Netskope Threat Labs is tracking phishing campaigns that are abusing several free cloud services to host their websites and collect user information. These campaigns host their phishing sites in AWS Amplify which is available to free-tier users. Some phishing campaigns also abuse Telegram and Static Forms to collect users’ credentials. These phishing attacks aim to steal banking, webmail, and Microsoft 365 credentials, as well as victims’ card payment details.

PoisonGPT works completely normally, until you ask it who the first person to walk on the moon was. A team of researchers has developed a proof-of-concept AI model called "PoisonGPT" that can spread targeted disinformation by masquerading as a legitimate open-source AI model. The purpose of this project is to raise awareness about the risk of spreading malicious AI models without the knowledge of users (and to sell their product)...

Generative AI unleashed a whole series of new innovations and tools to the masses in 2023. From AI chatbots to image generators to AI coding assistants, there is just so much to consider, and there are more and more being launched every day. In this guide, we will look at how AI is changing the world of software development by showcasing 26 AI coding tools that are helping developers produce high-quality software more efficiently.

The most famous data breaches–the ones that keep security practitioners up at night–involved the leak of millions of user records. Companies have lost names, addresses, email addresses, Social Security numbers, passwords, and a wealth of other sensitive information. Protecting this data is the highest priority of most security teams, yet many teams still struggle to actually detect these leaks.

With digital transformation having taken a front seat over the past 3 years due to a global shift in how people do business, cloud reliance and breaches have skyrocketed. According to G2, half of all organizations are currently cloud native or cloud enabled. It’s not just a matter of accomplishing work, either – it’s storage for vital digital assets.

We’ve taken our award-winning API security “Down Under” with our latest customer success! Today we announced that Jemena, a leading energy company in Australia, has selected the Salt Security API Protection Platform to protect its critical gas and electricity infrastructure. Here at Salt, we are honored that Jemena has chosen us to secure its API modernization project!

A high-functioning security program leverages data to drive optimization – by satisfying governance, reporting, and compliance (GRC) requirements efficiently, creating visibility for risk-based prioritization, and leveraging automation throughout the software development lifecycle. Often, however, the data needed to drive these processes is spread across a complex ecosystem.

In a chilling reminder of the relentless threat posed by hackers and cybercriminals, not even the aviation industry is safe from their clutches. Recent reports have shed light on a grave security breach, as unauthorized individuals gained access to vital pilot credentials within two prominent American aviation companies. The far-reaching impact of this breach serves as a stark warning to businesses across all domains: no data is safe from the clutches of malicious actors.

Implementing an AWS multi-account strategy is a popular approach that helps organizations to manage their cloud resources efficiently. In my previous post, I discussed our reasons for implementing an AWS multi-account strategy, our journey, and some of the benefits we gained as an organization. However, implementing this strategy can come with its fair share of challenges.