Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Read also: Israeli police dismantle an international crypto fraud ring, crypto casino Stake lost $41M in a hack, and more.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. A big hit for a major website is always a bad thing – more so when people are expecting emails. Though in this case I suspect it is more likely the target is password reuse.

AI is one of the hottest topics in tech right now. More than half of consumers have already tried generative AI tools like ChatGPT or DALL-E. According to a Gartner poll, 70% of executives say their business is investigating and exploring how they can use generative AI, while 19% are in pilot or production mode. Business use cases for AI range from enhancing the customer experience (38%), revenue growth (26%), and cost optimization (17%).

In this episode, we welcome back Shay Nahari, VP of CyberArk Red Team Services. His discussion with host David Puner revolves around attacker innovation, focusing on key areas like cascading supply chain attacks and session cookie hijacking. Lean in as Nahari explains how the Red Team simulates real-world attacks to help organizations identify vulnerabilities and improve their security posture.

True cyber resilience involves much more than having a disaster recovery (DR) solution. That’s because recovery from a typical DR scenario is different than recovery from a cyber event. Why? For starters, disaster recovery scenarios usually involve human nature, mother nature, or technical failure: These are just a few examples.

As a principal security researcher on Corelight’s Labs team, I help to solve difficult network security research problems at scale. Corelight’s customers might recognize some of my work if you see the packages “VPN Insights” or “App ID” on your sensors. Outside of my day-to-day role, I have a hobby podcast called eCrimeBytes where we lightheartedly discuss an electronic crime case each week.