Apple cancels car project, instead ramping up this initiative… – CyberTalk

Apple cancels car project, instead ramping up this initiative… – CyberTalk

EXECUTIVE SUMMARY:

Apple has spent years and billions of dollars not-so-secretly preparing for the release of a luxurious electric vehicle with self-driving features. After years of work, the project is ultimately being canceled.

In a meeting earlier today, the company announced the change and noted that many of the engineers who were involved in “Project Titan” will join Apple’s artificial intelligence division.

Apple’s artificial intelligence

Since ChatGPT’s launch, Apple has been conspicuously quiet on the topic of artificial intelligence. That doesn’t mean that the company doesn’t have big plans in store though…

The company is developing a chatbot of its own – internally known as Apple GPT. The tool operates on a proprietary foundational model, which experts speculate will align with its brand, user experience and privacy standards.

Apple senior vice presidents John Giannandrea and Craig Federighi are leading this AI initiative. Eddy Cue, Apple’s head of services, is also involved. The group is expected to spend roughly $1 billion per year on product development.

iOS and AI

In other Apple AI projects, at least one software engineering group has been tasked with adding AI to the next version of iOS. Features will be built using the company’s LLM, trained on an extensive and diverse dataset.

The new features may improve how Siri and the Messages app can answer questions and auto-complete sentences.

For example, for Siri, AI could lead to better responses to multi-step questions. If you were to ask Siri “Who directed the movie ‘Inception’ and what other films did the director create?” with AI, Siri might be able to provide a concise, audio-based answer, followed by additional details about the director’s cinamatography.

And the Messages app could become better at predicting what users intend to type. As inputs are given, it might offer more context-aware suggestions with which to complete sentences.

Apps and AI

Apple’s software engineering teams may also integrate generative AI into development tools such as Xcode – this type of transformation could enable app developers to produce applications more quickly.

AI is expected to be added to as many apps as possible. Apple is exploring new features for Apple Music, including auto-generated playlists, a function that Spotify and OpenAI have previously collaborated on.

On-device vs. cloud deployment

One internal Apple conversation centers around how to deploy generative AI. Should it be an on-device experience in entirety, a cloud-based set-up or split between the two?

The on-device approach would operate more efficiently and help safeguard privacy. Yet, deploying Apple’s LLMs through the cloud would allow for greater agility and perhaps more advanced pursuits.

But the on-device strategy would render it more challenging for Apple to update its technology – thus, experts currently anticipate a combined approach.

Additional AI insights

At this point, generative AI is so much more than a buzzword. For more generative AI insights from experts, please see CyberTalk.org’s past coverage.

Lastly, subscribe to the CyberTalk.org newsletter for timely discussions, cutting-edge analyses and more, delivered straight to your inbox each week.

Akira ransomware prevention and defense 2024

Akira ransomware prevention and defense 2024

EXECUTIVE SUMMARY:

In March of 2023, the first Akira ransomware strain was observed in the wild. Since then, the group has compromised over 100 different organizations, targeting those in the financial, manufacturing, real-estate, healthcare and medical sectors.

Akira operates on a Ransomware-as-a-Service (RaaS) model and typically deploys a double-extortion scheme. This involves exfiltrating sensitive data prior to device encryption and insisting on a ransom in exchange for withholding the data from the group’s TOR leak site.  

Most recently, Akira interrupted a U.S. emergency dispatch system, causing a nine-day operational outage. During the outage, dispatchers relied on backup systems. As of the present writing, full system restoration is still a work-in-progress.

About Akira

The group is believed to have taken its name from the 1988 cult anime film of the same name, which depicts biker gangs in a dystopian Tokyo. The Akira ransomware gang is known for use of a retro aesthetic on victims’ sites, reminiscent of the 1980’s green screen consoles.

Cyber security researchers have uncovered evidence linking the Akira group to the notorious Conti ransomware operation. In at least three separate cryptocurrency transactions, Akira criminals appear to have sent the full amount of the ransom payment to Conti-affiliated addresses.

