False Claims Act, Google Cloud PQC, Salt Typhoon, AI in SOC, Ivanti Flaws, ICS, DeFi – SWN #453 - SC Media
On this edition of the Security Weekly News: False Claims Act, Google Cloud PQC, Salt Typhoon, AI in SOC, Ivanti Flaws, ICS, DeFi and more!
Host
Executive Director at Guardedrisk
- 1. False Claims act strikes again! 11.2 million fine
If you claim to be certified, and you're not? Bad things can happen. Ignoring auditors, scans, and pentesters may be a bad idea?
- 2. Google Cloud KMS supports PQC
Google has unveiled a new version of their Cloud key management system that supports post quantum cryptography. How important is this? Good question. We'll discuss.
- 3. Cloud Permissions suck!
IAM is the new perimeter. Why? Tenable calls this a “Toxic Cloud Trilogy,” which describes the dangerous combination of publicly exposed, critically vulnerable, and highly privileged cloud workloads. This is fascinating!!
- 4. AI and SOC, transformative or hype?
This article is frankly a bit of hype, but I like the topic, so sure, let's discuss. Is AI important in a SOC environment, and getting more so? Absolutely! Is it magic, like this article seems to suggest? Absolutely not. AI is pretty darn good at collation and correlation. It's even not bad at automation (what we in earlier years called scripting). But it's not magic.
- 5. Ivanti again?
4 critical flaws have had exploit code released. PATCH!!!
- 6. ICS vulns released by CISA, big ones.
7 ICS vulns, with critical severity, risking patient and customer data, released by CISA. OT For the win!!
- 7. Custom...
Read Full Story: https://news.google.com/rss/articles/CBMizAFBVV95cUxNMFRtTkdsUWd1RENoZWJCalU1...