.6 for MicroSCADA Pro/X SYS600. Users are also advised to apply necessary workarounds and stay updated with security patches to protect against exploitation."

CISA strongly advises organizations using these systems to implement all recommended mitigations without delay to minimize potential risks.
Read more »
Data Analytics
Automation cyber resilience Cyber Security Cyber Security Tool cybersecurity best practices Cybersecurity Experts Data Analytics

Integrating Human Expertise and Technology for Robust Cybersecurity

 

In today’s complex digital landscape, the role of human expertise in cybersecurity remains indispensable. Two pivotal approaches — human-led security testing and human-centric cybersecurity (HCC) — have gained prominence, each contributing distinct strengths. However, these strategies often function in silos, creating fragmented defenses. To achieve comprehensive cyber resilience, organizations must integrate these methods with advanced technologies like automation and data analytics.

Human-led security testing leverages the intuition and expertise of cybersecurity professionals. Ethical hackers and penetration testers bring invaluable insights, uncovering vulnerabilities that automated tools may overlook. Their ability to simulate real-world attack scenarios allows organizations to anticipate and neutralize sophisticated cyber threats dynamically. This approach ensures tailored defenses capable of adapting to specific challenges.

On the other hand, human-centric cybersecurity (HCC) focuses on empowering end users by designing security measures that align with their behaviours and limitations. Traditional tools often burden users with complexity, leading to risky workarounds. HCC addresses this by creating intuitive, accessible solutions that seamlessly integrate into daily workflows. When users perceive these measures as helpful rather than obstructive, compliance improves, enhancing overall security frameworks.

Technology acts as a vital bridge between these human-driven approaches. Automation and data analytics provide scalability and efficiency, handling repetitive tasks and processing vast data volumes. Real-time threat intelligence and continuous monitoring enable organizations to identify and respond to emerging risks quickly. This technological backbone allows human experts to focus on addressing complex, strategic challenges.

Integrating these elements fosters a proactive security culture where people, not just systems, are central to defense strategies. Educating employees, conducting regular threat simulations, and promoting secure behaviors through incentives help build shared responsibility for cybersecurity. Research forecasts that by 2027, half of large enterprises will adopt HCC strategies, prioritizing security behavior and culture programs (SBCPs). These initiatives utilize simulations, automation, and analytics to encourage informed decision-making and enhance incident reporting.

A holistic cybersecurity approach blends human intuition, user-friendly processes, and technology-driven efficiency. Human-led testing uncovers evolving threats, while HCC empowers employees to respond confidently to risks. Automation and analytics amplify these efforts, providing actionable insights and driving continuous improvements. Together, these elements create a robust, forward-thinking cybersecurity environment capable of meeting the challenges of an ever-evolving digital world.

Read more »
System Vulnerability
Automation Jenkins malware Ransomware System Vulnerability

Critical Jenkins RCE Vulnerability: A New Target for Ransomware Attacks


Recently, the CISA (Cybersecurity and Infrastructure Security Agency) warned about a critical remote code execution (RCE) vulnerability in Jenkins, a widely used open-source automation server. This vulnerability, CVE-2024-23897, has been actively exploited in ransomware attacks, posing a significant risk to organizations relying on Jenkins for their continuous integration and continuous delivery (CI/CD) processes.

Understanding the Vulnerability

The Jenkins RCE vulnerability stems from a flaw in the args4j command parser, a library used by Jenkins to parse command-line arguments. This flaw allows attackers to execute arbitrary code on the Jenkins server by sending specially crafted requests. The vulnerability can also be exploited to read arbitrary files on the server, potentially exposing sensitive information.

The args4j library is integral to Jenkins’ functionality, making this vulnerability particularly concerning. Attackers exploiting this flaw can gain full control over the Jenkins server, enabling them to deploy ransomware, steal data, or disrupt CI/CD pipelines. Given Jenkins’ widespread use in automating software development processes, the impact of such an exploit can be far-reaching.

