The bad guys are using ChatGPT. There has been a rise in the number of novel attacks meant to bypass legacy rules and IOC-based systems, including zero-day nation-state attacks, insider threats, "living off the land" attacks, model poisoning of AI/ML solutions, and prompt injection for LLM-based systems.
In the new...
Cloud-native application protection platforms are emerging as a game-changing solution to the evolving challenges in cloud security. Mattan Shalev, head of product management at Wiz, outlined the power of CNAPPs in reducing risk and fortifying cloud security.
Applications rely on lines of code to provide business value, but too much of that code is inherently dirty, full of inconsistencies and vulnerabilities. Olivier Gaudin, co-founder and CEO of Sonar, said organizations need clean code that is consistent, intentional, adaptable and responsible.
DDoS attacks often disrupt the normal functioning of a targeted server, service or network by overwhelming it with a flood of traffic. KillNet, a collective of Russian-aligned hacktivists known for its DDoS attacks, gained attention by successfully taking down several U.S. government websites.
The Black Hat conference features presentations that have already led to very public warnings about remotely hackable flaws in everything from Jeep Cherokees and Linux-powered rifles to Android mobile devices and Mac OS X.
No single security solution is enough to defend against today's multifaceted exploits. So it's time for a new holistic and cooperative approach to information security, says Bob Hansmann of Websense.
Former NSA information assurance leader Tony Sager goes on the road to the Black Hat USA security conference to promote the notion that no one should try to solve cybersecurity threats alone.
Can a smart phone increase your privacy and security while remaining both highly usable and attractive to buyers? The inaugural Blackphone is testing that question for consumers and businesses.
IT security expert Bruce Schneier, now the chief technologist at an incident response provider, sees tools that help enterprises respond to a data breach being used for other unexpected events.
Expect every new warning of cybercrime attacks, online espionage or the malware du jour to be slickly marketed, with the announcements carefully timed. But is this bad for either the information security community or attackers' victims?
A report that Russian hackers have hoarded 1.2 billion stolen passwords could prove to be an important catalyst for beefing up information security. Experts analyze the potential impact.
Millions of user credentials are breached regularly - whether we hear of the incidents or not. So, why do we continue to rely on passwords? Derek Manky of Fortinet discusses authentication and data retention.
When it comes to incident response, organizations don't lack threat intelligence. They lack the automation, tools and the skilled staff to act on that intelligence, says Craig Carpenter of AccessData.
That Russian hackers may be hording 1.2 billion credentials merely reflects the insecurity of the world we live in today, says David Perry, threat strategist at the Finnish IT security company F-Secure.
The hacker community can be a cynical crowd, or perhaps a realistic one, that tries to make the best of the threats confronting society. CISO Dan Geer, for example, prefers to hire security folks who are, more than anything else, sadder but wiser.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing securityintelligence.inforisktoday.com, you agree to our use of cookies.