Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Samsung Introduces Million-Dollar Bug Bounty for Critical Galaxy Vulnerabilities
Samsung has introduced a groundbreaking bug bounty program offering up to $1,000,000 for discovering critical vulnerabilities in its mobile devices. This initiative, named the 'Important Scenario Vulnerability Program (ISVP),' underscores Samsung's commitment to bolstering the security of its Galaxy devices. The program focuses on vulnerabilities related to arbitrary code execution, device unlocking, data extraction, arbitrary application installation, and bypassing device protections.
A security expert's view on Gartner's generative AI insights
Snyk’s goal has always been to empower developers to build fast but safely. This is why we created the developer security category and why we were amongst the first advocates of “shifting left.” Now, AI has changed the equation. According to Gartner, over 80% of enterprises will have used generative AI APIs or models, or deployed their own AI model, by 2026.
Beyond the Noise: Achieving Accurate API Inventory with AI
The prevalence of APIs in today's digital environment is undeniable. They are crucial for modern applications, enabling seamless communication and data exchange between different software components. The rise of AI and machine learning has further accelerated API adoption, not only for accessing data and resources but also for rapid API development and deployment.
Unmatched Coverage for Cloud and Hybrid Workloads: Sysdig's Next Generation Instrumentation
In today’s rapidly changing and evolving cloud-native environments, security and infrastructure teams face challenges ranging from managing complex deployments to ensuring capability across their entirety of their diverse infrastructure. EDR and XDR tools cannot provide comprehensive coverage of cloud workloads, making them fundamentally unsuited for cloud security.
Introducing Cloud Identity Insights for Sysdig Secure
In recent years, almost every major cloud breach has been marked by overly permissive credentials, followed by lateral movement and privilege escalation. These vulnerabilities have allowed attackers to navigate through systems with ease, escalating their privileges to cause significant harm. It’s crucial for cloud threat responders to be aware of threats as they occur and to be able to contain these attacks swiftly and effectively.
Featured Post
Responsible Cloud Migration - Overcoming the Data Security Challenge
Since the world went digital the value of data has been unprecedented, and as businesses race to adopt the latest tech to optimise and monetise their data it is set to increase in value at an exponential rate. However, whilst data is widely regarded as an organisation's main asset, data accountability is rarely owned, which can lead to errors that incur fines, loss in consumer trust, and impact brand reputation. To ensure best practice, organisations should apply caution when considering their next step in digital transformation, such as when migrating data to the cloud.
LLM Security: Splunk & OWASP Top 10 for LLM-based Applications
As a small kid, I remember watching flying monkeys, talking lions, and houses landing on evil witches in the film The Wizard of Oz and thinking how amazing it was. Once the curtain pulled back, exposing the wizard as a smart but ordinary person, I felt slightly let down. The recent explosion of AI, and more specifically, large language models (LLMs), feels similar. On the surface, they look like magic, but behind the curtain, LLMs are just complex systems created by humans.
Supercharge your investigation with Sysdig Sage for CDR
Artificial intelligence has taken over almost every aspect of our everyday lives. In cybersecurity, generative AI models with natural language processing are commonly being used to predict, detect, and respond to threats. But AI security assistants, although an upgrade from traditional machine learning, only provide very basic queries and summarization, which is insufficient to fully comprehend modern cloud attacks. As part of an ongoing effort to improve the cloud detection and response (CDR) experience,
AI Tools Have Increased the Sophistication of Social Engineering Attacks
The Cyber Security Agency of Singapore (CSA) has warned that threat actors are increasingly using AI to enhance phishing and other social engineering attacks, Channel News Asia reports. The CSA’s report found that cybercriminals are selling tools that automate these attacks, allowing unskilled threat actors to launch sophisticated attacks.