Security News

Polaris Assist combines Large Language Model technology with Synopsys' application security knowledge and intelligence - including coding patterns, vulnerability detection rules, and Black Duck's vast open source knowledge base - to provide security and development teams with easy-to-understand summaries of detected vulnerabilities, AI-generated code fix recommendations, and other insights to help them build more secure software faster. Splunk announced Splunk Asset and Risk Intelligence, a solution designed to power the SOC of the future by helping businesses streamline compliance, reduce cyber risk and eliminate the sources of shadow IT. It allows security operations teams to map relationships between assets and identities to expedite investigations, enabling rich asset and identity context for faster security incident response.

AI platform Hugging Face says that its Spaces platform was breached, allowing hackers to access authentication secrets for its members. Hugging Face Spaces is a repository of AI apps created and submitted by the community's users, allowing other members to demo them.

Spanish police have dismantled a network of illegal media content distribution that, since the start of its operations in 2015, has made over $5,700,000. Upon investigating the report, the police discovered that the owners of these sites were behind a large-scale IPTV operation that provided roughly 14,000 subscribers illegal access to 130 international TV channels and thousands of films and series.

Attackers are probing Check Point Remote Access VPN devicesAttackers are trying to gain access to Check Point VPN devices via local accounts protected only by passwords, the company has warned on Monday. The evolution of security metrics for NIST CSF 2.0Combining effective use of metrics plus a deeper understanding of how security processes play out is the best way to build more security agility and enable teams to react more quickly and effectively.

Snowflake is disputing claims made by a threat actor who stole data belonging to Santander and Ticketmaster, and maintains that the theft of customer data was the result of stolen customer login credentials. "We are aware of recent reports related to a potential compromise of the Snowflake production environment," cloud company Snowflake said in an update of Friday's warning about identity-based attacks targeting its customers.

Kaspersky has released a new virus removal tool named KVRT for the Linux platform, allowing users to scan their systems and remove malware and other known threats for free. Kaspersky's new tool isn't a real-time threat protection tool but a standalone scanner that can detect malware, adware, legitimate programs abused for malicious purposes, and other known threats and offers to clean them.

Google is continuing with its plan to phase out Manifest V2 extensions in Chrome starting in early June 2024, weakening the abilities of ad blockers. Starting June 3, 2024, with Chrome version 127, users with active Manifest V2 extensions will see warnings on Chrome Beta, Dev, and Canary channels, while extensions still using Manifest V2 will lose their "Featured" badge.

Artificial Intelligence (AI) company Hugging Face on Friday disclosed that it detected unauthorized access to its Spaces platform earlier this week. "We have suspicions that a subset of Spaces’...

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Infosec house claims Ticketmaster, Santander hit via cloud storage Infosec analysts at Hudson Rock believe Snowflake was compromised by miscreants who used that intrusion to steal data on hundreds...