Security News

In this Help Net Security interview, Kojin Oshiba, co-founder of Robust Intelligence, discusses his journey from academic research to addressing AI security challenges in the industry. What motivated you to specialize in the security aspects of AI systems?

Microsoft has labelled Delta Air Lines' accusations it's partly to blame for the outages caused by CrowdStrike's buggy software "False" and "Misleading" - and insulted the state of the carrier's IT infrastructure. Delta, which has hired a law firm and threatened to sue Microsoft and CrowdStrike over the July 19 meltdown, previously claimed recovering from the BSOD blitz cost it $500 million.

Threat actors have been abusing a bug in how Windows handles LNK files with non-standard target paths and internal structures to prevent in-built protections from stopping malicious payloads and trick users into running them. If the file is not listed, SmartScreen will prevent the file from being executed and show a warning.

According to CSA research, 26% of companies who reported a SaaS security incident were struck by an insider. Learn how to secure your entire SaaS stack from both internal and external threats.

"Delta's public threat of litigation distracts from this work and has contributed to a misleading narrative that CrowdStrike is responsible for Delta's IT decisions and response to the outage," the letter reads. "Should Delta pursue this path, Delta will have to explain to the public, its shareholders, and ultimately a jury why CrowdStrike took responsibility for its actions - swiftly, transparently, and constructively - while Delta did not."

MISP is an open-source threat intelligence and sharing platform for collecting, storing, distributing, and sharing cybersecurity indicators and threats related to incident and malware analysis....

Access to timely and accurate threat intelligence is now core to security operations for many organizations. Typically, security teams gather large amounts of threat intelligence from multiple places in different and incompatible formats.

Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk. This comprehensive analysis, compiled by Cybersixgill's cyber threat intelligence experts, provides valuable insights into the tactics, techniques, and technologies employed by threat actors worldwide.

Cloud GenAI workloads inherit pre-existing cloud security challenges, and security teams must proactively evolve innovative security countermeasures, including threat detection mechanisms. More recently, detection engineering has spun off as a specialized aspect of threat detection, allowing detection engineers to customize threat detection systems.

In this Help Net Security interview, Ava Chawla, Head of Cloud Security at AlgoSec, discusses the most significant cloud security threats CISOs must be aware of in 2024. These threats include data...