Orange Cyberdefense reveals new vulnerabilities in credit card machines, electronic access control devices a...Hacking no-touch sensors and PIN entry devices, and automating spear phishing, are three cyber security challenges that Orange Cyberdefense’s SensePost team of ethical hackers took on recently. Leon Jacobs, CTO at Orange Cyberdefense South Africa, revealed some of the latest research coming out of the team at the company’s Security in Dialogue client event.
Jacobs and his team work with vendors to responsibly disclose the vulnerabilities their research has uncovered. “We’re in favour of disclosing early and letting the vendor know,” he said. “The end result is not to hold on to the vulnerability. That doesn’t make all of this better, it actually makes it worse, for all of us.”Data loss, attacker enablement, more sophisticated social engineering and lack of trust in information.
Take data loss protection. Layering AI tools onto your data, for instance, CoPilot’s integration with Office 365, doesn’t create a new risk. Instead, it exacerbates existing data governance problems and misconfigurations, supercharging current risks rather than creating new ones. “I think the real risk with this isn’t the technology, or the ubiquity of AI. It’s a societal risk. Is this thing going to get smarter or dumber? Is it ultimately giving us productivity gains in the direction we want? Are you empowering your people in the direction that you want to go, and making the impression that you want to make?” said Van der Walt.