In the first quarter of 2024, nearly half of all security incidents our team responded to involved multi-factor authentication (MFA) issues, according to the latest Cisco Talos report.
The post Misconfigured MFA Increasingly Targeted by Cybercriminals appeared first on Security Boulevard.
The LockBit ransomware group is claiming that it hacked into systems at the U.S. Federal Reserve and stole 33TB of data that it will begin leaking as early as Tuesday if the institution doesnβt pay the unspecified ransom. The notorious cybercriminals announced the attack on its dark web leak site on June 23, giving the..
The post LockBit Claims Ransomware Attack on U.S. Federal Reserve appeared first on Security Boulevard.
Security analysts at Google are developing a framework that they hope will enable large language models (LLMs) to eventually be able to run automated vulnerability research, particularly analyses of malware variants. The analysts with Googleβs Project Zero β a group founded a decade ago whose job it is to find zero-day vulnerabilities β have been..
The post Googleβs Project Naptime Aims for AI-Based Vulnerability Research appeared first on Security Boulevard.
Copying usersβ files and deleting some? Even a cartoon hound knows this isnβt fine.
The post Microsoft Privacy FAIL: Windows 11 Silently Backs Up to OneDrive appeared first on Security Boulevard.
The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free. Β Β Β Thank you. The CISO2CISO Advisors Team.
La entrada AWS Cloud Security Checklist se publicΓ³ primero en CISO2CISO.COM & CYBER SECURITY GROUP.
Multiple bad actors are using the Rafel RAT malware in about 120 campaigns aimed at compromising Android devices and launching a broad array of attacks that range from stealing data and deleting files to espionage and ransomware. Rafel RAT is an open-source remote administration tool that is spread through phishing campaigns aimed at convincing targets..
The post Rafel RAT Used in 120 Campaigns Targeting Android Device Users appeared first on Security Boulevard.
Spend more on security! Car and truck dealers fall back on pen and paper as huge SaaS provider gets hacked (again).
The post 30,000 Dealerships Down β βRansomwareβ Outage Outrage no. 2 at CDK Global appeared first on Security Boulevard.
Ongoing European Union quest to break end-to-end encryption (E2EE) mysteriously disappears.
The post EU Aims to Ban Math β βChat Control 2.0β Law is Paused but not Stopped appeared first on Security Boulevard.
While many businesses invest heavily in frontline defense tools to keep out bad actors, they spend far less time and money preparing for what happens when the criminals eventually get in.
The post Closing the Readiness Gap: How to Ensure a Fast Recovery From the Inevitable Cyber Attack appeared first on Security Boulevard.
Donald Trumpβs presidential campaign is known for aggressively trying to raise money, even sending emails to donors hoping to cash in on setbacks like his conviction late last month on 34 felony counts for illegally influencing the 2016 campaign. Bad actors now are trying to do the same, running donation scams by impersonating the campaign..
The post Cybercriminals Target Trump Supporters with Donation Scams appeared first on Security Boulevard.
By centralizing, enriching and correlating identities to events, the suggestion is that security and platform teams can break silos and readily share findings to expedite investigations.
The post Sysdig Bids to Bolster Brittle Cloud Infrastructure Layers appeared first on Security Boulevard.
The advent of cloud computing ushered in a new ra of innovation, empowering organizations to rapidly scale and embrace new opportunities. Today, multicloud environments have become the de facto way of doing business.However, with all that innovation and flexibility came new risks. Many customers currently operate with a complex patchwork of interconnected technologies across different [β¦]
La entrada 2024 State of Multicloud Security Report se publicΓ³ primero en CISO2CISO.COM & CYBER SECURITY GROUP.
QR codes have been around for three decades, but it wasnβt until the COVID-19 pandemic hit in 2020 that they got wide use, with restaurants, health care facilities, and other businesses turning to them to customers contactless ways to read menus, buy items, or track the health of people in their buildings. Around the same..
The post A New Tactic in the Rapid Evolution of QR Code Scams appeared first on Security Boulevard.
Companies are achieving revenue growth by addressing the needs of mid-market enterprises, offering tailored solutions that provide high value at a competitive price point.
The post SASE Market Growth Continues, Led by Cisco, ZscalerΒ appeared first on Security Boulevard.
PTaaS involves outsourcing penetration testing activities to a trusted third-party service provider, saving busy internal teams valuable time and offering an objective outsiderβs perspective of their systems.
The post Penetration-Testing-as-a-Service: An Essential Component of the Cybersecurity Toolkit appeared first on Security Boulevard.
