Technology

Cloud Threats Memo: More Details on Long-Lasting Campaigns Targeting Eastern Europe

May 19, 2023 By Paolo Passeri In Netskope

In a previous memo, I mentioned the discovery, made by researchers at Kaspersky, of an active campaign carried out by an advanced threat actor since 2021, targeting multiple organizations in the regions of Donetsk, Lugansk, and Crimea. One of the noteworthy aspects of this campaign was undoubtedly the usage of a new backdoor, called PowerMagic, characterized by the exploitation of the popular cloud storage services, Dropbox and OneDrive, as the command and control infrastructure.

Read Post

Netskope

Read more about Cloud Threats Memo: More Details on Long-Lasting Campaigns Targeting Eastern Europe

Learn about Corelight and Zeek with AI

May 19, 2023 By Corelight In Corelight

Want to know how to get a commanding view of all devices that log onto your network? Let’s ask ChatGPT! Watch as Corelight's James Pope leverages his AI assistant to explain the power of Zeek®—the open-source technology behind Corelight’s network evidence—and the detailed logs of network activity it produces, including protocols such as HTTP, DNS, and SSL. In the video he also shares how Zeek®’s open standard easily integrates with Suricata, SecurityOnion, Molok, Elk, CrowdStrike EDR logs, and more.

View Video

Corelight

Read more about Learn about Corelight and Zeek with AI

UTMStack Unveils Ground-breaking Artificial Intelligence to Revolutionize Cybersecurity Operations

May 19, 2023 By cesmng In UTMStack

Doral, Florida UTMStack, a leading innovator in cybersecurity solutions, has announced a significant breakthrough in the field of cybersecurity – an Artificial Intelligence (AI) system that performs the job of a security analyst, promising to transform cybersecurity practices forever.

Read Post

UTMStack

Read more about UTMStack Unveils Ground-breaking Artificial Intelligence to Revolutionize Cybersecurity Operations

Will predictive AI revolutionize the SIEM industry?

May 18, 2023 By IT Security In ManageEngine

The cybersecurity industry is extremely dynamic and always finds a way to accommodate the latest and best technologies available into its systems. There are two major reasons: one, because cyberattacks are constantly evolving and organizations need to have the cutting edge technologies in place to detect sophisticated attacks; and two, because of the complexity of the network architecture of many organizations.

Read Post

ManageEngine

Read more about Will predictive AI revolutionize the SIEM industry?

How to secure Generative AI applications

May 18, 2023 By Reid Tatoris In Cloudflare

I remember when the first iPhone was announced in 2007. This was NOT an iPhone as we think of one today. It had warts. A lot of warts. It couldn’t do MMS for example. But I remember the possibility it brought to mind. No product before had seemed like anything more than a product. The iPhone, or more the potential that the iPhone hinted at, had an actual impact on me. It changed my thinking about what could be.

Read Post

Cloudflare

Read more about How to secure Generative AI applications

Announcing Cloudflare Secrets Store

May 18, 2023 By Dina Kozlov In Cloudflare

We’re excited to announce Secrets Store - Cloudflare’s new secrets management offering! A secrets store does exactly what the name implies - it stores secrets. Secrets are variables that are used by developers that contain sensitive information - information that only authorized users and systems should have access to.

Read Post

Cloudflare

Read more about Announcing Cloudflare Secrets Store

Stopping API attacks with Salt Security and AWS WAF

May 18, 2023 By Salt Security In Salt Security

Every company’s APIs are unique and so are its security gaps. Bad actors will poke and prod to learn your APIs and find mistakes in business logic they can exploit. Catching these attacks requires context and deep behavioral analysis over time. With its recent AWS WAF Ready designation, Salt Security makes it easier and faster for businesses to protect the APIs running in their AWS environments. Salt provides the visibility, intelligence, and context over time to identify and block attacks using tools you already rely on such as Amazon API Gateway, AWS WAF, and other inline enforcement points.

View Video

Salt Security

Read more about Stopping API attacks with Salt Security and AWS WAF

Netskope Demo: Keep Source Code out of AI Tools like ChatGPT

May 18, 2023 By Netskope In Netskope

Discover how Netskope's Intelligent SSE and DLP create a robust defense against potential leaks of proprietary code to AI tools like ChatGPT. This secure technology ensures your organization's precious source code remains safeguarded at all times.

View Video

Netskope

Read more about Netskope Demo: Keep Source Code out of AI Tools like ChatGPT

The implications of adding SAST to your CI/CD pipeline

May 18, 2023 By Mark Michon In Bearer

DevSecOps is all about better integrating security into the software development life cycle (SDLC). When combined with the desire to automate repetitive tasks, the inevitable conclusion is to put any repeatable testing tool into your app’s build pipeline. For any tooling that involves code analysis, it makes sense to sync up with existing testing workflows. That’s where CI comes in.

Read Post

Bearer

Read more about The implications of adding SAST to your CI/CD pipeline

API Security: Authorization, Rate Limiting, and Twelve Ways to Protect APIs

May 18, 2023 By Phani Deepak Akella In Indusface

41% of organizations suffered an API security incident, where a majority (63%) were data breaches. This is despite 90% of them using authentication policies in place, according to a survey by 451 Research. No surprises there, as authentication is just one piece of the API security puzzle. In this blog, we’ll cover the 12 methods that technology leaders need to incorporate to secure and protect APIs.

Read Post