Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24.

In Calligo’s latest Beyond Data podcast, co-hosts Sophie Chase Borthwick and Tessa Jones are joined by Alexander Visheratin, Artificial Intelligence Engineer at Beehive AI. Here we explore some of the episode’s highlights; the importance of Natural Learning Processing (NLP) and the pros and cons of output produced by examples like OpenAI’s ChatGPT-3.

Misleading attackers to trigger alarms can stop them in their tracks and keep damage to a minimum. Honeytokens, like the ones you can make with GitGuardian's ggcanary, let you easily set such traps.

Public cloud services and cloud assets are agile and dynamic environments. Close oversight of these assets is a critical component of your asset management and security practices. While it’s important to understand the relationships and potential vulnerabilities of your cloud assets, the practice of managing these systems is complicated by the ever-changing nature of cloud environments.

The Active Directory linked attribute is a special type of Active Directory attribute that is used to describe relationships between objects. This post explains what linked attributes are and how they work.

If you’re after a toolkit to own Microsoft SQL Server from end to end, what you need is PowerUpSQL. Implemented in PowerShell and as complete as they come, PowerUpSQL has tools to discover, compromise and own just about any SQL system. It’s the whole kill chain in one tool. This article details how to perform the critical attack steps using PowerUpSQL.

The city government of Oakland has declared a state of emergency after it was hit by a ransomware attack. The attack, which began in the evening of February 8th, has forced the city to take all its IT systems offline, and has affected many non-emergency services, including the ability to collect payments, issue permits, and process reports.

You can stay safe online during tax season by using strong and unique passwords for your accounts, backing up all your sensitive data and files, not using public WiFi when filing and more. Continue reading to learn more about staying safe online when filing your taxes and the importance of doing so.

Since 2017, an upwards trend of vulnerabilities has been observed, reported to, and analyzed by the National Institute of Standards and Technology (NIST). According to the National Vulnerability Database (NVD), there were more than 25,200 vulnerabilities published in 2022, making it another record-breaking year, with an increase of 25% compared to 2021. That’s a five-time increase over the past decade.

The mathematical properties and concepts of elliptic curves are used in asymmetric key exchange cryptography schemes. Common applications include: In this article, we’ll take a deep dive into elliptic curve cryptography. We aim to take a digestible, slightly less academic look that still thoroughly explains this technical topic. For something a little lighter, explore our introduction to cryptography.