The overlap of cryptocurrency wallets indicates that the individual controlling the address or wallet has either splintered off from the original group, or is working with two different groups simultaneously.

How Akira operates

Akira commonly breaches systems by obtaining unauthorized access to the target organization’s VPNs, as through a compromised username/password combination.

After sneaking in through an endpoint, Akira typically uses any of several methods to acquire permissions that enable lateral network movement.

These methods include orchestrating a mini-dump of the LSASS (Local Security Authority Subsystem Service) process memory, obtaining credentials stored in the Active Directory database and exploiting known vulnerabilities in backup software.

Advanced persistence mechanisms

Akira ordinarily deploys tools and techniques like Remote Desktop Protocol (RDP), Server Message Block (SMB), impacket module wmiexec, and a service manager tool known as nssm.exe, in order to gain persistence within systems.

As is the case among many cyber criminal groups, Akira also attempts to uninstall or disable security defenses, including anti-malware and network monitoring tools.

Beyond that, the group tends to use the runas command (a Windows command-line tool that allows for the execution of scripts, apps…etc., with different user permissions from the currently logged-in user) in order to execute commands.

This, in turn, makes tracking hacker activities more difficult for defenders.

Akira and C2 mechanisms

Most ransomware attackers weaponize a command and control (C2) mechanism to execute activities. The C2 system establishes communication with and exerts control over a compromised machine or network.

The C2 server can potentially be used to manage the ransomware deployment and to initiate the encryption of data on targeted systems. For the purpose of establishing persistent remote access to multiple systems within the network, Akira seems to prefer AnyDesk.

Akira and data exfiltration

Akira uses a number of different tools when it comes to data exfiltration. These include WinRAR, WinSCP, rclone, and MEGA.

After data exfiltration, Akira demands a ransom from victims. In the event that the ransom goes unpaid, the group will leak stolen data on its TOR site, as previously mentioned.

Akira’s encryption tactic

To encrypt a given target’s data, Akira relies on a combination of AES and RSA algorithms. The group will also purge Windows Shadow Volume Copies from devices by running a PowerShell command. For victims, this massively complicates the process of independently restoring systems and recovering encrypted data.

Recommended means of preventing and defending against Akira’s ransomware

1. Address identity and access management.

Enhance access controls. Implement multi-factor authentication (MFA). Akira can gain initial access via unauthorized logins to VPNs through accounts that lack MFA. This seemingly simplistic safeguard can significantly limit the risk of unauthorized access.

2. Store credentials securely.

As noted earlier, Akira deploys a variety of tactics to obtain credentials. These tactics include execution of a mini-dump of the LSASS process memory, retrieving credentials stored in the Active Directory database and leveraging vulnerabilities in backup services.

To that effect, organizations need to take care when it comes to credential management. Credentials should be stored securely, and regularly updated. Backup services must also be appropriately secured.

3. Elevate your patch management protocol.

Akira commonly exploits vulnerabilities in VPN software. Thus, regular patching and updating of software can proactively prevent Akira attacks.

4. Monitor your network like a ninja.

Akira relies on built-in commands and tools to identify an environment’s systems and to learn about the status of target devices. Detect duplicitous behavior by monitoring for unusual network activity.

Your organization should also monitor for data exfiltration. Look for substantial data transfers and unusual network patterns.

5. Secure C2 channels.

Akira uses widely recognized dual-use agents, such as AnyDesk, to establish persistent remote access. Remain vigilant in regards to abnormal remote access activities and fortify Command and Control (C2) channels. This can be of tremendous assistance when it comes to thwarting potential attacks.

6. Secure remote desktop protocol.

Akira frequently employes Remote Desktop Protocol (RDP), using legitimate local administrator user accounts to facilitate lateral movement. Enhancing the security of RDP and staying vigilant for atypical RDP activity can be effective in preventing lateral movement.

7. Implement endpoint protection.

Akira usually attempts to uninstall endpoint protections as a means of evading detection. Deploying robust endpoint protection measures and consistently monitoring for efforts to disable or uninstall such safeguards can also assist with attack prevention and detection.

