cloud security / data protection / encryption / security transition

Lacework’s new CIEM uses ML to fish out high-risk identities

The new CIEM will merge with existing threat detection capabilities to consolidate Lacework’s cloud security offering.

binary code displayed across an artificial face

OWASP lists 10 most critical large language model vulnerabilities

The list highlights the impact and prevalence of the 10 most critical vulnerabilities found in artificial intelligence applications based on LLMs.

Toyota Concept-i

Cloud misconfiguration causes massive data breach at Toyota Motor

Vehicle data and customer information were exposed for over eight years due to a cloud misconfiguration at Toyota Motor that impacted over 260,000 customers.


Department of Defense AI principles have a place in the CISO’s playbook

The American defense establishment has put in place some very useful guidelines that CISOs can easily translate and incorporate into their own policies on handling artificial intelligence.

change management in digital transformation internet of things iot and new technology big data and

Shadow IT is increasing and so are the associated security risks

Shadow IT — tech brought into an organization without the security team’s knowledge — continues to be a threat. Managing visibility through increased vigilance and employee education can help mitigate its dangers.

8 code driven security

Clop ransomware gang exploits the MOVEit Transfer vulnerability to steal data

At least one organization, UK payroll provider Zellis, has confirmed a breach via the MOVEit utility.

Bitcoin symbol on the ground surrounded by crime scene tape and forensic evidence markers.

Atomic Wallet hack leads to at least $35M in stolen crypto assets

The biggest victim of the cryptocurrency hack on Atomic Wallet was an individual who reportedly lost $7.95 million in Tether. 

digital ball hand prediction

SAFE Security claims to predict data breaches with new generative AI offering

SAFE Security’s Cyber Risk Cloud of Clouds generates likelihoods for different risk scenarios based on an organization’s cybersecurity posture.

woman in shadow gender equality leader reflection business executive by artem gavrysh unsplash

CISOs, IT lack confidence in executives’ cyber-defense knowledge

Cybercriminals target senior executives, but IT security professionals say these executives are unprepared to defend their devices, software, and home network.

man concerned artificial intelligence ai sign

Governments worldwide grapple with regulation to rein in AI dangers

As generative AI revolutionizes tech, governments around the world are trying to come up with regulations that encourage its benefits while minimizing risks such as bias and disinformation.


power lines water tower critical infrastructure essential security

10 notable critical infrastructure cybersecurity initiatives in 2023

How vendors, governments, industry bodies, and nonprofits are contributing to increasing the cyber resilience of critical national infrastructure this year.

Two people review information on a tablet in an office workspace.

Federal cyber incidents reveal challenges of implementing US National Cybersecurity Strategy

As federal government cybersecurity incidents continue to mount, the Biden administration's National Cybersecurity Strategy should help, although experts say implementing it won't be easy.

angry face emoji on mobile phone

Russia points finger at US for iPhone exploit campaign that also hit Kaspersky Lab

The Operation Triangulation surveillance campaign infects Apple iPhones without the need for user action and is difficult to detect.

green tree python

Attackers use Python compiled bytecode to evade detection

Newly discovered campaign takes advantage of the fact that most vulnerability scanning tools don't read compiled open-source software.

A broken link in a digital chaing / weakness / vulnerability

MOVEit Transfer vulnerability appears to be exploited widely

A SQL injection vulnerability has been found in the MOVEit Transfer web application, allowing an unauthenticated attacker to gain unauthorized access to MOVEit Transfer’s database.