July 3, 2024 at 10:06AM The rush to adopt cloud technology left many organizations grappling with security and management concerns. A similar phenomenon is now occurring with artificial intelligence (AI), where companies are implementing AI solutions without understanding the associated risks. Despite the potential benefits, haphazard AI use can lead to significant security vulnerabilities, emphasizing … Read more
July 2, 2024 at 02:43PM Large organizations, especially those with more than $1 billion in revenue, increased their cyber workforce, with an average of one cyber professional per 1,086 employees in 2024. Financial companies lead the pack with one cyber expert per 267 employees, while industrial groups lag behind at one per 1,390. Cyber readiness … Read more
July 1, 2024 at 10:07AM Apple’s AI initiatives have significant implications for hardware security, with an emphasis on customer privacy and extensive private infrastructure control. This includes secure lockboxes for AI queries and embedded security features in device and server chips. In contrast, rivals face security complexities with their diverse cloud and chip partnerships, raising … Read more
June 28, 2024 at 08:10AM Enterprises are struggling to secure their modern business infrastructure, specifically SaaS, as they continue to rely on outdated security programs. The shared responsibility model in SaaS requires customers to take ownership of components that are often targeted by threat actors, leading to growing SaaS attack activity. Implementing a true Zero … Read more
June 27, 2024 at 03:18PM SecurityWeek Network provides cybersecurity news, webcasts, virtual events, and coverage of topics such as malware, cyberwarfare, data breaches, ransomware, and more. It also includes content on security operations, incident response, risk management, and industrial cybersecurity, as well as discussions on CISO strategy and cyber insurance. It seems that the provided … Read more
June 25, 2024 at 04:31PM Neiman Marcus’s customer information, including names, contact details, gift card numbers, and more, was stolen and offered for sale on the dark web. While the breach did not include credit card data, it prompted the luxury retailer to disable access to the cloud service, engage cybersecurity experts, and notify law … Read more
June 24, 2024 at 12:56PM ShinyHunters has reportedly targeted Ticketek in Australia, compromising data for about 30 million users. The breach, similar to the Ticketmaster incident, occurred through a third-party cloud provider. No user accounts were compromised, and payment information was not accessed. The connection to Snowflake and ShinyHunters remains unconfirmed. Based on the meeting … Read more
June 24, 2024 at 10:24AM Cybersecurity researchers disclosed a security flaw, CVE-2024-37032, affecting the Ollama open-source AI platform, enabling remote code execution. The issue was fixed in version 0.1.34. Exploiting the vulnerability involves manipulating HTTP requests. In default Linux installations, the risk is lowered, but Docker deployments are at high risk. Wiz identified over 1,000 … Read more
June 24, 2024 at 05:39AM Threat actors claimed to have stolen information on millions of Ticketek users after a data breach on the cloud-based platform. User account details, but not payment information, may have been compromised. The incident seems linked to the Snowflake campaign, and a hacker claimed to offer information on 30 million customers. … Read more
June 21, 2024 at 04:58PM Abstract Security, a cybersecurity innovator, has announced the general availability of its cutting-edge security operations platform. The platform, in use by customers, aids in navigating data complexities, enhancing security effectiveness, and reducing costs. It offers advanced analytics, security pipelines, and optimized storage. Additionally, Abstract has expanded its team and garnered … Read more