Whether it be purely text-based social engineering, or advanced, image-based attacks, one thing's for certain β generative AI is fueling a whole new age of advanced phishing.
The post The βSpammificationβ of Business Email Compromise Spells Trouble for Businesses Around the Globe appeared first on Security Boulevard.
AWS announced passkey MFA for IAM and root users, IAM Access Analyzer updates, and Amazon GuardDuty Malware Protection for S3.
The post AWS Announces Authentication and Malware Protection Enhancements appeared first on SecurityWeek.
At the RSA Conference last month, Netcraft introduced a generative AI-powered platform designed to interact with cybercriminals to gain insights into the operations of the conversational scams theyβre running and disrupt their attacks. At the time, Ryan Woodley, CEO of the London-based company that offers a range of services from phishing detection to brand, domain,..
The post Netcraft Uses Its AI Platform to Trick and Track Online Scammers appeared first on Security Boulevard.
Location tracking service leaks PII, becauseβincompetence? Seems almost TOO easy.
The post Tile/Life360 Breach: βMillionsβ of Usersβ Data at Risk appeared first on Security Boulevard.
Itβs no secret that hospitals and other health care organizations are among the top targets for cybercriminals. The ransomware attacks this year on UnitedHealth Groupβs Change Healthcare subsidiary, nonprofit organization Ascension, and most recently the National Health Service in England illustrate not only the damage to these organizationsβ infrastructure and the personal health data thatβs..
The post Connecticut Has Highest Rate of Health Care Data Breaches: Study appeared first on Security Boulevard.
The best-case scenario for mitigating cloud security risks is when CSPs and customers are transparent and aligned on their responsibilities from the beginning.
The post The Team Sport of Cloud Security: Breaking Down the Rules of the Game appeared first on Security Boulevard.
If your organization hasnβt taken these steps to prevent a ransomware attack, itβs time to act now to protect your company, its data, employees and most importantly, customers.
The post 5 Ways to Thwart Ransomware With an Identity-First Zero Trust Model appeared first on Security Boulevard.
A long-running ransomware campaign that has been targeting Windows and Linux systems since 2019 is the latest example of how closely threat groups track public disclosures of vulnerabilities and proofs-of-concept (PoCs) and how quickly they move in to exploit them. The PHP Group last week disclosed a high-severity flaw β tracked as CVE-2024-4577 and with..
The post Ransomware Group Jumps on PHP Vulnerability appeared first on Security Boulevard.
IT systems β and this year networking equipment in particular β continue to pose the most security risk for organizations, but it is the vulnerable Internet of Things (IoT) devices that are quickly moving up the ladder, according to researchers with Forescoutβs Verdere Labs researchers. In this yearβs Riskiest Connected Devices report released this week,..
The post Network Equipment, IoT Devices are Big Security Risks: Forescout appeared first on Security Boulevard.
Microsoft and Google will provide free or low-cost cybersecurity tools and services to rural hospitals in the United States at a time when health care facilities are coming under increasing attack by ransomware gangs and other threat groups. For independent rural and critical access hospitals, Microsoft will provide grants and as much as 75% discounts..
The post Microsoft, Google Come to the Aid of Rural Hospitals appeared first on Security Boulevard.
Not our fault, says CISO: βUNC5537β breached at least 165 Snowflake instances, including Ticketmaster, LendingTree and, allegedly, Advance Auto Parts.
The post Ticketmaster is Tip of Iceberg: 165+ Snowflake Customers Hacked appeared first on Security Boulevard.
Businesses increasingly migrate to cloud-based solutions for storage, applications, and critical functions. While the cloud offers scalability and agility, it also introduces new security challenges. Cloud penetration testing is a crucial defence mechanism for proactively identifying and addressing these vulnerabilities. What is Cloud penetration testing? Cloud pen testing replicates a controlled cyberattack on your cloud β¦
Cloud Penetration Testing: Tools, Methodology & Prerequisites Read More Β»
The post Cloud Penetration Testing: Tools, Methodology & Prerequisites appeared first on Security Boulevard.
Mandiant says a financially motivated threat actor has compromised hundreds of Snowflake instances using customer credentials stolen via infostealer malware that infected non-Snowflake owned systems.
The post Snowflake Attacks: Mandiant Links Data Breaches to Infostealer Infections appeared first on SecurityWeek.
Fortinet announces plans to acquire Lacework, a late-stage cloud security startup that was once listed as a βunicornβ company valued north of $1 billion.
