AI/MLLLM attacks take just 42 seconds on average, 20% of jailbreaks succeedLaura FrenchOctober 9, 2024Successful LLM attacks result in sensitive data leakage 90% of the time, a Pillar Security study found.
Network SecurityThree critical flaws highlight Patch Tuesday in OctoberShaun NicholsOctober 9, 2024Microsoft has kicked out a whopping 117 patches this week in its monthly patch update
Cloud SecuritySharePoint, OneDrive and Dropbox targeted by BEC attacksSteve ZurierOctober 9, 2024Threat actors step up BEC attacks that rely on sophisticated evasion techniques that result in financial fraud, data loss, and lateral movement.
Vulnerability ManagementSiemens device PIN susceptible to remote brute-force in older modelLaura FrenchOctober 9, 2024No fix is planned for the SENTRON 7KM PAC3200 flaw that could give an attacker admin access to the device.
RansomwareRansomware double-extortion group listings peaked in 2024, report findsLaura FrenchOctober 8, 2024The ransomware ecosystem continues to fragment, with 31 new “name-and-shame” groups emerging in a year’s time.
Network SecurityGoldenJackal threat group targets air-gapped government systemsShaun NicholsOctober 8, 2024A new attack is targeting networks with air-gapped machines
Network SecurityApple releases macOS patch to fix compatibility issues with security toolsSteve ZurierOctober 8, 2024Security pros say teams should install the macOS 15.0.1 patch and first run it in a production environment with their security tools to ensure compatibility.
Critical Infrastructure SecurityAmerican Water shuts down customer portal amid cybersecurity incidentLaura FrenchOctober 7, 2024The largest regulated water utility company in the U.S. said ‘unauthorized activity’ was detected last week.
IdentityOkta Classic customers told to check logs for sign-on bypassSteve ZurierOctober 7, 2024Security pros say teams running Okta Classics should take immediate action, checking their logs for exploitation.
AI/MLPhishing attacks armed with AI capabilities are on the riseShaun NicholsOctober 4, 2024Phishing attacks are become more prevalent as threat actors are arming themselves with potent new tools.
Four SOC 2 compliance best practices for any organization that handles cloud-based dataShira ShambanOctober 9, 2024
What security pros can learn from the bad information spread during this year’s election cycleJim RichbergOctober 8, 2024