The shifting of information to data warehouses such as Snowflake and Databricks has created oversight challenges around access and ownership, said Immuta CEO Matthew Carroll. Customers should be able to scan and analyze where their cloud data lives and identify and fix flaws or abnormalities.
The rapid pace of API development has created major risk for companies given the amount of data that's being exposed, said Salt Security CEO Roey Eliyahu. The security industry hasn't adapted quickly to address these problems since it's still used to relatively static APIs that were easy to guard.
Why are so many fresh zero-day vulnerabilities being exploited in the wild? Google reported that attackers often discover variants of previously exploited flaws, which suggests that vendors aren't doing enough to fix the root cause of flaws - or to avoid introducing fresh ones with their fixes.
In this episode of CyberEd.io's podcast series "Cybersecurity Insights," Morphisec's Michael Gorelik discussed automated moving target defense - or AMTD, which is a risk-reduction strategy and preventive measure that reduces adversary success rates and provides "the final layer of defense."
The latest generation of ransomware and phishing attacks is being designed to evade existing network security controls such as gateways and firewalls, said Menlo Security CEO Amir Ben-Efraim. Threat actors have taken the time to codify, register and customize URLs to impersonate a bank's help desk.
Adversaries use artificial intelligence to obtain explosives, advance sextortion schemes and propagate malware through malicious websites that appear legitimate. Intelligence officials grapple with emboldened criminals who use AI for nefarious purposes and nation-state actors such as China.
Application journeys are fluid in practice because applications can live anywhere. Complex deployments with too many tools to configure and manage and overwhelmed IT teams lead to mistakes, so organizations should take a cybersecurity mesh platform approach to securing their application journeys.
SMB cybersecurity platform Coro purchased an early-stage Israeli startup to bring network connectivity to its SASE offering for midmarket organizations. Coro said its buy of Jerusalem-based Privatise will give Coro clients a secure way to connect, manage and filter out malicious content.
Adding former CIA Director Gen. David Petraeus to Semperis' strategic advisory board has given the identity vendor knowledge and insights into global threat activity, said CEO Mickey Bresman. Petraeus complements the firm's incident response arm company with perspectives on global threats.
Michigan-based academic medical provider Henry Ford Health is notifying nearly 170,000 individuals that their protected health information was breached in a recent phishing scam that compromised three employees' email accounts. Henry Ford Health said the incident occurred on March 30.
Practicing incident response procedures is as important as practicing fire drills, said CISO Nick Prescot of Norgine. But beyond regularly testing the plan, security leaders must foster a collaborative environment so their teams maintain a sense of calm in the heat of an incident.
Between July 21 and 27, Worldcoin set off security and privacy alarms; threat actors stole from AlphaPo, CoinsPaid, Era Lend and Conic Finance; hackers set a cryptojacking record; Apple users became the target of a crypto-stealing malware and the DOJ merged its computer crime and crypto crime units.
Is the Akira ransomware story coming to an end? Security researchers say the group was competing in a competition designed by Royal to give it a new cryptolocker - but lost. Even with a free decryptor now available for Akira victims, however, it's too soon to say if the group might be doomed.
Natural language models aren't the boon to auditing many in the Web3 community hoped that generative artificial intelligence tools would be. After a burst of optimism, the consensus now is that AI tools generate well-written, perfectly formatted - and completely worthless - bug reports.
Unintended bias in artificial intelligence tops deliberate misuse when it comes to the privacy concerns around use of facial recognition in public areas, with data handled by AI, according to Harry Boje, data protection and privacy officer at Paydek.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.