%term

Sysdig's AI Workload Security: The risks of rapid AI adoption

Aug 22, 2024 By Nigel Douglas In Sysdig

The buzz around artificial intelligence (AI) is showing no sign of slowing down any time soon. The introduction of Large Language Models (LLMs) has brought about unprecedented advancements and utility across various industries. However, with this progress comes a set of well-known but often overlooked security risks for the organizations who are deploying these public, consumer-facing LLM applications.

Read Post

Sysdig

Read more about Sysdig's AI Workload Security: The risks of rapid AI adoption

Insider Risk Management: Addressing the Human Side of Risk

Aug 22, 2024 By Veriato Team In Veriato

Recognizing the indicators of insider risk before they turn into threats requires a paradigm shift in the way we operate. It necessitates moving from a reactive mode of operation to proactive. And it requires data that is continuously captured and analyzed to enable security teams to easily see patterns and anomalies and gauge the level of risk of specific behaviors.

Read Post

Veriato

Read more about Insider Risk Management: Addressing the Human Side of Risk

Two Suspects Behind 14M Holograph Crypto Heist Arrested In Italy

Aug 22, 2024 By Key Dutch In ImmuniWeb

Read also: a Russian ransomware actor was extradited to the US, Germany cracks down on illegal crypto ATMs, and more.

Read Post

ImmuniWeb

Read more about Two Suspects Behind 14M Holograph Crypto Heist Arrested In Italy

Three trends shaping software supply chain security today

Aug 22, 2024 By Erin Cullen In Snyk

Building software continues to look like an assembly line, with developers pulling resources from across the web to create applications. Although third-party resources have played an essential role in developing software for many years, the way that development teams use these external components looks different today.

Read Post

Snyk

Read more about Three trends shaping software supply chain security today

DEF CON 32: What We Learned About Secrets Security at AppSec Village

Aug 22, 2024 By Dwayne McDaniel In GitGuardian

At DEF CON 32's AppSec Village, we explored secrets security challenges, answered common questions, and shared how to detect and handle hidden credentials effectively.

Read Post

GitGuardian

Read more about DEF CON 32: What We Learned About Secrets Security at AppSec Village

CVE-2024-28986 & CVE-2024-28987: Follow-Up: New SolarWinds HotFix Addresses Critical Vulnerabilities in Web Help Desk

Aug 22, 2024 By Andres Ramos In Arctic Wolf

On August 21, 2024, SolarWinds released a second hotfix for SolarWinds Web Help Desk (WHD) version 12.8.3. This hotfix addresses a newly disclosed hardcoded credential vulnerability (CVE-2024-28987) that allows a remote, unauthenticated attacker to access internal functionality and modify data. Additionally, the hotfix resolves the Java deserialization remote code execution (RCE) vulnerability (CVE-2024-28986) disclosed the previous week and fixes functionality issues introduced by the first hotfix.

Read Post

Arctic Wolf

Read more about CVE-2024-28986 & CVE-2024-28987: Follow-Up: New SolarWinds HotFix Addresses Critical Vulnerabilities in Web Help Desk

Understanding Out-of-Bounds Memory Access Vulnerabilities and Detecting Them with Fuzz Testing

Aug 22, 2024 By Khaled Yakdan In Code Intelligence

Out-of-bounds memory access, also known as buffer overflow, occurs when a program tries to read from or write to a memory location outside the bounds of the memory buffer that has been allocated for it. This type of vulnerability is particularly dangerous because it can lead to various issues, including crashes, data corruption, sensitive data leaks, and even the execution of malicious code.

Read Post

Code Intelligence

Read more about Understanding Out-of-Bounds Memory Access Vulnerabilities and Detecting Them with Fuzz Testing

Red Teaming vs Penetration Testing: Understanding the Differences

Aug 22, 2024 By shiba In JUMPSEC

In today’s rapidly evolving cybersecurity landscape, organisations must stay ahead of emerging threats and vulnerabilities to remain competitive. Two critical approaches to bolster security are Red Teaming and Penetration Testing. While these terms are often used interchangeably, they serve different purposes and employ distinct methodologies. Understanding the differences between Red Teaming and Penetration Testing is essential for implementing an effective cybersecurity strategy.

Read Post

JUMPSEC

Read more about Red Teaming vs Penetration Testing: Understanding the Differences

The key challenges of intrusion detection and how to overcome them

Aug 22, 2024 By Mark Nicholls In Redscan

However, to achieve the full potential of this approach, they must first overcome a variety of challenges. Read on to discover what intrusion detection is and how it has evolved, plus the four key challenges associated with it and how to address them.

Read Post

Redscan

Read more about The key challenges of intrusion detection and how to overcome them

Keeping Financial Services Organizations Secure in an AI World

Aug 22, 2024 By Splunk In Splunk

When we talk about financial services and technology, security and regulatory compliance are always top of mind. And now, Generative AI has entered the chat - one of the most talked-about technologies of recent years. And Financial Services institutions have only begun to scratch the surface of what generative AI can do. The problem is, so have cyber threat actors. In this session from Splunk, and IDC, you’ll hear key insights into how financial services companies are improving their security posture in an AI World, and how those practices can benefit your organizations.

View Video

Splunk

Read more about Keeping Financial Services Organizations Secure in an AI World

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Sysdig's AI Workload Security: The risks of rapid AI adoption

Insider Risk Management: Addressing the Human Side of Risk

Two Suspects Behind 14M Holograph Crypto Heist Arrested In Italy

Three trends shaping software supply chain security today

DEF CON 32: What We Learned About Secrets Security at AppSec Village

CVE-2024-28986 & CVE-2024-28987: Follow-Up: New SolarWinds HotFix Addresses Critical Vulnerabilities in Web Help Desk

Understanding Out-of-Bounds Memory Access Vulnerabilities and Detecting Them with Fuzz Testing

Red Teaming vs Penetration Testing: Understanding the Differences

The key challenges of intrusion detection and how to overcome them

Keeping Financial Services Organizations Secure in an AI World

Monthly Archive

Follow Us