What does generative AI mean for security? In the short term, and possibly indefinitely, we will see offensive or malicious AI applications outpace defensive ones that use AI for security. We also will see an outsized explosion in new attack surfaces. HackerOne can help you prepare your defenses.
The Russian-language Clop crime group's mass exploitation of MOVEit file-transfer software demonstrates how criminals continue to seek fresh ways to maximize their illicit profits with minimal effort. Ransomware response firm Coveware says Clop may clear over $75 million from this campaign.
Suspected North Korean hackers who targeted enterprise software firm JumpCloud are likely behind a social engineering campaign targeting the personal GitHub accounts of employees from major technology firms - including those in the cybersecurity sector.
The proposed $2.45 billion sale of Forcepoint's government security business to TPG will fuel investment and growth for both public sector and commercial customers, CEO Manny Rivelo said. Forcepoint determined that its government practice would benefit from an additional set of investments.
Enterprise software firm JumpCloud says a sophisticated nation-state threat actor is behind a security incident that targeted a small and specific set of customers last week. JumpCloud reset all of its API keys, potentially affecting thousands of customers including Cars.com and GoFundMe.
As U.S. government agencies migrate operations and apps to multi-cloud environments, there are lessons learned to be gained from their private sector counterparts. John Sellers of Cisco shares some of these lessons, as well as questions government security leaders need to be asking about the cloud.
Orca has accused cloud security rival Wiz of violating two patents associated with securing virtual machines and virtual cloud assets at rest against cyberthreats. Orca's complaint accused Wiz of patent infringement across its portfolio, including in its CNAPP, CSPM, CIEM, DSPM, IaC and CDR tools.
In the latest weekly update, four editors at ISMG discuss highlights from recent ISMG events, the winners and losers in Forrester's first-ever network analysis and visibility rankings, and the ongoing tech trade war between the U.S. and China and its impact on the global supply chain.
A growing number of security teams are looking to consolidate tools to simplify operations, said Gartner analyst Dionisio Zumerle. "When you have the complexity, it's very hard to identify misconfigurations between the different overlapping tools, and it's also hard to identify security gaps."
Financial services organizations face unique cloud security challenges, due to special regulatory, data security and privacy considerations that don't necessarily apply to other industries. Security and payments experts with overlapping skill sets unpack the challenges and how to deal with them.
"Exposure management has become top of mind for most CISOs" due to three factors: the uncertain geopolitical landscape, the proliferation of the cloud and an increased focus on regulations and compliance, according to Sarah Ashburn, Chief Revenue Officer at Censys.
The security benefits of public cloud outweigh the drawbacks since cyber controls can be applied much earlier in the application development life cycle. Palo Alto Networks founder and Chief Technology Officer Nir Zuk said development procedures in traditional data centers are "a complete mess."
The potential for cybercriminals to reverse-engineer generative AI tools, the rise of geopolitical threats and increased cloud complexity are among the top new threats facing security teams in 2023, according to Forrester's Top Cybersecurity Threats In 2023 report.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.