The Impact of Exploitation

The exploitation of the Jenkins RCE vulnerability has already been observed in several ransomware attacks. Ransomware, a type of malware that encrypts a victim’s data and demands payment for its release, has become a prevalent threat in recent years. By exploiting the Jenkins vulnerability, attackers can access critical infrastructure, encrypt valuable data, and demand ransom payments from affected organizations.

The consequences of a successful ransomware attack can be devastating. Organizations may face significant financial losses, operational disruptions, and reputational damage. In some cases, the recovery process can be lengthy and costly, further exacerbating the impact of the attack. As such, it is crucial for organizations using Jenkins to take immediate action to mitigate the risk posed by this vulnerability.

What to do?

  • Ensure that Jenkins and all installed plugins are updated to the latest versions. The Jenkins community regularly releases security updates that address known vulnerabilities. Keeping the software up-to-date is a critical step in protecting against exploitation.
  • Apply any available security patches for the args4j library and other components used by Jenkins. These patches are designed to fix vulnerabilities and should be applied as soon as they are released.
  • Limit network access to Jenkins servers to only trusted IP addresses. By restricting access, organizations can reduce the attack surface and prevent unauthorized users from exploiting the vulnerability.
  • Use strong authentication mechanisms, such as multi-factor authentication (MFA), to secure access to Jenkins servers. MFA adds an additional layer of security, making it more difficult for attackers to gain unauthorized access.
  • Regularly monitor Jenkins logs and network traffic for signs of suspicious activity. Early detection of potential exploitation attempts can help organizations respond quickly and mitigate the impact of an attack.
  • Ensure that critical data is regularly backed up and stored securely. In the event of a ransomware attack, having reliable backups can facilitate data recovery without paying the ransom.

Read more »
Vulnerability management
AI Automation Cyber Threats Technology Vulnerability management

AI and Vulnerability Management: Industry Leaders Show Positive Signs

AI and Vulnerability Management: Industry Leaders Show Positive Signs

Positive trend: AI and vulnerability management

We are in a fast-paced industry, and with the rise of technological developments each day, the chances of cyber attacks always arise. Hence, defense against such attacks and cybersecurity becomes paramount. 

The latest research into the cybersecurity industry by Seemplicity revealed that 91% of participants claim their security budget is increasing this year. It shows us the growing importance of cybersecurity in organizations.

Understanding report: An insight into industry leaders' mindset

A survey of 300 US cybersecurity experts to understand views about breathing topics like automation, AI, regulatory compliance, vulnerability and exposure management. Organizations reported employing 38 cybersecurity vendors, highlighting sophisticated complexity and fragmentation levels within the attack surfaces. 

The fragmentation results in 51% of respondents feeling high levels of noise from the tools, feeling overwhelmed due to the traffic of notifications, alerts, and findings, most of which are not signaled anywhere. 

As a result, 85% of respondents need help with handling this noise. The most troubling challenge reported being slow or delayed risk reduction, highlighting the seriousness of the problem, because of the inundating noise slowing down effective vulnerability identification and therefore caused a delay in response to threats. 

Automation and vulnerability management on the rise

97% of respondents cited methods (at least one) to control noise, showing acceptance of the problem and urgency to resolve it. 97% showed some signs of automation, hinting at a growth toward recognizing the perks of automation in vulnerability and exposure management. The growing trend towards automation tells us one thing, there is a positive adoption response. 

However, 44% of respondents still rely on manual methods, a sign that there still exists a gap to full automation.

But the message is loud and clear, automation has helped in vulnerability and exposure management efficiency, as 89% of leaders report benefits, the top being a quicker response to emergency threats. 

AI: A weapon against cyber threats

The existing opinion (64%) that AI will be a key force against fighting cyber threats is a positive sign showing its potential to build robust cybersecurity infrastructure. However, there is also a major concern (68%) about the effects of integrating AI into software development on vulnerability and exposure management. AI will increase the pace of code development, and the security teams will find it difficult to catch up. 

