February 2024

Preventing SQL injection attacks in Node.js

Feb 20, 2024 By Lucien Chemaly In Snyk

As reliance on software systems continues to grow, so does the emergence of numerous security threats. One notable threat for developers, especially those working with Node.js, is SQL injection. SQL injection is a malicious attack where nefarious SQL code is injected into a system, exposing sensitive information, corrupting or deleting data, and sometimes, granting unauthorized access to attackers.

Read Post

Snyk

Read more about Preventing SQL injection attacks in Node.js

Chattanooga Heart Institute Updates on 2023 Network Cyber Attack

Feb 20, 2024 By Steven In IDStrong

Patients with cardiovascular issues may appear in one of the Chattanooga Heart Institute (CHI) facilities in Tennessee and Georgia. The network features a substantial team of surgeons, specialists, and cardiologists. CHI provides a comprehensive approach to cardiac care, offering patients exceptional services when needed.

Read Post

IDStrong

Read more about Chattanooga Heart Institute Updates on 2023 Network Cyber Attack

The Unsettling Leap of AI in Video Creation: A Glimpse Into Sora

Feb 20, 2024 By Javvad Malik In KnowBe4

In the rapidly evolving landscape of artificial intelligence (AI), the launch of Sora by OpenAI marks an unnerving milestone in video synthesis. The unveiling of such revolutionary technology is simultaneously exciting and raises red flags to the broader implications of AI's role in digital content creation and cybersecurity. The potential of Sora to generate up to one-minute video clips from mere text input is staggering.

Read Post

KnowBe4

Read more about The Unsettling Leap of AI in Video Creation: A Glimpse Into Sora

IBM Tests Audio-Based Large Language Model to Hijack Live Conversations

Feb 20, 2024 By Stu Sjouwerman In KnowBe4

With the idea in mind to “audio-jack” a live call-based banking transaction, security researchers were successful in inserting cybercriminal-controlled account details. Deepfake audio is nothing new… but it is getting very advanced. So much so, that security researchers at IBM Threat Intelligence were able to test out a hypothesis as to whether it’s possible to perform an audio-based “Man in the Middle” attack.

Read Post

KnowBe4

Read more about IBM Tests Audio-Based Large Language Model to Hijack Live Conversations

Malvertising Campaign Spreads Phony Utility Bills

Feb 20, 2024 By Stu Sjouwerman In KnowBe4

A widespread malvertising campaign is attempting to trick users into paying phony utility bills, according to researchers at Malwarebytes. “We discovered a prolific campaign of fraudulent ads shown to users via Google searches,” the researchers write. “To give an idea of scale, the number of ads we found exceeds what we have found in previous malvertising cases....The scam begins when a user searches for keywords related to their energy bill.

Read Post

KnowBe4

Read more about Malvertising Campaign Spreads Phony Utility Bills

Add to Chrome? - Part 2: How We Did Our Research

Feb 20, 2024 By James Hodgkinson In Splunk

Analyzing the content and security implications of browser extensions is a complex task! It's almost like trying to piece together a complex jigsaw puzzle (thanks JavaScript). Automation is a key way to reduce this complexity without adding to the workload of security staff. With so many extensions to inspect (we analyzed more than 140,000 of them), automating small portions of that analysis provided a big impact.

Read Post

Splunk

Read more about Add to Chrome? - Part 2: How We Did Our Research

#DidYouKnow? Forescout Shines a Light on Your Complex Networks!

Feb 20, 2024 By Forescout In Forescout

DidYouKnow? #Forescout shines a light on your complex networks! 🔦 What do you do when the amount of unmanageable devices exceed the number of managed devices? Our CTO, Justin Foster, how we bring the light to the deepest darkest corners of your network and brings visibility and control.

View Video

Forescout

Read more about #DidYouKnow? Forescout Shines a Light on Your Complex Networks!

DataTrails US DOD Explainable AI Trust Demo

Feb 20, 2024 By DataTrails In DataTrails

DataTrails revolutionizes data integrity and transparency by enabling control over data flows, validating data sources, and constructing mutually accountable records. This approach not only meets the immediate need for secure and trusted data exchange but also lays the groundwork for AI systems to automate sensitive workflows confidently. DataTrails' patented distributed ledger technology underpins AI-driven decision-making, ensuring resilience, explainability, and regulatory compliance.

View Video

DataTrails

Read more about DataTrails US DOD Explainable AI Trust Demo

The Future of Security Operations: An Inside Look at the LimaCharlie SecOps Cloud Platform

Feb 20, 2024 By LimaCharlie In LimaCharlie

So, you’ve heard of LimaCharlie, but want to know more? Do you want to better understand how you can best utilize the SecOps Cloud Platform for your environment? Join Matt Bromiley, Lead Solutions Engineer, as he breaks down the SCP and provides an in-depth look at how LimaCharlie is redefining security operations.

View Video

LimaCharlie

Read more about The Future of Security Operations: An Inside Look at the LimaCharlie SecOps Cloud Platform

February 20 2024 Cyber Threat Intelligence Briefing

Feb 20, 2024 By Kroll In Kroll

This weeks' briefing covers: Dive deeper.

View Video

Kroll

Read more about February 20 2024 Cyber Threat Intelligence Briefing

Tanium RBAC - Part 1 - Tanium Tech Talks #81

Feb 20, 2024 By Tanium In Tanium

Get started with Tanium role based access control (#RBAC) in today's tech talk. This will be helpful not only for shops just starting out with Tanium but also for those looking to optimize mature environments.

View Video