Related resources

  • The 10 most dangerous ransomware groups right now – Read article
  • Secure your data. Explore endpoint security solutions – Learn more
  • Identity and access management solution free trial – Click here

National Change Your Password Day – 2024

National Change Your Password Day – 2024

EXECUTIVE SUMMARY:

National Change Your Password Day is celebrated on the first of February each year, as a day of awareness.

As you already know, credential exploitation is unbelievably profitable for cyber criminals. More than 775 million credentials are currently available for sale on the dark web. Bank account details sell for more than $4,000 each.

Regular password rotation, combined with adherence to password creation best practices, prevents hackers from guessing passwords, using tools to crack passwords, and from effectively weaponizing credentials purchased through underground marketplaces.

National Change Your Password Day might not have the allure of other holidays (the naming consultants were apparently on vacation when it was created), but the day serves as a reminder for organizations to enhance password security measures.

Unauthorized organizational data access could result in lost revenue, lost market share and lost company credibility. But stop losing sleep over it. Upgrade your password security strategy with the following tips:

7 easy password security upgrades that you can implement today

1. Identity and access management (IAM). Automated identity and access management solutions boost security and provide administrators with greater control over users’ access to systems.

In turn, IAM empowers organizations to prevent identity theft, to limit data loss, and to stop unauthorized access to sensitive business data.

2. Educate employees about best practices. Remind in-office employees to avoid writing passwords down on sticky notes. Tell employees not to save passwords to browsers, as a wide range of malware and extensions can extract sensitive data from them.

Inform employees about the risks of using the same password over and over again, with different numbers at the end. Explain that hackers know that people commonly end passwords with exclamation points. Reinforce information about the risks associated with sharing login credentials.

These are just a handful of specific, yet extremely important, things about which to educate employees.

3. Limit the number of allowed password attempts. While it’s true that employees occasionally forget their passwords, cyber criminals are liable to exploit access attempt opportunities for their own gain.

In a classic example, a cyber criminal may obtain an employee’s email address, and then request a password reset. Depending on the reset set-up, the cyber criminal may attempt to match the recovered password to a variety of different accounts and systems, in an effort to break in.

Placing a limit on the number of allowed password attempts increases password security, as it reduces the chance that someone will successfully manipulate systems by matching a password and usernames.

4. Audit systems for extraneous employee accounts. Occasionally, employees create backdoor access to computer systems, for legitimate purposes, by creating multiple user accounts.

The extra accounts enable employees to perform additional task functions for the enterprise. However, if an employee with multiple accounts for a given service leaves the organization, they can potentially use the accounts as access points for unauthorized entry into network systems.

Organizations should audit network systems where possible and delete extraneous accounts.

5. Consider password management tools. The majority of web browsers do offer basic password managers these days. But, they don’t offer as much value as dedicated password managers.

Password managers generate extremely strong passwords. Some password managers also offer passwordless authentication support, meaning that people can login with a one-time code, biometric authentication, a security key or Passkeys.

While there isn’t a 100% secure password management solution, password managers can serve as a useful support mechanism within a broader cyber security framework.

6. Ensure that two-step authentication has been implemented. Also known as multi-factor authentication, two step-authentication adds complexity to the login process, making it more difficult for a cyber criminal to gain illicit account access.

Two-step authentication enhances the overall resilience of digital identities and also helps to foster a culture of cyber security, as two-step auth means that users must actively participate in fortifying their online presence.

These days, two-step authentication is considered an essential element of a robust password security strategy.

7. Advanced anomaly detection systems. These types of systems can identify irregular patterns in login behavior. These include unusual access times, duplicative access, and logins from unfamiliar locations.

Admins can set up corresponding alerts and notifications. Personnel should regularly review and analyze logs generated by systems and are encouraged to take proactive measures in order to address any apparent risks.

Further information

If you’re wondering about the security of your accounts, or those within your organization, Google’s Password Checkup can show you which Google email addresses and passwords have been compromised in a breach. Another site that can be used to reliably detect compromised email addresses and passwords is Have I Been Pwned.

