AI literacy gap extends beyond technical skills
Even as organizations accelerate AI adoption, the majority don’t understand the AI skills their employees possess, if any, or have an upskilling strategy to develop them, according to Pluralsight. “AI is transforming the way that business is done.....»»
Alert fatigue puts pressure on security and development teams
Security practitioners are under a tremendous amount of pressure to secure today’s applications, according to Cycode. The research found that AppSec chaos reigns, with 78% of CISOs responding that today’s AppSec attack surfaces are unmanageable a.....»»
Aim for a modern data security approach
Risk, compliance, governance, and security professionals are finally realizing the importance of subjecting sensitive workloads to robust data governance and protection the moment the data begins traversing the data pipeline. Many organizations no lo.....»»
New infosec products of the week: December 8, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Atsign, Daon, Global Integrity, Living Security, Panther Labs, Searchlight Cyber, and Varonis. Varonis enhances DSPM capabilities with Azure and AWS support.....»»
December 2023 Patch Tuesday forecast: ‘Tis the season for vigilance
The final Patch Tuesday of the year is almost upon us! This is the time of year when we want to relax and enjoy the holidays, but we need to be extra vigilant to detect and respond to suspicious activity. Many in the retail industry have placed our s.....»»
Delve Risk and ThreatNG Security join forces to boost client decisions through advanced intelligence
Delve Risk and ThreatNG Security has unveiled a transformative partnership aimed at delivering intelligence solutions for security vendors. Strategic alliance for advanced intelligence The collaboration between Delve Risk and ThreatNG Security repres.....»»
New RCE vulnerability in Apache Struts 2 fixed, upgrade ASAP (CVE-2023-50164)
The Apache Struts project has released updates for the popular open-source web application framework, with fixes for a critical vulnerability that could lead to remote code execution (CVE-2023-50164). About CVE-2023-50164 CVE-2023-50164 may allow an.....»»
NuHarbor Security partners with Zscaler to protect distributed workforces
NuHarbor Security has partnered with Zscaler to deliver a new level of cybersecurity capability and business value based on the proven effectiveness of the largest security cloud on the planet. Combining NuHarbor’s nationally recognized leadership.....»»
Meta introduces default end-to-end encryption for Messenger and Facebook
Meta is introducing default end-to-end encryption (E2EE) for chats and calls across Messenger and Facebook, the company revealed on Wednesday. Rolling out E2EE for Messenger and Facebook E2EE ensures that messages content is only visible to the perso.....»»
Trustmi Certify provides protection against business payment fraud
Trustmi released Trustmi Certify, a critical innovation in its new solution for bank account validation. Businesses can now benefit from Trustmi’s holistic approach to bank account validation that accurately verifies the account and provides full p.....»»
Phylum integrates with Sumo Logic to identify software supply chain attacks
Phylum announced the availability of the Phylum Threat Feed and its partnership with Sumo Logic. With the Phylum App for Sumo Logic, users can know if their organization has been impacted by software supply chain risks, including: Zero-day attacks Cr.....»»
HireRight Global ID enables employers to remotely verify their candidates’ identity documents
HireRight launched its new global identity verification solution, Global ID. With identity theft and fraud on the rise—and many employees being onboarded and working remotely—it is arguably more important than ever to verify candidates’ identit.....»»
1Kosmos partners with AWS to offer MFA for customer use cases
1Kosmos announced it has completed the integration of its 1Kosmos BlockID platform with Amazon Cognito. As an AWS Advanced Technology Partner, 1Kosmos enables Amazon customers to seamlessly add passwordless multi-factor authentication (MFA) to their.....»»
Daon xSentinel minimizes generative AI voice fraud
Daon announced the addition of xSentinel, an expansion of its AI.X technology. xSentinel provides adaptive synthetic voice protection to create a layer of defense within any voice communication channel and enhance the identity verification technologi.....»»
Malwarebytes unveils vulnerability assessment module to help users identify critical vulnerabilities
Malwarebytes announced its comprehensive vulnerability assessment module is now included in every ThreatDown bundle at no additional cost via its integrated console. Many IT organizations are struggling with rising cybersecurity costs associated with.....»»
Cybersixgill introduces new features and capabilities to strengthen threat analysis
Cybersixgill announced new features and capabilities that take security teams’ threat detection and mitigation efforts to new levels, helping them identify and mitigate vulnerabilities and detect and stop threats more quickly and effectively. Cyber.....»»
Netskope rolls out NewEdge’s seamless localized experience
Netskope has unveiled the completion of the rollout of Localization Zones to its NewEdge security private cloud offering a localized experience for 220 countries and territories, including every non-embargoed UN member state. While a move to a cloud.....»»
Short-term AWS access tokens allow attackers to linger for a longer while
Attackers usually gain access to an organization’s cloud assets by leveraging compromised user access tokens obtained via phishing, by using malware, or by finding them in public code repositories. These are long-term access tokens associated w.....»»
Researchers automated jailbreaking of LLMs with other LLMs
AI security researchers from Robust Intelligence and Yale University have designed a machine learning technique that can speedily jailbreak large language models (LLMs) in an automated fashion. “The method, known as the Tree of Attacks with Pru.....»»
OpenTofu: Open-source alternative to Terraform
OpenTofu is an open-source alternative to Terraform’s widely used Infrastructure as Code provisioning tool. Previously named OpenTF, OpenTofu is an open and community-driven response to Terraform’s recently announced license change from a.....»»