There is no question that cybersecurity is on the brink of an AI revolution. The cloud security industry, for example, with its complexity and chronic talent shortage, has the potential to be radically impacted by AI. Yet the exact nature of this revolution remains uncertain, largely because the AI-based future of cybersecurity is still being invented, step by step.

The Amadey Trojan Stealer, an active and prominent malware, first emerged on the cybersecurity landscape in 2018 and has maintained a persistent botnet infrastructure ever since. Several campaigns have used this malware, like the previous Splunk Threat Research blog related to RedLine loader, the multi-stage attack distribution article from McAfee in May 2023 and the campaign where it uses N-day vulnerabilities to deliver Amadey malware noted in March 2023 by DarkTrace.

This is the third part of a blog series on AI-powered application security. Following the first two parts that presented concerns associated with AI technology, this part covers suggested approaches to cope with AI concerns and challenges. In my previous blog posts, I presented major implications of AI use on application security, and examined why a new approach to application security may be required to cope with these challenges.

For more than two decades, virtual private networks (VPNs) have been the go-to technology for enterprise remote access — and by extension, for enforcing remote access security. Even ubiquitous internet connections are often redirected via VPN to a central data center, where security enforcement occurs through various hardware appliances. From there, the traffic is forwarded onward to the internet. Of course, it must follow the same indirect path back on the response side.

In today’s digital landscape, cyber threats continue to evolve at an alarming pace, with hackers constantly finding new ways to infiltrate systems and compromise sensitive data. One such sophisticated threat is fileless malware, a stealthy form of malicious software that operates entirely in the computer’s memory without leaving any trace on the hard drive.

ModSecurity is an open-source Web Application Firewall (WAF) engine maintained by Trustwave. This blog post discusses an issue with four transformation actions that could enable a Denial of Service (DoS) attack by a malicious actor. The issue has been addressed with fixes in v3.0.10. ModSecurity v2 is not affected.

Generative AI, the transformative technology causing a stir in the global tech sphere, is akin to an enthralling narrative with its charming allure and consequential dark underbelly. Its most notable impact is forecasted in the realm of identity proofing, creating ripples of change that demand our immediate attention.

The growing use of APIs in various business areas exposes organizations to new security risks. An analysis of data breaches reveals that US companies could face losses ranging from $12 billion to $23 billion in 2022 due to compromises linked to APIs. Lack of visibility plays a major role in the rise of API breaches. The lack of visibility inherently creates blind spots. How do you overcome the problem of hidden APIs?

As attackers get more creative in their malicious tradecraft, cloud security teams must be able to keep up with detections that provide adequate coverage against the diverse threats to their cloud environments. Threat emulation enables cloud security teams to leverage their understanding of threat actor behaviors as a feedback loop for developing cloud-based detections and validating their resilience.