Human error behind misconfigurations, a host of insecure remote access issues, exposed business credentials with reused passwords and unpatched vulnerabilities have all contributed to a significant increase in cloud security incidents. Many organizations don’t foresee the challenges of what it will take to protect their data and operations after a move to the cloud.

A major security incident in the crypto field occurred between March 17-18th. Due to a vulnerability that was not caught before the event, unknown crypto hackers were able to drain 1.6 million USD (around 59 BTC) from Bitcoin ATMs owned by General Bytes - the world’s largest Bitcoin, Blockchain, and Cryptocurrency ATM manufacturer.

Postal Prescription Services is an Oregon-based mail-order medication business that sends medication to thousands of customers. It began associating with Kroger recently, and around the time of that merger, it suffered from a data leak. The grocery store chain Kroger is spread out over more than 2,800 separate locations, has over 465,000 employees, and serves millions of customers each year. As a result, many customers had some of their data exposed due to a mistake that was made.

In recent years, generative artificial intelligence (AI), especially Large Language Models (LLMs) like ChatGPT, has revolutionized the fields of AI and natural language processing. From automating customer support to creating realistic chatbots, we rely on AI much more than many of us probably realize. The AI hype train definitely reached full steam in the last several months, especially for cybersecurity use cases, with the release of tools such as.

Cybersecurity solutions have evolved from a basic investigation and discovery technology to behavioral analysis solutions that enable real-time detection and response. However, if they are to be truly effective, they must also protect against anomalous behavior that may seem harmless on its own, but after gaining a bigger picture by correlating and contextualizing detections, turns out to be an incident that needs to be responded to as soon as possible.

Read also: Australian police dismantles cyber crime syndicate, GhatGPT abused for phishing attacks, and more.

It’s natural for people to let down their guard when hunting for great deals or responding to one-time requests from coworkers trying to plan their vacations. But threat actors don’t take time off, and as recent history has shown from Log4J and Kaseya attacks, attackers are poised to do the most damage when their targets are off celebrating outside the office.

As cybercrime evolves and organizations migrate to the digital realm, there’s been an ongoing race among businesses to evade bad actors, stay ahead of emerging threats, and mature their security posture. While tools are a critical component of these proactive and reactive defenses, tools alone are not enough, especially when it comes to telemetry.

On Wednesday, March 29, 2023, details of unexpected malicious activity observed from the legitimate and cryptographically signed 3CX SoftPhone Desktop App application were shared in a blog post by security researchers at Crowdstrike.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. If during the past week you panicked when you went to do a push to git, and saw the alarm that your connection could be compromised, don’t worry, github just rotated keys because…