Security News

For its recent research focusing on web entities, Censys leveraged its internet-wide scan data to understand better the applications and services that have become core to our existence, evaluating the state of security on the modern internet. In this Help Net Security video, Himaja Motheram, Security Researcher at Censys, offers insight into the assets and weaknesses across organizations' internet infrastructure.

While organizations have largely overcome the disruptions of the last two years, the effects of the Great Resignation and employee turnover continue to linger, exacerbated by the recent wave of mass layoffs-It's interesting to see that 73% of CISOs believe they have adequate data protection in place yet 74% of UK security leaders had to deal with the loss of sensitive information in the past 12 months. The report discusses global trends and regional differences around three central themes: the threats and risks CISOs face daily; the impact of employees on organizations' cyber preparedness; and the defences CISOs are building, especially as the economic downturn puts pressure on security budgets.

30% of automotive employees don't check security protocols before trying a new tool, according to Salesforce. 34% of automotive employees in Salesforce's survey said their company receives more security threats now than two years ago.

Google unveiled a slew of new privacy, safety, and security features today at its annual developer conference, Google I/O. The tech giant's latest initiatives are aimed at protecting its users from cyber threats, including phishing attacks and malicious websites, while providing more control and transparency over their personal data. Google has unveiled an update for its Android operating system that allows users to better control location sharing through apps installed on their devices.

Kubernetes Security Operations Center released the first-ever Kubernetes Bill of Materials standard. While the Software Bill of Materials has moved forward to the point of being a formal part of the NIST requirements required by the USA federal government in federal purchases, this requirement falls short of the deployment stage in the application development lifecycle, where Kubernetes into play.

A large language model is an artificial intelligence algorithm that employs deep learning methodologies, and extensive data sets to comprehend, condense, create, and predict new content. An example of an LLM is ChatGPT, a model developed by OpenAI that uses advanced machine learning algorithms to generate human-like language output.

The company's mea culpa came two days after a cyberextortion gang going by the name Money Message claimed to have stolen MSI source code, BIOS development tools, and private keys. Researchers at vulnerability research company Binarly claim not only to have got hold of the data stolen in the breach, but also to have searched through it for embedded crpyotgraphic keys and come up with numerous hits.

The Biden administration, last week, articulated aims to put guardrails around generative and other AI, while attackers get bolder using the technology. The post White House addresses AI’s risks...

Product security teams aim to guarantee the intrinsic reliability of applications. In the DevSecOps approach, each team is responsible for the security of the applications they create.

Twitter has finally admitted a "Security incident" caused some users' semi-private Twitter Circle tweets to show up on others' timelines. "In April 2023, a security incident that may have allowed users outside of your Twitter Circle to see tweets that should have otherwise been limited to the Circle to which you were posting," the email stated.