The post Fortinet Expands Cloud Security Portfolio with Lacework Acquisition appeared first on SecurityWeek.
Fortinet, known for network security capabilities within its Fortinet Security Fabric cybersecurity platform, is bolstering its AI and cloud security capabilities with the planned acquisition of Lacework and its AI-based offerings. The companies announced the proposed deal on Monday, with expectations that it will close in the second half of the year. The plan is..
The post Fortinet to Expand AI, Cloud Security with Lacework Acquisition appeared first on Security Boulevard.
In episode 333 of the Shared Security Podcast, Tom and Scott discuss a recent massive data breach at Ticketmaster involving the data of 560 million customers, the blame game between Ticketmaster and third-party provider Snowflake, and the implications for both companies. Additionally, they discuss Live Nationβs ongoing monopoly investigation. In the βAware Muchβ segment, the [β¦]
The post Ticketmaster Data Breach and Rising Work from Home Scams appeared first on Shared Security Podcast.
The post Ticketmaster Data Breach and Rising Work from Home Scams appeared first on Security Boulevard.
U.S. Senator Ron Wyden, who late last month asked federal agencies to investigate flaws in UnitedHealth Groupβs cybersecurity measures that led to the massive ransomware attack that disrupted hundreds of hospital and pharmacy operations, now is pushing the Health and Human Services (HHS) Department to require such large health care organizations to immediately implement protections...
The post Senator: HHS Needs to Require Security Measures for Health Sector appeared first on Security Boulevard.
The Federal Communications Commission is considering requiring broadband providers to improve the cybersecurity of the networks that route traffic around the internet, an issue the FCC and other government agencies have been working on for more than a year. The proposal would require ISPs to generate confidential reports that would outline what they have done..
The post FCC Pushes Ahead with Internet Routing Security Requirements appeared first on Security Boulevard.
SaaS security has become organizations' top consideration, highlighted by establishing dedicated SaaS security teams. Thereβs also a notable increase in SaaS cybersecurity budgets, with 39% of organizations boosting their allocations.
The post OrganizationsΒ Move to Establish Dedicated SaaS Security Teams appeared first on Security Boulevard.
Tenable goes shopping again in Israel with plans to buy early stage startup Eureka Security to boost data security posture management tooling.
The post Tenable to Acquire Eureka Security to Boost DSPM Capabilities appeared first on SecurityWeek.
Hyderabad, the fourth most populous city in India, is well-known for a variety of things, including its innovations, top colleges, and IT firms. Almost 3,500 cybersecurity businesses are based in the city, and many of them are brand-new startups. In order to shield companies from cyberattacks, the companies offer services including cloud protection, incident response, [β¦]
The post Best Cyber Security Companies in Hyderabad appeared first on Kratikal Blogs.
The post Best Cyber Security Companies in Hyderabad appeared first on Security Boulevard.
RansomHub, which has become among the most prolific ransomware groups over the past few months, likely got its start with the source code from the Knight malware and a boost from a one-time BlackCat affiliate.
The post RansomHub Rides High on Knight Ransomware Source Code appeared first on Security Boulevard.
Co-authored by Lara Sunday and Pojan Shahrivar
As artificial intelligence (AI) and machine learning (ML) technologies continue to advance and proliferate, organizations across industries are investing heavily in these transformative capabilities. According to Gartner, by 2027, spending on AI software will grow to $297.9 billion at a compound annual growth rate of 19.1%. Generative AI (GenAI) software spend will rise from 8% of AI software in 2023 to 35% by 2027.
With the promise of enhanced efficiency, personalization, and innovation, organizations are increasingly turning to cloud environments to develop and deploy these powerful AI and ML technologies. However, this rapid innovation also introduces new security risks and challenges that must be addressed proactively to protect valuable data, intellectual property, and maintain the trust of customers and stakeholders.
Cloud platforms offer unparalleled scalability, allowing organizations to easily scale their computing resources up or down to meet the demanding requirements of training and deploying complex AI models.
"The ability to spin up and down resources on-demand has been a game-changer for our AI development efforts," says Stuart Millar, Principal AI Engineer at Rapid7. "We can quickly provision the necessary compute power during peak training periods, then scale back down to optimize costs when those resources are no longer needed."
Cloud environments also provide a cost-effective way to develop AI models, with usage-based pricing models that avoid large upfront investments in hardware and infrastructure. Additionally, major cloud providers offer access to cutting-edge AI hardware and pre-built tools and services, such as Amazon SageMaker, Azure Machine Learning, and Google Cloud AI Platform, which can accelerate development and deployment cycles.
