Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

It seems everyone is concerned about cybersecurity these days, and the investor community is no different. Shareholders are reading the headlines—ransomware attacks, data breaches, infrastructure disruptions—and they are wondering how these incidents could impact the companies that they invest in. Shareholders are about to get a lot more information from companies in the months ahead. In July 2023, the U.S.

AI is one of the hottest topics in tech right now. More than half of consumers have already tried generative AI tools like ChatGPT or DALL-E. According to a Gartner poll, 70% of executives say their business is investigating and exploring how they can use generative AI, while 19% are in pilot or production mode. Business use cases for AI range from enhancing the customer experience (38%), revenue growth (26%), and cost optimization (17%).

In this episode, we welcome back Shay Nahari, VP of CyberArk Red Team Services. His discussion with host David Puner revolves around attacker innovation, focusing on key areas like cascading supply chain attacks and session cookie hijacking. Lean in as Nahari explains how the Red Team simulates real-world attacks to help organizations identify vulnerabilities and improve their security posture.

True cyber resilience involves much more than having a disaster recovery (DR) solution. That’s because recovery from a typical DR scenario is different than recovery from a cyber event. Why? For starters, disaster recovery scenarios usually involve human nature, mother nature, or technical failure: These are just a few examples.

As a principal security researcher on Corelight’s Labs team, I help to solve difficult network security research problems at scale. Corelight’s customers might recognize some of my work if you see the packages “VPN Insights” or “App ID” on your sensors. Outside of my day-to-day role, I have a hobby podcast called eCrimeBytes where we lightheartedly discuss an electronic crime case each week.

Two new local privilege escalation vulnerabilities were recently discovered in Ubuntu: CVE-2023-2640 (CVSS 7.8) and CVE-2023-32629 (CVSS 7.8). The vulnerabilities, dubbed GameOver(lay), affect the OverlayFS module in multiple Ubuntu kernels. Ubuntu’s official security bulletin here and here outlines the impacted versions by both CVEs. It’s important to note that CrowdStrike Falcon® Cloud Security protects against both vulnerabilities.

Cognizant is a massive IT services company with over 300,000 employees and more than $15 Billion in annual revenue. The company helps major corporations with IT services. TMG Health is a healthcare services provider that works with Medicare Advantage, Medicaid Part D, and Managed Medicaid programs for many government agencies throughout the country. Between these two major companies, a huge amount of data is stored. All that data is now vulnerable because of a breach that started in May.

Internet of Things (IoT) security protects IoT devices and the networks to which they connect from cyberattacks. IoT devices can include anything that connects to your internet including doorbell cameras, baby monitors, smart bulbs and thermostats. This presents a cybersecurity risk because anything that can connect to your internet is at risk of being hacked.