National Change Your Password Day: Related Resources

  • 20 password management best practices – Info here
  • Gigya founder discusses passwordless authentication and new startup – See interview
  • Explore identity and access management resources and tools – Learn more

National Change Your Password Day – 2024 – Best Practices

National Change Your Password Day – 2024

EXECUTIVE SUMMARY:

National Change Your Password Day is celebrated on the first of February each year, as a day of awareness.

As you already know, credential exploitation is unbelievably profitable for cyber criminals. More than 775 million credentials are currently available for sale on the dark web. Bank account details sell for more than $4,000 each.

Regular password rotation, combined with adherence to password creation best practices, prevents hackers from guessing passwords, using tools to crack passwords, and from effectively weaponizing credentials purchased through underground marketplaces.

National Change Your Password Day might not have the allure of other holidays (the naming consultants were apparently on vacation when it was created), but the day serves as a reminder for organizations to enhance password security measures.

Unauthorized organizational data access could result in lost revenue, lost market share and lost company credibility. But stop losing sleep over it. Upgrade your password security strategy with the following tips:

7 easy password security upgrades that you can implement today

1. Identity and access management (IAM). Automated identity and access management solutions boost security and provide administrators with greater control over users’ access to systems.

In turn, IAM empowers organizations to prevent identity theft, to limit data loss, and to stop unauthorized access to sensitive business data.

2. Educate employees about best practices. Remind in-office employees to avoid writing passwords down on sticky notes. Tell employees not to save passwords to browsers, as a wide range of malware and extensions can extract sensitive data from them.

Inform employees about the risks of using the same password over and over again, with different numbers at the end. Explain that hackers know that people commonly end passwords with exclamation points. Reinforce information about the risks associated with sharing login credentials.

These are just a handful of specific, yet extremely important, things about which to educate employees.

3. Limit the number of allowed password attempts. While it’s true that employees occasionally forget their passwords, cyber criminals are liable to exploit access attempt opportunities for their own gain.

In a classic example, a cyber criminal may obtain an employee’s email address, and then request a password reset. Depending on the reset set-up, the cyber criminal may attempt to match the recovered password to a variety of different accounts and systems, in an effort to break in.

Placing a limit on the number of allowed password attempts increases password security, as it reduces the chance that someone will successfully manipulate systems by matching a password and usernames.

4. Audit systems for extraneous employee accounts. Occasionally, employees create backdoor access to computer systems, for legitimate purposes, by creating multiple user accounts.

The extra accounts enable employees to perform additional task functions for the enterprise. However, if an employee with multiple accounts for a given service leaves the organization, they can potentially use the accounts as access points for unauthorized entry into network systems.

Organizations should audit network systems where possible and delete extraneous accounts.

5. Consider password management tools. The majority of web browsers do offer basic password managers these days. But, they don’t offer as much value as dedicated password managers.

Password managers generate extremely strong passwords. Some password managers also offer passwordless authentication support, meaning that people can login with a one-time code, biometric authentication, a security key or Passkeys.

While there isn’t a 100% secure password management solution, password managers can serve as a useful support mechanism within a broader cyber security framework.

6. Ensure that two-step authentication has been implemented. Also known as multi-factor authentication, two step-authentication adds complexity to the login process, making it more difficult for a cyber criminal to gain illicit account access.

Two-step authentication enhances the overall resilience of digital identities and also helps to foster a culture of cyber security, as two-step auth means that users must actively participate in fortifying their online presence.

These days, two-step authentication is considered an essential element of a robust password security strategy.

7. Advanced anomaly detection systems. These types of systems can identify irregular patterns in login behavior. These include unusual access times, duplicative access, and logins from unfamiliar locations.

Admins can set up corresponding alerts and notifications. Personnel should regularly review and analyze logs generated by systems and are encouraged to take proactive measures in order to address any apparent risks.

Further information

If you’re wondering about the security of your accounts, or those within your organization, Google’s Password Checkup can show you which Google email addresses and passwords have been compromised in a breach. Another site that can be used to reliably detect compromised email addresses and passwords is Have I Been Pwned.