While the cloud offers numerous advantages for AI development, it also introduces unique challenges that organizations must navigate. Limited visibility into complex data flows and model updates can create blind spots for security teams, leaving them unable to effectively monitor for potential threats or anomalies.
In their Β AI Threat Landscape Report, HiddenLayer highlighted that 98% of all the companies surveyed identified that elements of their AI models were crucial to their business success, and 77% identified breaches to their AI in the past year. Additionally, multi-cloud and hybrid deployments bring monitoring, governance, and reporting challenges, making it difficult to assess AI/ML risk in context across different cloud environments.
Developing AI in the cloud also exposes organizations to new attack vectors and risk types that traditional security tools may not be equipped to detect or mitigate. Some examples include:
Prompt Injection (LLM01): Imagine a large language model used for generating marketing copy. An attacker could craft a special prompt that tricks the model into generating harmful or offensive content, damaging the company's brand and reputation.
Training Data Poisoning (LLM03, ML02): Adversaries can tamper with training data to compromise the integrity and reliability of cloud-based AI models. In the case of an AI model used for image recognition in a security surveillance system, poisoned training data containing mislabeled images could cause the model to generate incorrect classifications, potentially missing critical threats.
Model Theft (LLM10, ML05): Unauthorized access to proprietary AI models deployed in the cloud poses risks to intellectual property and competitive advantage. If a competitor were to steal a model trained on a company's sensitive data, they could potentially replicate its functionality and gain valuable insights.
Supply Chain Vulnerabilities (LLM05, ML06): Compromised libraries, datasets, or services used in cloud AI development pipelines can lead to widespread security breaches. A malicious actor might introduce a vulnerability into a widely used open-source library for AI, which could then be exploited to gain access to AI models deployed by multiple organizations.
To address these challenges and risks, organizations need to develop and implement best practices and standards tailored to their specific business needs, striking the right balance between enabling innovation and introducing risk.
While guidelines like NCSC Secure AI System Development and The Open Standard for Responsible AI provide a valuable starting point, organizations must also develop their own customized best practices that align with their unique business requirements, risk appetite, and AI/ML use cases. For instance, a financial institution developing AI models for fraud detection might prioritize best practices around data governance and model explainability to ensure compliance with regulations and maintain transparency in decision-making processes.
Key considerations when developing these best practices include:
Ensuring secure data handling and governance throughout the AI lifecycle
"At Rapid7, our InsightCloudSec solution offers real-time visibility into AI/ML resources running across major cloud providers, allowing security teams to continuously monitor for potential risks or misconfigurations," says Aniket Menon, VP, Product Management. "Visibility is the foundation for effective security in any environment, and that's especially true in the complex world of AI development. Without a clear view into your AI/ML assets and activities, you're essentially operating blind, leaving your organization vulnerable to a range of threats."
Here at Rapid7 our AI TRiSM (Trust, Risk, and Security Management) framework empowers our teams. The framework provides us with confidence not only in our operations but also in driving innovation. In their recent blog outlining the companyβs AI principles, Laura Ellis and Sabeen Malik shared how Rapid7 tackles and addresses AI challenges. Centering on transparency, fairness, safety, security, privacy, and accountability, these principles are not just guidelines; they are integral to how Rapid7 builds, deploys, and manages AI systems.
Security and compliance are two key InsightCloudSec capabilities. Compliance Packs are out-of-the-box collections of related Insights focused on industry requirements and standards for all of your resources. Compliance packs may focus on security, costs, governance, or combinations of these across a variety of frameworks, e.g., HIPAA, PCI DSS, GDPR, etc.
Last year Rapid7 launched the Rapid7 AI/ML Security Best Practices compliance pack, the pack allows for real-time and continuous visibility into AI/ML resources running across your clouds with support for GenAI services across AWS, Azure and GCP. To empower you to assess this data in the context of your organizational requirements and priorities, you can then automatically prioritize AI/ML-related risk with Layered Context based on exploitability and potential business impact.
You can also leverage Identity Analysis in InsightCloudSec to collect and present the actions executed by a given user or role within a certain time period. These logged actions are collected and analyzed, providing you with a view across your organization of who can access AI/ML resources and automatically rightsize in accordance with the least privilege access (LPA) concept. This enables you to strategically inform your policies moving forward. Native automation allows you to then act on your assessments to alert on compliance drift, remediate AI/ML risk, and enact prevention mechanisms.
