On February 15th, the Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) issued an advisory highlighting the results of their incident response investigation into a state government organization’s network whose sensitive data including host/user details and other pertinent metadata were posted to the dark web.

OWASP pen testing is the assessment of web applications to identify vulnerabilities outlined in the OWASP Top Ten. An OWASP pen test is designed to identify, safely exploit and help address these vulnerabilities so that risks can be mitigated before they are exploited by adversaries.

Top tips is a weekly column where we highlight what’s trending in the tech world and list ways to explore these trends. This week we’re looking at four ways you can protect yourself from increasingly advanced social engineering attacks.

As of February 12, 2024, the National Cyber Security Centre (NCSC) has released Version 2.0 of its vulnerability management guidance. This update provides organizations with the latest strategies and practices to identify, assess, and manage cybersecurity vulnerabilities effectively. The NCSC’s updated guidance on vulnerability management outlines the importance of proactively managing vulnerabilities to secure technical estates.

Organizations transitioning to the cloud require robust security concepts to protect their most critical assets, including business applications and sensitive data. Rony Moshkovitch, Prevasio’s co-founder, explains these concepts and why reinforcing a DevSecOps culture would help organizations strike the right balance between security and agility. In the post-COVID era, enterprise cloud adoption has grown rapidly.

As the name might imply, it’s important to keep secrets secret. Access to even the smallest of secrets can open a window for attackers who can then escalate their access to other parts of the system, allowing them to find more important secrets along the way. Poor practices can leave many secrets lying around unprotected and just one seemingly unimportant secret can lead to a broad security breach.

In the evolving domain of artificial intelligence (AI), Multimodal AI emerges as a transformative force, reshaping how machines perceive and interact with the world. Multimodal AI encapsulates a sophisticated integration of various modalities, including text, image, speech, and other sensory inputs, fostering a more comprehensive understanding of data. Multimodal AI transcends the limitations of unimodal approaches, enabling a more nuanced and context-aware AI system.