Related resources

  • 20 password management best practices – Info here
  • Gigya founder discusses passwordless authentication and new startup – See interview
  • Explore identity and access management resources and tools – Learn more

The all-star AI-powered, cloud-delivered security platform you need – CyberTalk

The all-star AI-powered, cloud-delivered security platform you need – CyberTalk

EXECUTIVE SUMMARY:

Cyber criminals are weaponizing advanced tactics, including intricate social engineering campaigns, to carry out malicious activities.

Last year, social engineering attempts rose by 464%. Often a result of social engineering attempts, ransomware attacks have reportedly increased by 90%.

Amidst this unsettling attack landscape, it can be difficult and stressful to secure data and networks effectively.

Cyber security in 2024

“Leveraging AI to drive better security outcomes is top of mind for CISOs, as they address both the expanding threat landscape and the cyber security talent shortage,” says Frank Dickson, Group Vice President, Security & Trust, IDC.

“When selecting an AI-powered cyber security solution, CISOs are looking for a return on investment through increased productivity and better efficacy,” says Dickson.

Check Point Infinity Platform

To address these relentless challenges and the latest, contemporary cyber security considerations, Check Point has just revealed its unified and comprehensive security solution – The Check Point Infinity Platform.

This advanced platform marks a new era in AI-powered, cloud-delivered cyber security, as the platform is specifically designed to meet the modern challenges of an evolving threat landscape.

“Embracing the future of cyber security, we’re pioneering an AI-powered, cloud-delivered platform that embodies the convergence of intelligence and accessibility,” said Gil Shwed, CEO & Founder, Check Point Software Technologies at CPX 2024.

“This platform is not just a solution but a revolution, leveraging decades of R&D to offer real-time, sophisticated defense mechanisms. It represents a leap toward a more secure, agile, and interconnected digital landscape, where protection is not just reactive, but predictive and proactive.”

AI Infinity Copilot

Integrating seamlessly across the Check Point Infinity Platform, Check Point is also introducing Infinity AI Copilot, a tactical assistant that’s infused with the power of generative AI.

This tooling can automate tasks, reduce the time required for routine tasks, and provide proactive solutions to cyber security threats.

Key capabilities of Infinity AI Copilot

1. Enhance security administration efficiency. Infinity AI Copilot can reduce the administrative workload for cyber security tasks by up to 90%. It can assist with event analysis, implementation and troubleshooting.

2. Streamline security policy management and deployment. Infinity AI Copilot can effortlessly manage, modify and automatically deploy access rules and security controls that are tailored to individual policies.

3. Boost incident mitigation and response. Utilize this AI for threat hunting, analysis and resolution, along with enhancing the effectiveness of incident management.

4. Oversee the entire solution landscape. AI Copilot seamlessly oversees all products within the complete Check Point Infinity Platform, serving as a competent, comprehensive assistant.

5. Enables natural language processing simplicity. Interacting with Infinity AI Copilot will seem similar to a natural conversation with a human. The tool ‘understands’ and responds via chat in nearly any language, ensuring a smooth interaction and efficient task completion.

Infinity AI Copilot is currently available in preview mode, with a full launch expected in Q2. Future developments include proactive assistance and autonomous policy management features.

Get the full story here.

Looking for more info about the latest cyber security solutions? Join us for CPX 2024. Register now.

Just-in-time provisioning: Defined, explained, explored – CyberTalk

Just-in-time provisioning: Defined, explained, explored – CyberTalk

EXECUTIVE SUMMARY:

Just-in-time (JIT) provisioning doesn’t quite get as much attention as other account authentication or access mechanisms, but that doesn’t mean that it isn’t worthwhile. If you’re curious about how just-in-time provisioning could benefit your organization, keep reading.

What is just-in-time (JIT) provisioning?

Just-in-time provisioning is a cyber security practice that provides users, processes, applications and systems with a certain level of access to resources for a limited length of time; as much as required to complete essential tasks.

In other words, it’s a way to provide secure privileged access while minimizing standing access.

