Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In the current geopolitical climate, the energy sector, which powers our modern society - from homes and businesses to critical infrastructure and national defense systems, finds itself under the growing threat of cyberattacks.

Read also: BreachForum’s admin pleads guilty to three charges, Genesis Market gets a new owner, and more.

Human error is a major contributing factor to company data breaches. More than 340 million people may already have been affected by a data breach in the first four months of 2023. With cybercrime rates soaring around the world, it’s clearly an area where investment and expertise are required.

We're all familiar with tech support scams - where the unwary are tricked into granting remote access to their computers by fraudsters, in the belief that the "tech support person" will fix a non-existent "problem" (such as a "virus infection") or make a refund after claiming that there has been fraudulent activity detected on an account.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. A basic a security failure. Pretty damaging to them as well as their users…

Six months ago, the question, “Which is your preferred AI?” would have sounded ridiculous. Today, a day doesn’t go by without hearing about “ChatGPT” or “Bard.” LLMs (Large Language Models) have been the main topic of discussions ever since the introduction of ChatGPT. So, which is the best LLM? The answer may be found in a surprising source – the dark web. Threat actors have been debating and arguing as to which LLM best fits their specific needs.

Should we be using multiple public cloud providers? As organizations continue to migrate applications and workloads to public cloud platforms, they often face the tough decision of sticking with a single provider or embracing multiple clouds. Using multiple cloud providers promises a variety of benefits including the ability to minimize vendor lock-in, leverage best-of-breed services, achieve cost advantages, and comply with data sovereignty rules.

Salt has just released a new resource for business and security leaders – “Understanding API Attacks: Why Are They Different and How Can You Stop Them.” Salt undertook writing this eBook as part of our ongoing commitment to educate the market about API security issues and trends. In this new eBook, we take a close look at how API attacks differ from traditional attacks, and the measures organizations can take to protect against them.

In this episode of Trust Issues, host David Puner talks with CyberArk CEO Matt Cohen, who shares his distinct take on leadership – emphasizing the importance of leading without fanfare. Cohen talks about his transition into the CEO role, insights on identity security and the current threat landscape. He also touches on the significance of company culture, professional development – and his admiration for a particular Boston Red Sox manager’s leadership style.

Adobe ColdFusion, a popular web development platform, has been targeted by malicious actors exploiting the recently disclosed vulnerabilities, including severe CVE-2023-29300. The exploit has been observed in the wild, posing a significant risk to organizations and individuals relying on the software. Here is an in-depth analysis of these vulnerabilities, including their potential impacts and vital protective measures to protect against these attacks.