The week's top cybersecurity news

Cisco strengthens Splunk with acquisition of SnapAttack

Cisco acquired threat detection company SnapAttack to enhance its security information and event management (SIEM) platform Splunk. SnapAttack stands out as a company that stands out in the industry by offering end-to-end solutions from threat detection to first response.

This acquisition is considered as a step in line with Cisco's strategy to strengthen and update cyber threat intelligence in line with its vision. In addition, SnapAttack's advanced AI and machine learning-powered tools will enable defenders to quickly identify detection vulnerabilities and prioritize responses.

This agreement is a significant contribution to the goal of creating a next-generation security operations center (SOC) experience by integrating predictive intelligence, rapid threat detection and automation on a unified platform. Cisco's move is a major step towards the SOC of the future with accelerated threat detection and platform modernization.

Trend Micro ushers in the era of AI-powered autonomous cybersecurity

Trend Micro is ushering in a new era by automating its customers' threat defenses with an artificial intelligence brain integrated into its security suite. This AI brain works based on a comprehensive algorithm fed by global threat research.

Security solutions using AI often raise privacy concerns. To address these concerns, Trend Micro both customizes and limits AI by offering customers a wide range of access. The newly developed autonomous cybersecurity tool performs tasks without much intervention from users.

While Trend Micro sees cyberattacks as a war, it describes the AI brain as the “commander”. The AI's primary task is to update storage protocols and take proactive actions, especially against threats such as ransomware. Trend Micro also promises to improve hardware and software security by tracking customers' basic patching needs.

Visa blocks 85% of Cyber Monday fraud with AI

Visa announced that its AI and machine learning technologies prevented 85% more suspected fraud globally last Cyber Monday than a year ago. This achievement comes at a time when fraudsters' use of AI to prevent suspicious fraud in physical and digital stores has increased by 200%.

Visa has invested $11 billion in fraud prevention technologies over the last five years. Launched earlier this year, the Visa Account Attack Intelligence Score uses generative AI to detect fraud in advance wherever purchases are made. The VAAI Score tool helps card issuers combat the attacks they face.

Visa's investments in artificial intelligence and other technologies enabled the prevention of 80 million fraudulent transactions worth $40 billion in 2023, and these successes are expected to continue in the future.

Google warns Gmail users of second wave of attacks

Google warned Gmail users of a second wave of cyber threats, noting that despite a 35% decrease in phishing attacks as the holiday season approaches, attackers are developing new methods.

The company said there has been a huge spike in email traffic since mid-November, making it more difficult than ever to protect email inboxes over the past two months. With more than 2.5 billion users, Gmail is a prime target for attackers. That's why Google is investing heavily to block more than 99.9% of spam, phishing and malware in Gmail.

With its investments and the artificial intelligence it has developed, Google is deploying innovative technologies using a large language model trained in malware and spam. In this way, it aims to improve the security of Gmail users.

CISA wants Microsoft 365 to meet key security principles

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a directive to federal civilian agencies to secure cloud environments following recent cybersecurity incidents. The directive aims to establish a consistent approach to securing federal cloud environments following the supply chain attacks on SolarWinds in 2019.

According to CISA's order, federal civilian agencies must create a comprehensive inventory of all Microsoft 365 cloud users and update this inventory in annual reports. CISA Director Jen Easterly urged all organizations to adopt this guidance to reduce cyber risk and increase resilience. While the guidance applies specifically to Microsoft 365 environments, it also covers SCuBA secure configuration basics for other cloud services.

Microsoft reiterates that it is actively supporting CISA's development of SCuBA to avoid any question marks among civilian organizations.