Why does just-in-time provisioning matter for organizations?

Just-in-time provisioning reduces the risk of privileged access abuse and lateral network movement on the part of threat actors, allowing organizations to maintain a robust cyber security posture.

Just-in-time provisioning can also position organizations to better achieve compliance goals, as JIT not only minimizes the number of privileged users and sessions, but it also provides full audit trails of all privileged actions.

With just-in-time provisioning, new users can be added at-scale, meaning that new hires and acquired employees are no problem.

For many organizations, JIT is a component of a broader automation strategy. By automating the process of providing temporary access, organizations reduce manual intervention — eliminating admin review cycles and wait times — and allow for fast and accurate access provisioning.

What are the different types of just-in-time access?

  • Temporary elevation. This form of access permits a temporary increase in privileges, allowing users to have access to privileged accounts or to execute privileged commands on a per-instance and time-limited basis. Access is revoked after a specified time.
  • Ephemeral accounts. These are one-time-use accounts. They are created on a per-instance basis and immediately deprovisioned or deleted after use.
  • Broker and remove access. These accounts are intended for routine use, but users are still responsible for providing a justification if connecting to a specific target. Users typically have a shared account. Credentials for the account are often centrally managed, secured and regularly rotated in a central vault.

Implementing just-in-time provisioning for your organization

In terms of implementing efficient just-in-time provisioning, administrators must set up Single Sign-On (SSO) between the target service provider and the identity provider. In addition, administrators must confirm the inclusion of user attributes necessary for the application.

In turn, when a new user logs onto the application, they will effectively auto-create an account, rather than requiring administrator assistance. SAML assertions present the web application with the details needed from the identity provider.

Administrators can leverage a centralized cloud identity provider or an SSO service developed on top of a traditional directory to achieve the JIT workflow.

During initial set-up, ensuring JIT provisioning compatibility is crucial. Popular applications, such as Slack and the Atlassian Suite, are notable examples of platforms that support just-in-time access.

More JIT information

Just-in-time provisioning represents a dynamic cyber security approach that enhances security, streamlines administrative processes, assists with access-at-scale, and helps organizations achieve compliance objectives while optimizing operational efficiency. For more information about just-in-time services, please click here.

Related resources

  • Discover the main benefits of zero trust security – Learn more here
  • Get insights into the need for cyber security automation – Click here
  • Register for the premiere cyber security event of the year – Expand your network

The future of AI and ML (in 2024) – CyberTalk

EXECUTIVE SUMMARY:

In businesses everywhere, mention of Artificial Intelligence (AI) simultaneously evokes a sense of optimism, enthusiasm and skepticism, if not a certain degree of fear. The AI robots are about to take control of the…sorry, wrong article.

The future of AI and ML in 2024

The rapid advancement of artificial intelligence has led to its widespread integration across industries and ecosystems, including those belonging to both cyber adversaries and cyber defenders.

Hackers hope to get a handle on AI in order to launch new threats at-speed and scale. According to experts, adversarial plans likely include phishing initiatives with ransomware payloads, deepfake scams that deceive executives, and malware scripts that are rewrites of existing threats, enabling the code to evade detection.

“Next year we’ll see more threat actors adopt AI to accelerate and expand every aspect of their toolkit,” says Check Point Threat Intelligence Group Manager, Sergey Shykevich.

AI as a double-edged sword

However, although hackers aim to use AI maliciously, AI is a double-edged sword, and research indicates that it will serve as a valuable force-multiplier for cyber security professionals in 2024 (and beyond). It will continue to transform threat identification, enhance organizations’ security posture, and lead to a safer cyber ecosystem across industries.

“Just as we have seen cyber criminals tap into the potential of AI and ML, so too will cyber defenders. We have already seen significant investment in AI for cyber security, and that will continue as more companies look to guard against advanced threats,” says Shykevich.

The key is leveraging AI’s strengths to counter its own weaknesses.

Leveraging AI’s strengths

Among cyber security professionals, artificial intelligence is often used at the “identification” stage of the SANS Institute’s well-known incident response framework. In other words, AI can help identify incidents in minutes, rather than in hours or days. AI can quickly parse through immense volumes of data to isolate patterns that point to the source and scope of a threat.

