In Part 1 of this series, we looked at how AWS WAF helps you monitor network traffic to AWS resources, as well as key metrics and logs for detecting WAF misconfigurations and malicious activity. In this post, we’ll walk through using AWS’s native tooling to query that data.

The world is quickly seeing the rise of AI powered customer service. The conversational agent chatbots enhance the customer experience but also introduce a new attack vector. Here's what you need to know about strengthening AI chatbot defenses. Many AI driven technologies have access to vast data sources and access to functions that assist users. AI chatbots can be used in many ways such as answering questions about an item in stock, help develop code, to helping users reset their password.

San Francisco, CA - Protecto, a leading innovator in data privacy and security solutions, is proud to announce the release of new capabilities designed to identify and cleanse Protected Health Information (PHI) data from structured and unstructured datasets, facilitating the creation of safe and compliant data for Generative AI (GenAI) applications. This advancement underscores Protecto's commitment to data security and compliance while empowering organizations to harness the full potential of GenAI.

Check Point Cybersecurity has issued hotfixes to address a zero-day vulnerability in its VPNs that has been exploited to gain remote access to firewalls and potentially infiltrate corporate networks. On 27.04.2024 (Monday), the company initially alerted customers to an increase in attacks targeting VPN devices, offering guidance on how administrators can safeguard their systems.

With ransomware increasing and a complex, business-critical cloud migration on the horizon, BSM, one of the world’s largest shipping companies, was seeking a solution to monitor its environment for potential threats, both now and in the future. Working with Kroll gives the company greater visibility across its global network of offices and ships to better detect and respond to threats.

An increasing number of phishing campaigns from several threat groups are being tracked as they leverage legitimate Cloudflare services as part of account compromise attacks. Security analysts at Netskope take an expository look at the misuse of Cloudflare services for the purpose of enabling phishing attacks that leverage HTML Smuggling and Transparent Phishing tactics. We’ve seen HTML Smuggling attacks for several years, including its continued use this year.

Many organizations struggle with handling BYOD and mobile devices. Permitting those devices to access resources poses a larger challenge for governance, risk, and compliance (GRC). Questions of how to deploy approved apps and updates remain unresolved. It’s an even greater struggle when legacy Active Directory infrastructure is added to the mix. The temptation to piece together a strategy with point solutions can be met with resistance from IT directors who favor consolidation.