-
Only one in 10 CISOs today are board-ready, study says
PRIVACY PRIVACY Even though there is a growing demand for cybersecurity expertise at the highest levels of business, a significant number of public companies lack even one qualified cybersecurity expert on their board of directors, according to a study by cybersecurity research and advisory firm IANS. In addition, the study found that just a little…
-
Lacework’s new CIEM uses ML to fish out high-risk identities
PRIVACY PRIVACY Cloud security provider Lacework has released a new cloud infrastructure entitlement management (CIEM) offering to strengthen the observability of all cloud identities. The new capability is aimed at simplifying Lacework’s cloud security offering by merging with its existing cloud security posture management (CSPM), attack path analysis, and threat detection capabilities into a single…
-
Snowden Ten Years Later
PRIVACY PRIVACY In 2013 and 2014, I wrote extensively about new revelations regarding NSA surveillance based on the documents provided by Edward Snowden. But I had a more personal involvement as well. I wrote the essay below in September 2013. The New Yorker agreed to publish it, but the Guardian asked me not to. It…
-
OWASP lists 10 most critical large language model vulnerabilities
PRIVACY PRIVACY The Open Worldwide Application Security Project (OWASP) has published the top 10 most critical vulnerabilities often seen in large language model (LLM) applications, highlighting their potential impact, ease of exploitation, and prevalence. Examples of vulnerabilities include prompt injections, data leakage, inadequate sandboxing, and unauthorized code execution. The list aims to educate developers, designers,…
-
Managing technology risk
PRIVACY PRIVACY The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Numerous risks are inherent in the technologies that all organizations use. These risks have especially become apparent with recent ransomware attacks,…
-
BEC Volumes and Ransomware Costs Double in a Year
PRIVACY PRIVACY Annual Verizon report reveals humans are still a major source of risk Read More
-
Cloud misconfiguration causes massive data breach at Toyota Motor
PRIVACY PRIVACY Japanese automaker Toyota Motor said approximately 260,000 customers’ data was exposed online due to a misconfigured cloud environment. Along with customers in Japan, data of certain customers in Asia and Oceania was also exposed. Toyota Motor has implemented measures to block access to the data from the outside and is investigating the matter…
-
Kaspersky Releases Tool to Detect Zero-Click iOS Attacks
PRIVACY PRIVACY Fallout from Operation Triangulation continues Read More
-
Academics, media, and think tanks warned of North Korean hacking campaign
PRIVACY PRIVACY North Korean state-sponsored hackers are targeting think tanks, research centres, media organisations, and academics in the United States and South Korea to gather intelligence. Read more in my article on the Hot for Security blog. Read More
-
Cleanup on Aisle Six! How to Close Online Accounts for Savings and Security.
PRIVACY PRIVACY How many online accounts do you have? Dozens? Hundreds? You probably have more than you think, and deleting a bunch of them might be the right call. You have two good reasons: savings and security. Certainly, you have trusted accounts you use all the time, like the one with your bank and…