The bad guys are using ChatGPT. There has been a rise in the number of novel attacks meant to bypass legacy rules and IOC-based systems, including zero-day nation-state attacks, insider threats, "living off the land" attacks, model poisoning of AI/ML solutions, and prompt injection for LLM-based systems.
In the new...
Cloud-native application protection platforms are emerging as a game-changing solution to the evolving challenges in cloud security. Mattan Shalev, head of product management at Wiz, outlined the power of CNAPPs in reducing risk and fortifying cloud security.
Applications rely on lines of code to provide business value, but too much of that code is inherently dirty, full of inconsistencies and vulnerabilities. Olivier Gaudin, co-founder and CEO of Sonar, said organizations need clean code that is consistent, intentional, adaptable and responsible.
DDoS attacks often disrupt the normal functioning of a targeted server, service or network by overwhelming it with a flood of traffic. KillNet, a collective of Russian-aligned hacktivists known for its DDoS attacks, gained attention by successfully taking down several U.S. government websites.
The Black Hat conference features presentations that have already led to very public warnings about remotely hackable flaws in everything from Jeep Cherokees and Linux-powered rifles to Android mobile devices and Mac OS X.
Researchers demonstrate how ATMs could be hacked - without installing malware - by connecting a tiny computer to an inside port, bypassing the ATM's own computer and instructing the cash dispenser to begin issuing money.
Drawing on networking protocols designed to support NASA's interplanetary missions, two researchers have created a networking system that's designed to transmit information securely and reliably in even the worst conditions, such as in an Ebola hot zone.
Government intelligence agencies' information security offensive capabilities may far outstrip businesses' collective defenses, but organizations can still tap a variety of techniques to defend themselves against many types of intrusions.
Apps for wearable devices that are designed to track a user's pulse rate, blood-oxygen level or location may be leaking that data during transmission, Symantec security researcher Candid WÃ¼eest warns in a Black Hat Europe briefing.
Disconnecting systems from the Internet via an "air gap" is supposed to make the data they store harder to steal. But at Black Hat Europe, cryptographer Adi Shamir demonstrated how a laser and drone can be used to bypass air gaps.
Amsterdam is again playing host to the annual Black Hat Europe information security gathering, and presenters have promised to cover everything from privacy flaws in wearable computers to two-factor authentication system failures.