Category: AI in news

Striking a balance between sufficient visibility into cloud computing environments and the potential for an overdose of false positives and duplicate alerts is the key challenge facing cloud security professionals, according to the State of Security Remediation report from the Cloud Security Alliance (CSA). The report, released today, detailed a raft of important issues facing…

Security researchers warn that an ongoing cloud account takeover campaign has impacted dozens of Microsoft Azure environments owned by organizations from around the world. The attackers have compromised hundreds of accounts since late November 2023 including managers and senior executives. “The varied selection of targeted roles indicates a practical strategy by threat actors, aiming to…

Threat actors have stepped up their efforts over the last year to launch attacks aimed at disabling enterprise defenses, according to the annual Red Report released Tuesday by Picus Security. The findings demonstrate a drastic shift in adversaries’ ability to identify and neutralize advanced enterprise defenses, such as next-generation firewalls, antivirus software, and EDR solutions,…

Join me and Metomic CEO Richard Vibert for a discussion about some of the cybersecurity challenges faced by the financial services industry, and how you can best protect your organisations. In a webinar entitled “Fortifying financial services: mastering data security in the digital age”, we will be: describing the diverse threat landscape – I’ve got…

The Minnesota-based Internet provider U.S. Internet Corp. has a business unit called Securence, which specializes in providing filtered, secure email services to businesses, educational institutions and government agencies worldwide. But until it was notified last week, U.S. Internet was publishing more than a decade’s worth of its internal email — and that of thousands of…

Emerald Sleet (Thallium) Emerald Sleet — a North Korean threat actor that relies on spear-phishing emails to compromise and gather intelligence on prominent North Koreans — has used LLMs to understand publicly known vulnerabilities, to troubleshoot technical issues, and for assistance with using various web technologies. The report found that Emerald Sleet used LLM-assisted vulnerability…

Overall, 80% of all active applications were detected to have unresolved flaws using Veracode’s SAST, DAST, and SCA scans, while this was 73% for SAST-only scans which consider issues specifically in the development phase of the applications. Flaws detected in third-party, open-source components were on par with those detected in first-party codes. In fact, 63.4%…