Security News

Spanish law enforcement officials have announced the arrest of 34 members of a criminal group that carried out various online scams, netting the gang about €3 million ($3.2 million) in illegal...

A "multi-year" Chinese state-sponsored cyber espionage campaign has been observed targeting South Korean academic, political, and government organizations. Recorded Future's Insikt Group, which is...

Enterprise application environments consist of geographically distributed and loosely coupled microservices that span multiple cloud and on-premises environments. Users from different locations access them through different devices.

Bruschetta-Board is a device for all hardware hackers looking for a fairly-priced all-in-one debugger and programmer that supports UART, JTAG, I2C & SPI protocols and allows to interact with different targets' voltages. A handy feature of Bruschetta-Board is the fact it mounts level shifters.

Hackers claim to have breached the network of a major auction house and offered access to whoever was willing to pay $120,000. The most expensive item for sale was $120,000 for access to the network of a multi-billion dollar auction house.

Like many leaders in the cybersecurity space, the professional journey of Mihoko Matsubara did not necessarily begin with securing devices or technology. Discussing her career path with the Left to Our Own Devices podcast and how it opened her eyes to a world of security, Mihoko explained how she went from curiosity to university in Washington, D.C., became a Senior Security Analyst at Hitachi, then VP Public Sector Chief Security Officer at Palo Alto, and to her current position as the Chief Cybersecurity Strategist at NTT Japan.

Cybersecurity risk is distinct from other IT risk in that it has a thinking, adaptive, human opponent. IT generally must deal with first order chaos and risk much like hurricanes in meteorology or...

Ermetic released CNAPPgoat, an open-source project that allows organizations to test their cloud security skills, processes, tools, and posture in interactive sandbox environments that are easy to deploy and destroy. CNAPPgoat supports AWS, Azure, and GCP platforms for assessing the security capabilities included in Cloud Native Application Protection Platforms.

Abstract: We demonstrate how images and sounds can be used for indirect prompt and instruction injection in multi-modal LLMs. An attacker generates an adversarial perturbation corresponding to the prompt and blends it into an image or audio recording. When the user asks the model about the perturbed image or audio, the perturbation steers the model to output the attacker-chosen text and/or make the subsequent dialog follow the attacker's instruction.

JP Morgan has been fined $4 million by the US Securities and Exchange Commission for deleting millions of email records dating from 2018 relating to its Chase Bank subsidiary. The Financial services outfit apparently deleted somewhere in the region of 47 million electronic communications records from about 8,700 electronic mailboxes covering the period January 1 through to April 23, 2018.