Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

June 2024

panoptica

Policy Enforcement Redefined: Panoptica Integrates with Multi-Cloud Defense making it the first CNAPP solution to expand into Network Security

Jun 5, 2024 By Becca Gomby In Panoptica
In the dynamic landscape of cybersecurity, the integration of cutting-edge technologies is paramount to stay ahead of evolving threats. In this pursuit, the fusion of Panoptica’s robust capabilities with Multi-Cloud Defense emerges as a game-changer. This groundbreaking integration not only fortifies organizations against multifaceted risks but also establishes a new paradigm in policy enforcement for unparalleled security.
Read Post
panoptica

Unlocking Deeper Cloud Security: Panoptica Unveils Additional Capabilities at CLUS

Jun 5, 2024 By Becca Gomby In Panoptica
In today' s dynamic cloud landscape, the demand for a sophisticated, all-in-one security platform is paramount. Panoptica meets the challenge head-on, empowering security teams with actionable insights that enhance their security posture.
Read Post

Friday Flows Special Edition: Change Control with AI Summary

Jun 5, 2024 By Tines In Tines
Tyler Talaga, Staff Engineer at MyFitnessPal, is one of the early adopters of Tines' AI capabilities. In this special "Wednesday Workflows," Tyler walks through a story he built to improve the visibility of Change Control requests. This workflow routes Change Control requests to Slack with a detailed summary provided through the AI Action, helping the team quickly approve (or deny) a change. The MyFitnessPal team is building many new, helpful automations with the AI capabilities, including one to summarize vulnerabilities fixed in MacOS updates.
View Video
cyberark

Operation Grandma: A Tale of LLM Chatbot Vulnerability

Jun 5, 2024 By Eran Shimony and Shai Dvash In CyberArk
Who doesn’t like a good bedtime story from Grandma? In today’s landscape, more and more organizations are turning to intelligent chatbots or large language models (LLMs) to boost service quality and client support. This shift is receiving a lot of positive attention, offering a welcome change given the common frustrations with bureaucratic delays and the lackluster performance of traditional automated chatbot systems.
Read Post
netskope

Delivering a Modern Approach to SaaS Security with Netskope One

Jun 5, 2024 By Carmine Clementelli In Netskope
There are more SaaS applications in use by businesses than ever before—and the adoption rate is only going to continue to increase. According to Netskope’s annual Cloud & Threat Report, SaaS adoption continued to rise in enterprise environments throughout 2023, with users constantly accessing new, mostly unmanaged, apps and increasing their use of existing apps.
Read Post
synopsys

CyRC Vulnerability Advisory: CVE-2024-5184s prompt injection in EmailGPT service

Jun 5, 2024 By Synopsys Editorial Team In Synopsys
The Synopsys Cybersecurity Research Center (CyRC) has exposed prompt injection vulnerabilities in the EmailGPT service. EmailGPT is an API service and Google Chrome extension that assists users in writing emails inside Gmail using OpenAI's GPT models. The service uses an API service that allows a malicious user to inject a direct prompt and take over the service logic. Attackers can exploit the issue by forcing the AI service to leak the standard hard-coded system prompts and/or execute unwanted prompts.
Read Post
netwrix

The Top 5 Areas of Your IT Ecosystem to Monitor in 2024

Jun 5, 2024 By Dirk Schrader In Netwrix
In today’s complex IT ecosystems, extending equal protection across the entire network is simply not feasible. Instead, organizations need to determine which systems are inherently most critical and prioritize maintaining their operational integrity through effective IT monitoring: tracking performance and activity across servers, applications and other technology components.
Read Post
sysdig

Wireshark: Ethereal Network Analysis for the Cloud SOC

Jun 5, 2024 By Loris Degioanni In Sysdig
Remember Wireshark from the good old days of your IT degree or early engineering adventures? Well, guess what? It’s still kicking and just as relevant today as it was back then, and guess what else? It is still open source! Do your engineering or security teams use it? There’s a good chance they do if you’re on-premises. Believe it or not, Wireshark isn’t just for the land of wires and cables anymore. With some help from Falco and Kubernetes, it has a place in the cloud SOC.
Read Post
kroll

An Introduction To Purple Teaming

Jun 5, 2024 By Kroll In Kroll
With cyber threats constantly evolving, organizations must ensure that their approach to identifying and mitigating vulnerabilities is always up to date. Purple teaming can play a vital role in helping them to achieve this. Purple teaming involves red and blue teams collaborating on an ongoing basis to maximize their impact. Read on to discover how purple teaming enables businesses to enhance and accelerate their approach to identifying and mitigating security vulnerabilities.
Read Post
foresiet

First American Data Breach in December Impacts 44,000 Individuals

Jun 5, 2024 By Foresiet In Foresiet
In an alarming revelation, First American Financial Corporation, the second-largest title insurance company in the United States, disclosed that a cyberattack in December resulted in a significant data breach affecting 44,000 people. This incident underscores the importance of robust cybersecurity measures and services such as phishing takedown, online risk evaluation, stolen credentials detection, and darknet monitoring.
Read Post
foresiet

New Phishing Tactics: Cloudflare Workers, HTML Smuggling, and GenAI

Jun 5, 2024 By Foresiet In Foresiet
Cybersecurity researchers are ringing the alarm on new phishing campaigns exploiting Cloudflare Workers, HTML smuggling, and generative AI (GenAI) to target user credentials. These innovative techniques highlight the sophisticated strategies cybercriminals are deploying to bypass security measures and harvest sensitive information.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.