As an inaugural signer of the CISA Secure by Design Pledge, and through our partnership with Queen's University Belfast Centre for Secure Information Technologies (CSIT), Rapid7 remains dedicated to collaborating with industry leaders and academic institutions to stay ahead of emerging threats and develop cutting-edge solutions for securing AI development.
As the adoption of AI and ML capabilities continues to accelerate, it's imperative that organizations have the knowledge and tools to make informed decisions and build with confidence. By implementing robust best practices and leveraging advanced security tools like InsightCloudSec, organizations can harness the power of AI while mitigating the associated risks and ensuring their valuable data and intellectual property remain protected.
To learn more about how Rapid7 can help your organization develop and implement best practices for securing AI development, visit our website to request a demo.
Gartner, Forecast Analysis: Artificial Intelligence Software, 2023-2027, Worldwide, Alys Woodward, et al, 07 November 2023
The newly-released Apple cybersecurity threat study reveals interesting data points and demonstrates how the threat landscape is evolving.
The post 8 Takeaways from Apple 2023 Threat Research appeared first on Security Boulevard.
Russian threat groups are using old tactics and generative AI to run malicious disinformation campaigns meant to discredit the Paris Olympic Games, France and its president, and the IOC -- less than two months before the Games begin.
The post Russian Threat Groups Turn Eyes to the Paris Olympic Games appeared first on Security Boulevard.
Snowflake, Inc. says NO, threatening legal action against those who say it was. But reports are coming in of several more massive leaks from other Snowflake customers.
The post Was the Ticketmaster Leak Snowflakeβs Fault? appeared first on Security Boulevard.
We warned you. As of June 3, Google is following through on its threat to kill ad blockers. Privacy-focused Chrome extensions are living on borrowed time; developers must upgrade to the less capable βManifest V3β API.
The post Google Hates Ad Blockers: Manifest V3 Push Starts Today appeared first on Security Boulevard.
Microsoft Azure provides a suite of highly integrated security services that provide a cost-effective solution for Defense contractors looking to meet the CMMC 2.0 requirements. The Cybersecurity Maturity Model Certification (CMMC) is a framework designed to enhance the security posture of companies that work with the Department of Defense (DoD) by implementing a set of [β¦]
The post Accelerating CMMC 2.0 Compliance for Defense Contractors with Microsoft Azure appeared first on Security Boulevard.
Security teams often grapple with the uncertainty of data exposure in their SaaS supply chain, especially with third-party SaaS vendors. A proactive approach helps safeguard organizations against SaaS threats. It begins with a comprehensive evaluation of third-party vendor cybersecurity practices to pinpoint potential vulnerabilities and risks within the supply chain.
The post Shining the Light on Shadow IT: Top Five SaaS Security Tips for Third-Party Risk Management appeared first on Security Boulevard.
Senator Ron Wyden wants the FTC and SEC to investigate the ransomware attack on UnitedHealth's Change subsidiary to see if there was criminal negligence by the CEO or board.
The post Senator Calls for FTC, SEC Probe Into UnitedHealthβs βNegligenceβ in Breach appeared first on Security Boulevard.
Cloud penetration testing, particularly for AWS (Amazon Web Services), involves systematically evaluating the security of AWS cloud infrastructure to identify vulnerabilities and weaknesses. This process includes testing various AWS services, such as EC2, S3, RDS, and Lambda, to ensure they are configured securely and are resilient to attacks. AWS pentesting requires a deep understanding of [β¦]
La entrada Cloud AWS Pentest se publicΓ³ primero en CISO2CISO.COM & CYBER SECURITY GROUP.
Cloudlfare acquires Boston seed-stage startup BastionZero to bolster its Zero Trust Network Access technology portfolio.
The post Cloudflare Expands Zero Trust Capabilities with Acquisition of BastionZero appeared first on SecurityWeek.
Views: 0Source: www.securityweek.com β Author: Ionut Arghire Cloud security startup Averlon has emerged from stealth mode with $8 million in seed funding, which brings the total raised by the company to $10.5 million. The new investment round was led by Voyager Capital, with additional funding from Outpost Ventures, Salesforce Ventures, and angel investors. Co-founded by [β¦]
La entrada Averlon Emerges From Stealth Mode With $8 Million in Funding β Source: www.securityweek.com se publicΓ³ primero en CISO2CISO.COM & CYBER SECURITY GROUP.
Averson secures seed funding to build technology that uses AI to identify cloud security weaknesses and counter cyberattacks.
The post Averlon Emerges From Stealth Mode With $8 Million in Funding appeared first on SecurityWeek.
Login