A truncated incident identification timeline can lead to faster breach containment, saving organizations on costs. The Cost of a Data Breach 2023 global survey has found that use of AI can speed up breach containment by 100 days (on average), and that AI and automation have delivered cost savings of nearly $1.8 million for individual organizations.

“In the coming year, we must innovate faster than the threats we face to stay one step ahead. Let’s harness the full potential of AI for cybersecurity,” says Shykevich.

Enhancing cyber security posture

In terms of bolstering an organization’s overall security posture, because AI can learn from past threats, AI can vastly improve threat detection capabilities. Using historical data, machine learning algorithms can track patterns and actually develop adaptive, new threat detection methods, making cyber breaches more difficult for adversaries to execute over the long-term.

AI can also automate repetitive tasks, eliminating human error and enabling humans to take on higher-level work. Beyond that, AI can improve the accuracy of decision-making, elevating the competence levels of cyber security teams.

All of these actions, among others, enable AI-powered solutions (and AI-focused security staff) to protect people, processes and technologies better than otherwise possible via traditional cyber security tools. AI is becoming and will continue to establish itself as an invaluable asset within the cyber security landscape.

That said, “In general, while organizations have found that AI is sexy, that doesn’t mean that we need to use AI everywhere. We need to be careful. We need to use it when it’s relevant, and not when it’s irrelevant,” cautions Check Point’s Global CISO emeritus and Field CISO for the EMEA region, Jonathan Fischbein.

A safer cyber ecosystem at-large

AI-based cyber security solutions are becoming increasingly critical components of cyber security stacks, and they’re not only strengthening individual organizations’ security – they’re able to help strengthen third-party security, ultimately strengthening the security of the supply chain and that of industry ecosystems at-large.

Policy makers around the world are convening to address the risks associated with AI and automated systems, working to ensure the security of divergent industries – from critical infrastructure to healthcare –  and protection for those who they serve. “There have been significant steps in Europe and the US in regulating the use of AI,” says Shykevich.

AI is fostering new types of partnerships between humans and machines, which allow for outsized cyber security outcomes – ones that amount to more than the sum of their parts.

Rapid change and growth

In the next few months, industry analysts anticipate continued evolution of AI-based cyber security capabilities, along with creative new use-cases for corresponding applications and code.

AI’s meteoric rise across the past decade, which has massively accelerated within the past year, signals its incredible potential to reshape the cyber landscape. Despite some degree of risk, artificial intelligence presents promise and hope for digital security like never before.


For further information about AI, ML and cyber security, please see the following resources

  • Explore the advantages of implementing AI within cyber security – Learn more
  • For more in-depth AI and cyber security insights, check out this whitepaper – Download now
  • Discover ThreatCloud AI, the brain behind Check Point’s best security – Product information

What is Cryware? What Microsoft wants you to know right now

Microsoft warns of “Cryware” infostealing malware that targets cryptocurrency wallets. What is Cryware? Cryware attacks lead to the irreversible theft of virtual currencies through fraudulent transfers to adversary controlled wallets. Cryware information stealers collect and exfiltrate data directly from “hot” wallets or online cryptocurrency wallets. Due to the fact that hot wallets are […]

Robin Hood ransomware demands goodwill ransom for charity

By Edwin Doyle, Global Security Evangelist, Check Point Software. GoodWill ransomware forces victims to record acts of kindness and to then publish corresponding content on social media. GoodWill ransomware In traditional ransomware attacks, the ransomware operators hold files or networks hostage in exchange for a ransom. They demand anywhere from hundreds to millions of dollars […]

US military pioneers Metaverse experiences that are amazingly sophisticated

The US military is creating its own version of the Metaverse. For years, militaries around the globe have used augmented reality (AR) and virtual reality (VR) to provide weapons training, equipment training and flight training for soldiers. Such tools can reduce costs associated with preparing soldiers for ‘live’ conditions, and lead to stronger […]