Cyber Bits · · 2 min read

Cyber Bits: October 14

In this weeks Cyber Bits, Microsoft deprecates VPN protocols, OpenAI confirms what everyone already knew about bad guys using ChatGPT for malware, SOC teams lament alert fatigue, qualified personnel gaps in cloud and cyber, and how to build cyber resilience for SMB's.

Cyber Bits: October 14

In this weeks Cyber Bits, Microsoft deprecates VPN protocols, OpenAI confirms what everyone already knew about bad guys using ChatGPT for malware, SOC teams lament alert fatigue, qualified personnel gaps in cloud and cyber, and how to build cyber resilience for SMB's.

Microsoft deprecates PPTP and L2TP VPN protocols in Windows Server

Link: BleepingComputer

Microsoft has deprecated the Point-to-Point Tunneling Protocol (PPTP) and Layer 2 Tunneling Protocol (L2TP) in Windows Server due to security vulnerabilities. These protocols have been in use for over 20 years, but are now considered inadequate against modern cybersecurity threats. Microsoft is encouraging users to transition to Secure Socket Tunneling Protocol (SSTP) and Internet Key Exchange version 2 (IKEv2), which offer stronger encryption and better overall security. This move aligns with Microsoft’s strategy to enhance the security and performance of its server environments.

OpenAI confirms threat actors use ChatGPT to write malware

Link: BleepingComputer

OpenAI has confirmed that cybercriminals are using its AI tool, ChatGPT, to aid in developing malware, debugging code, and conducting social engineering attacks. Recent reports highlight that actors linked to Chinese and Iranian groups have leveraged ChatGPT for tasks such as scripting, reconnaissance, and evading detection. Despite concerns, OpenAI has stated that AI has not contributed significantly to creating new advanced malware but has made it easier for low-skilled attackers to improve their capabilities.

SOC Teams: Threat Detection Tools Are Stifling Us

Link: DarkReading

Security Operations Center (SOC) teams are experiencing challenges due to the overwhelming number of threat detection tools at their disposal, leading to tool fatigue. Many security professionals feel burdened by managing and integrating these tools, resulting in decreased productivity and increasing the risk of missed threats. The lack of cohesive integration and the redundancy of alerts from various platforms are cited as key issues hindering effective threat response.

Cloud, AI Talent Gaps Plague Cybersecurity Teams

Link: DarkReading

Cybersecurity teams are struggling with significant talent shortages, especially in areas related to cloud computing and artificial intelligence. This skills gap is exacerbating the challenges of managing increasingly complex digital environments. As more organizations move to cloud platforms, the lack of skilled professionals in these areas hinders security efforts and leaves systems vulnerable to attacks. The need for specialized training and recruitment in cloud and AI fields is becoming increasingly urgent.

Building Cyber Resilience in SMBs with Limited Resources

Link: DarkReading

Small and medium-sized businesses (SMBs) face considerable challenges in building cyber resilience due to limited financial and technical resources. These organizations are often prime targets for cyberattacks but struggle to implement robust security measures. Experts recommend focusing on risk prioritization, using cost-effective security solutions, and fostering partnerships with third-party vendors to enhance protection without overwhelming budgets. We've written about this in the past here and here.

Read next

Cyber Bits: November 25
Cyber Bits ·

Cyber Bits: November 25

Welcome to this week's edition of Cyber Bits, where we cover the latest in malware campaigns, advanced persistent threats, data breaches, vulnerabilities in enterprise systems from Fortinet and Palo Alto, and the economic impact of cyberattacks. Here's what you need to know this week:

Cyber Bits: October 21
Cyber Bits ·

Cyber Bits: October 21

In this week's Cyber Bits, Internet Archive faces another breach, Microsoft sets up Azure tenant honeypots, ransomware attacks are using ESET's name, Microsoft may have lost some security logs, and North Korea is targeting companies looking for temporary IT workers.