An 18-Year-Old Codebase Left Smart Buildings Wide Open
Researcher Gjoko Krstic’s "Project Brainfog" exposed hundreds of zero-day vulnerabilities in building-automation systems still running hospitals, schools, and offices worldwide.
Explore the latest advancements and trends in information security automation. Stay ahead with cutting-edge cybersecurity automation news and insights.
Search across headline titles and summaries.
Background for this topic.
Automation in information security uses software to perform tasks like scanning for vulnerabilities, detecting threats, and enforcing policies without constant human intervention. It enables faster, consistent actions such as blocking malicious IPs or deploying patches based on predefined rules or machine learning models. This reduces manual effort and helps maintain security hygiene at scale.
However, automation can introduce risks if workflows are misconfigured or manipulated. Attackers may exploit automated responses to trigger false positives or disable protections, while errors in automation can propagate rapidly across systems. Security teams must carefully validate and monitor automated processes, balancing efficiency with oversight to prevent unintended consequences and maintain control over security operations.
Researcher Gjoko Krstic’s "Project Brainfog" exposed hundreds of zero-day vulnerabilities in building-automation systems still running hospitals, schools, and offices worldwide.
Cybersecurity researchers are calling attention to a spike in automated attacks targeting PHP servers, IoT devices, and cloud gateways by various botnets such as Mirai, Gafgyt, and Mozi
Hidden visibility gaps can turn unpatched systems into open doors. Action1 gives IT teams unified visibility and automated control to detect, prioritize, and remediate vulnerabilities before attackers exploit them. [...]
Security teams invest in AI for automated remediation but hesitate to trust it fully due to fears of unintended consequences and lack of transparency.
CEO Nikesh Arora: Next-Generation Security Play Ties Automation to Identity, CloudWith new products set to launch, Palo Alto Networks is expanding its AI cybersecurity footprint. Chairman and CEO Nikesh Arora introduced the AgentiX platform, a retooled cloud approach, identity enhancements and a deal making Palo Alto the core security provider for Oracle Cloud.
CEO Nikesh Arora: Next-Generation Security Play Ties Automation to Identity, CloudWith new products set to launch, Palo Alto Networks is expanding its AI cybersecurity footprint. Chairman and CEO Nikesh Arora introduced the AgentiX platform, a retooled cloud approach, identity enhancements and a deal making Palo Alto the core security provider for Oracle Cloud.