Logpoint adds ChatGPT to its cybersecurity arsenal
ChatGPT is very much flavor of the month at the moment, with many companies looking to add the AI technology into their products and Google launching its own alternative, Bard.
The latest to embrace the potential is Logpoint which is launching ChatGPT integration for its Security Orchestration, Automation and Response (SOAR) product.
More progress needed to protect identity, networks and applications
While technology to secure devices has been widely adopted, more progress is needed to protect identity, networks and applications, according to the first-ever Cybersecurity Readiness Index from Cisco.
Respondents rank identity and device management as two of the three top cybersecurity threats. With the widespread adoption of technology like multi-factor authentication (MFA), criminals are increasingly targeting the solutions employed to protect users and devices.
Google launches new security and privacy features to mark Safer Internet Day
Google is using today's Safer Internet Day to announce a number of new security and privacy initiatives.
Among these are new ways to fill out passwords easily and securely in Chrome, more privacy protection for the Google app, improvements to Google Password Manger, and an expansion of SafeSearch to protect against explicit images.
Critical infrastructure organizations the target of more than half of ransomware attacks
Critical infrastructure organizations accounted for 51 percent of ransomware victims in 2022, with construction being the most targeted sector overall.
Analysis by the KrakenLabs team at Outpost24 has identified 2,363 victims disclosed by various ransomware groups on Data Leak Sites (DLS) in 2022, with an estimated $450 million paid in ransom by victims.
You don't have to be clever to be a cybercriminal
Cybercriminals don't need to be clever and use inventive hacking exploits to breach systems as organizations are making things too easy for them, says a new report.
Intelligence-led computer security testing company SE Labs has released its annual Cyber Threat Intelligence report with a warning that CEOs need to take cybersecurity seriously or risk falling into the clutches of criminals eager to take their data and their money.
How emerging technologies are changing the security landscape [Q&A]
The cybersecurity world is a constantly evolving one. In recent years though we've seen the rise of new technologies like AI and quantum computing that, while they may revolutionize legitimate businesses, also have worrying implications for security.
We spoke to Kevin Kennedy, vice president of products at detection and response company Vectra AI, to find out more about the risks and what organizations can do about them.
How much is your streaming account worth on the Dark Web?
Netflix recently announced a crackdown on the sharing of account details and has introduced a paid sharing option to allow multiple users. It isn't surprising then that there's a thriving Dark Web market for streaming account details.
Research from AtlasVPN shows that account logins for popular streaming services are being sold for an average of $11.
IT and security pros spend over 4,000 hours a year on compliance
IT and security professionals spend an average of 4,300 hours annually achieving or maintaining compliance, according to a new study.
The survey, from automation platform Drata of 300 IT and security professionals in fast-growing organizations across the US, finds 87 percent of respondents have faced consequences as a result of not having continuous compliance, these include slowed sales cycles, security breaches, business interruption, loss of a business relationship, a damaged reputation, or fines.
Continuous Threat Exposure Management and what it means for enterprise security [Q&A]
This summer, Gartner introduced Continuous Threat Exposure Management (CTEM). This is a set of processes and capabilities that allow organizations to create a system for review of exposures that is faster than the periodic project-based approach.
With endless threats and vulnerabilities hammering today's organizations, exposure management that evaluates the accessibility, exposure and exploitability of all digital and physical assets is necessary to govern and prioritize risk reduction for enterprises.
Organizations need a holistic approach to cyber threats
A new survey of 300 organizations across the US and Europe looks at the key challenges concerning the ability to effectively prioritize and contextualize the large amounts of data organizations get from several cyber security alert systems, as well as identifying the actions needed to meet them.
The survey, conducted for Darktrace by IDC, finds evolving attack vectors make it difficult to prepare proactively, with only 31 percent of respondents highly confident that their tools can continuously adjust to new configurations.
Lazarus Group targets medical research and energy
Researchers at WithSecure have uncovered a cyberattack campaign linked back to North Korea's notorious Lazarus Group.
It is extremely rare to be able to link a campaign so strongly to a perpetrator as WithSecure has been able to do here. The Hackers have been targeting medical research and energy organizations with the intent to commit espionage.
New cloud platform aims to improve supply chain management
A new platform from Sonatype is designed to make it easier for developer and security teams to unite and build innovative software securely.
It delivers an Application Security Testing (AST) and Software Composition Analysis (SCA) tool that offers cloud, self-hosted, and disconnected deployment options -- giving control and flexibility to its customers.
Number of new Common Vulnerabilities and Exposures (CVEs) expected to increase in 2023
We can expect to see more than 1,900 new Common Vulnerabilities and Exposures (CVEs) per month in 2023, including 270 high-severity and 155 critical-severity vulnerabilities -- a 13 percent increase from published 2022 levels.
This is according to a report from cyber insurance provider Coalition, which finds that most CVEs are exploited within 90 days of public disclosure, with the majority exploited within the first 30 days.
87 percent of container images have high risk vulnerabilities
Due to the nature of modern software design and the sharing of open source images, security teams face a large number of container vulnerabilities according to a new report.
The study from Sysdig, based on real-world data sets covering billions of containers, thousands of cloud accounts, and hundreds of thousands of applications, finds 87 percent of container images have high or critical vulnerabilities.
Breaches, privileged credentials and the SaaS application conundrum [Q&A]
Last year Toyota suffered a data breach due to accidentally exposing a credential allowing access to customer data in a public GitHub repository.
This type of breach could be avoided if organizations turned their focus on credentials that are exposed within SaaS applications. We spoke to Corey O'Connor, director of product at SaaS security platform DoControl, about why he believes identity security needs to go beyond just protecting the keys.
Ian's Bio
Ian spent almost 20 years working with computers before he discovered that writing about them was easier than fixing them. Since then he's written for a number of computer magazines and is a former editor of PC Utilities. Follow him on Mastodon
© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.