In this weeks Cyber Bits, Microsoft deprecates VPN protocols, OpenAI confirms what everyone already knew about bad guys using ChatGPT for malware, SOC teams lament alert fatigue, qualified personnel gaps in cloud and cyber, and how to build cyber resilience for SMB's.
Microsoft deprecates PPTP and L2TP VPN protocols in Windows Server
Link: BleepingComputer
Microsoft has deprecated the Point-to-Point Tunneling Protocol (PPTP) and Layer 2 Tunneling Protocol (L2TP) in Windows Server due to security vulnerabilities. These protocols have been in use for over 20 years, but are now considered inadequate against modern cybersecurity threats. Microsoft is encouraging users to transition to Secure Socket Tunneling Protocol (SSTP) and Internet Key Exchange version 2 (IKEv2), which offer stronger encryption and better overall security. This move aligns with Microsoft’s strategy to enhance the security and performance of its server environments.
OpenAI confirms threat actors use ChatGPT to write malware
Link: BleepingComputer
OpenAI has confirmed that cybercriminals are using its AI tool, ChatGPT, to aid in developing malware, debugging code, and conducting social engineering attacks. Recent reports highlight that actors linked to Chinese and Iranian groups have leveraged ChatGPT for tasks such as scripting, reconnaissance, and evading detection. Despite concerns, OpenAI has stated that AI has not contributed significantly to creating new advanced malware but has made it easier for low-skilled attackers to improve their capabilities.
SOC Teams: Threat Detection Tools Are Stifling Us
Link: DarkReading
Security Operations Center (SOC) teams are experiencing challenges due to the overwhelming number of threat detection tools at their disposal, leading to tool fatigue. Many security professionals feel burdened by managing and integrating these tools, resulting in decreased productivity and increasing the risk of missed threats. The lack of cohesive integration and the redundancy of alerts from various platforms are cited as key issues hindering effective threat response.
Cloud, AI Talent Gaps Plague Cybersecurity Teams
Link: DarkReading
Cybersecurity teams are struggling with significant talent shortages, especially in areas related to cloud computing and artificial intelligence. This skills gap is exacerbating the challenges of managing increasingly complex digital environments. As more organizations move to cloud platforms, the lack of skilled professionals in these areas hinders security efforts and leaves systems vulnerable to attacks. The need for specialized training and recruitment in cloud and AI fields is becoming increasingly urgent.
Building Cyber Resilience in SMBs with Limited Resources
Link: DarkReading
Small and medium-sized businesses (SMBs) face considerable challenges in building cyber resilience due to limited financial and technical resources. These organizations are often prime targets for cyberattacks but struggle to implement robust security measures. Experts recommend focusing on risk prioritization, using cost-effective security solutions, and fostering partnerships with third-party vendors to enhance protection without overwhelming budgets. We've written about this in the past here and here.