The Trustwave SpiderLabs team conducted a multi-month investigation into the cyber threats facing the hospitality industry worldwide and has released a detailed report displaying not only how threat actors conduct attacks, methodologies used, but what organizations can do to protect themselves from specific types of attacks.

Cybersecurity is a landscape forever in motion, an arena where threats evolve at an alarming pace. The tools we employ to counter threats should match this pace and anticipate the unforeseeable. Still, a chasm exists where tools are not keeping up with the changes, particularly regarding case management. I’m Dor Morgenstern, lead PM for Case Management at Torq. With a background rooted in cybersecurity, I’ve seen firsthand the evolving challenges that security operations face.

Read also: Israeli police dismantle an international crypto fraud ring, crypto casino Stake lost $41M in a hack, and more.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. A big hit for a major website is always a bad thing – more so when people are expecting emails. Though in this case I suspect it is more likely the target is password reuse.

It seems everyone is concerned about cybersecurity these days, and the investor community is no different. Shareholders are reading the headlines—ransomware attacks, data breaches, infrastructure disruptions—and they are wondering how these incidents could impact the companies that they invest in. Shareholders are about to get a lot more information from companies in the months ahead. In July 2023, the U.S.

The widespread use of Artificial intelligence (AI) and machine learning (ML) introduce their own security challenges; an AI/ML security assessment can help. AI and ML provide many benefits to modern organizations; however, with their widespread use come significant security challenges. This article explores the vital role of AI/ML security assessments in unearthing potential vulnerabilities, from lax data protection measures to weak access controls and more.

AI is one of the hottest topics in tech right now. More than half of consumers have already tried generative AI tools like ChatGPT or DALL-E. According to a Gartner poll, 70% of executives say their business is investigating and exploring how they can use generative AI, while 19% are in pilot or production mode. Business use cases for AI range from enhancing the customer experience (38%), revenue growth (26%), and cost optimization (17%).

In this episode, we welcome back Shay Nahari, VP of CyberArk Red Team Services. His discussion with host David Puner revolves around attacker innovation, focusing on key areas like cascading supply chain attacks and session cookie hijacking. Lean in as Nahari explains how the Red Team simulates real-world attacks to help organizations identify vulnerabilities and improve their security posture.

True cyber resilience involves much more than having a disaster recovery (DR) solution. That’s because recovery from a typical DR scenario is different than recovery from a cyber event. Why? For starters, disaster recovery scenarios usually involve human nature, mother nature, or technical failure: These are just a few examples.

As a principal security researcher on Corelight’s Labs team, I help to solve difficult network security research problems at scale. Corelight’s customers might recognize some of my work if you see the packages “VPN Insights” or “App ID” on your sensors. Outside of my day-to-day role, I have a hobby podcast called eCrimeBytes where we lightheartedly discuss an electronic crime case each week.