Recent Security News
-
AI Data Exposed to ‘LeftoverLocals’ Attack via Vulnerable AMD, Apple, Qualcomm GPUs
January 17, 2024 at 08:30AM Researchers discovered a new attack method, LeftoverLocals (CVE-2023-4969), exploiting a GPU vulnerability to access sensitive data from AI and other applications. LeftoverLocals can affect Apple, AMD, Qualcomm, and Imagination Technologies GPUs. Qualcomm and Apple are releasing patches, while AMD plans mitigations in March 2024. The vulnerability allows local attackers to…
-
Achieving “Frictionless Defense” in the Age of Hybrid Networks
January 17, 2024 at 08:30AM The term “frictionless” in cybersecurity acknowledges the lack of a perfect security solution. With a growing cybersecurity workforce shortage and increasingly dispersed networks, the emphasis is on quickly and easily gaining visibility into network activities. Integrations are vital in achieving a “frictionless defense,” particularly in modern distributed infrastructures and cloud…
-
GitHub Rotates Credentials in Response to Vulnerability
January 17, 2024 at 08:30AM GitHub rotated credentials and addressed a vulnerability impacting GitHub.com and GitHub Enterprise Server after receiving a vulnerability report. The security defect allowed access to credentials within a production container but had minimal impact. GitHub resolved the flaw and released patches for GitHub Enterprise Server, also rotating the private GitHub GPG…
-
Savvy Launches Identity-First Security Offering to Combat Toxic Combinations Driving SaaS Risk
January 17, 2024 at 07:36AM Savvy, a SaaS security platform provider, has introduced Identity-First Security to address risks stemming from identity access management permissions, user behavior, and business context. The offering aims to combat SaaS application-related security risks by providing comprehensive visibility and automated security guardrails to guide users in real time. For more details,…