Multi-cloud environments create complex IT architectures that are hard to secure. Although cloud computing creates numerous advantages for companies, it also increases the risk of data breaches. Did you know that you can mitigate these risks with a CSPM? Rony Moshkovitch, Prevasio’s co-founder, discusses why modern organizations need to opt for a CSPM solution when migrating to the cloud and also offers three powerful tips to finding and implementing the right one.

The amount of data generated and fed into AI systems has increased quickly over the last few years. Attackers are taking advantage of the massive increase in data volume to contaminate the data input in training datasets, resulting in incorrect or malicious results. In fact, at a recent Shanghai conference, Nicholas Carlini, research scientist at Google Brain, stated that data poisoning can be accomplished efficiently by modifying only 0.1% of the dataset.

While most end users are well-acquainted with the dangers of traditional phishing attacks, such as those delivered via email or other media, a large proportion are likely unaware that Microsoft Teams chats could be a phishing vector. Most Teams activity is intra-organizational, but Microsoft enables External Access by default, which allows members of one organization to add users outside the organization to their Teams chats.

On January 22, 2024, Fortra publicly disclosed a critical vulnerability, CVE-2024-0204, in their GoAnywhere MFT product. This vulnerability, which was responsibly disclosed to Fortra by Spark Engineering Consultants, had been patched on December 7, 2023. CVE-2024-0204 is a severe authentication bypass vulnerability with a CVSS score of 9.8.

Happy New Year! My name is Zain Ghani. I’m a Customer Solutions Architect based in Austin, Texas, and I’m excited to share our latest updates with you. This year started with multiple recognitions for Sysdig. GigaOM named Sysdig a Leader and the only Outperformer in its inaugural Cloud Workload Security Radar report.

We are witnessing an explosion in the number, type, and mix of smart devices in our business environment, driven by mobility, remote work, and the adoption of digital transformation initiatives. However, these devices come with their own set of security risks and challenges, creating a larger attack surface to manage and control.

The Play ransomware group is one of the most successful ransomware syndicates today. All it takes is a quick peek with a disassembler to know why this group has become infamous. This is because reverse engineering the malware would be a Sisyphean task full of anti-analysis techniques. That said, it might come as a surprise that the malware crashes quite frequently when running.

On January 16 2024, Atlassian issued a significant alert on a critical Server-Side Template Injection (SSTI) vulnerability in Confluence Data Center and Server, identified as CVE-2023-22527. This issue found in older versions, poses a serious risk as it allows attackers without any authentication, to inject OGNL expressions. This means they could potentially run any code they want on the compromised system.