In an alarming revelation, First American Financial Corporation, the second-largest title insurance company in the United States, disclosed that a cyberattack in December resulted in a significant data breach affecting 44,000 people. This incident underscores the importance of robust cybersecurity measures and services such as phishing takedown, online risk evaluation, stolen credentials detection, and darknet monitoring.

In today’s complex IT ecosystems, extending equal protection across the entire network is simply not feasible. Instead, organizations need to determine which systems are inherently most critical and prioritize maintaining their operational integrity through effective IT monitoring: tracking performance and activity across servers, applications and other technology components.

Who doesn’t like a good bedtime story from Grandma? In today’s landscape, more and more organizations are turning to intelligent chatbots or large language models (LLMs) to boost service quality and client support. This shift is receiving a lot of positive attention, offering a welcome change given the common frustrations with bureaucratic delays and the lackluster performance of traditional automated chatbot systems.

The Synopsys Cybersecurity Research Center (CyRC) has exposed prompt injection vulnerabilities in the EmailGPT service. EmailGPT is an API service and Google Chrome extension that assists users in writing emails inside Gmail using OpenAI's GPT models. The service uses an API service that allows a malicious user to inject a direct prompt and take over the service logic. Attackers can exploit the issue by forcing the AI service to leak the standard hard-coded system prompts and/or execute unwanted prompts.

Today, the average application contains thousands of moving parts. Organizations deploy to multi-cloud environments with containers and microservices, using a combination of code written by internal teams, generated by AI, and curated by third parties. Security teams face a tall order in keeping these complex applications secure, especially given the increasing number of software supply chain attacks.

With cyber threats constantly evolving, organizations must ensure that their approach to identifying and mitigating vulnerabilities is always up to date. Purple teaming can play a vital role in helping them to achieve this. Purple teaming involves red and blue teams collaborating on an ongoing basis to maximize their impact. Read on to discover how purple teaming enables businesses to enhance and accelerate their approach to identifying and mitigating security vulnerabilities.

Cybersecurity researchers are ringing the alarm on new phishing campaigns exploiting Cloudflare Workers, HTML smuggling, and generative AI (GenAI) to target user credentials. These innovative techniques highlight the sophisticated strategies cybercriminals are deploying to bypass security measures and harvest sensitive information.

While often considered a newer threat, and rightly so given its fast-rising dominance among the cybercrime landscape, ransomware is not a recent innovation in the ongoing cyber war. It stretches back decades to the early days of the internet, email, and even floppy discs.

Machine learning (ML) and AI tools raise concerns over mis- and disinformation. These technologies can ‘hallucinate’ or create text and images that seem convincing but may be completely detached from reality. This may cause people to unknowingly share misinformation about events that never occurred, fundamentally altering the landscape of online trust. Worse – these systems can be weaponised by cyber criminals and other bad actors to share disinformation, using deepfakes to deceive.

Remember Wireshark from the good old days of your IT degree or early engineering adventures? Well, guess what? It’s still kicking and just as relevant today as it was back then, and guess what else? It is still open source! Do your engineering or security teams use it? There’s a good chance they do if you’re on-premises. Believe it or not, Wireshark isn’t just for the land of wires and cables anymore. With some help from Falco and Kubernetes, it has a place in the cloud SOC.