Read more »
Technology
AI Automation Cyber Threats Security survey Technology

AI's Rapid Code Development Outpaces Security Efforts

 


As artificial intelligence (AI) advances, it accelerates code development at a pace that cybersecurity teams struggle to match. A recent survey by Seemplicity, which included 300 US cybersecurity professionals, highlights this growing concern. The survey delves into key topics like vulnerability management, automation, and regulatory compliance, revealing a complex array of challenges and opportunities.

Fragmentation in Security Environments

Organisations now rely on an average of 38 different security product vendors, leading to significant complexity and fragmentation in their security frameworks. This fragmentation is a double-edged sword. While it broadens the arsenal against cyber threats, it also results in an overwhelming amount of noise from security tools. 51% of respondents report being inundated with alerts and notifications, many of which are false positives or non-critical issues. This noise significantly hampers effective vulnerability identification and prioritisation, causing delays in addressing real threats. Consequently, 85% of cybersecurity professionals find managing this noise to be a substantial challenge, with the primary issue being slow risk reduction.

The Rise of Automation in Cybersecurity

In the face of overwhelming security alerts, automation is emerging as a crucial tool for managing cybersecurity vulnerabilities. According to a survey by Seemplicity, 95% of organizations have implemented at least one automated method to manage the deluge of alerts. Automation is primarily used in three key areas:

1. Vulnerability Scanning: 65% of participants have adopted automation to enhance the precision and speed of identifying vulnerabilities, significantly streamlining this process.

2. Vulnerability Prioritization: 53% utilise automation to rank vulnerabilities based on their severity, ensuring that the most critical issues are addressed first.

3. Remediation: 41% of respondents automate the assignment of remediation tasks and the execution of fixes, making these processes more efficient.

Despite these advancements, 44% still rely on manual methods to some extent, highlighting obstacles to complete automation. Nevertheless, 89% of cybersecurity leaders acknowledge that automation has increased efficiency, particularly in accelerating threat response.

AI's Growing Role in Cybersecurity

The survey highlights a robust confidence in AI's ability to transform cybersecurity practices. An impressive 85% of organizations intend to increase their AI spending over the next five years. Survey participants expect AI to greatly enhance early stages of managing vulnerabilities in the following ways:

1. Vulnerability Assessment: It is argued by 38% of the demographic that AI will  boost the precision and effectiveness of spotting vulnerabilities.

2. Vulnerability Prioritisation: 30% view AI as crucial for accurately ranking vulnerabilities based on their severity and urgency.

Additionally, 64% of respondents see AI as a strong asset in combating cyber threats, indicating a high level of optimism about its potential. However, 68% are concerned that incorporating AI into software development will accelerate code production at a pace that outstrips security teams' ability to manage, creating new challenges in vulnerability management.


Views on New SEC Incident Reporting Requirements

The survey also sheds light on perspectives regarding the new SEC incident reporting requirements. Over half of the respondents see these regulations as opportunities to enhance vulnerability management, particularly in improving logging, reporting, and overall security hygiene. Surprisingly, fewer than a quarter of respondents view these requirements as adding bureaucratic burdens.

Trend Towards Continuous Threat Exposure Management (CTEM)

A trend from the survey is the likely adoption of Continuous Threat Exposure Management (CTEM) programs by 90% of respondents. Unlike traditional periodic assessments, CTEM provides continuous monitoring and proactive risk management, helping organizations stay ahead of threats by constantly assessing their IT infrastructure for vulnerabilities.

The Seemplicity survey highlights both the challenges and potential solutions in the evolving field of cybersecurity. As AI accelerates code development, integrating automation and continuous monitoring will be essential to managing the increasing complexity and noise in security environments. Organizations are increasingly recognizing the need for more intelligent and efficient methods to stay ahead of cyber threats, signaling a shift towards more proactive and comprehensive cybersecurity strategies.

Read more »
Subscribe to: Posts (Atom)