CyberSecurity Updates

Cloud security provider Lacework has released a new cloud infrastructure entitlement management (CIEM) offering to strengthen the observability of all cloud identities. The new capability is aimed at simplifying Lacework’s cloud security offering by merging with its existing cloud security posture management (CSPM), attack path analysis, and threat detection capabilities into a single platform.   “CIEM enriches our platform with cloud identity and entitlement configuration data, along with the understanding of how identities and entitlements are…

Read More

The Open Worldwide Application Security Project (OWASP) has published the top 10 most critical vulnerabilities often seen in large language model (LLM) applications, highlighting their potential impact, ease of exploitation, and prevalence. Examples of vulnerabilities include prompt injections, data leakage, inadequate sandboxing, and unauthorized code execution. The list aims to educate developers, designers, architects, managers, and organizations about the potential security risks when deploying and managing LLMs, raising awareness of vulnerabilities, suggesting remediation strategies, and…

Read More

A cyberattack on crypto wallet Atomic Wallet has resulted in at least $35 million worth of crypto assets being stolen since June 2, according to ZachXBT, an independent  on-chain investigator known for tracing stolen crypto funds and assisting with hacked projects. The five most significant losses account for $17 million.  “Think it could surpass $50m. Keep finding more and more victims sadly,” said  ZachXBT, in a tweet. The biggest victim of the Atomic Wallet was…

Read More

AI-based cyber risk management SaaS vendor SAFE Security has announced the release Cyber Risk Cloud of Cloud – a new offering it claims uses generative AI to help businesses predict and prevent cyber breaches. It does so by answering questions about a customer’s cybersecurity posture and generating likelihoods for different risk scenarios. These include the likelihood of a business suffering a ransomware attack in the next 12 months and the dollar impact of an attack,…

Read More

IT security teams lack confidence in their executives’ ability to prevent attacks on their personal hardware, systems, and network. This is according to a study sponsored by BlackCloak, a provider of digital privacy protection for high-profile executives, Ponemon Institute surveyed 553 US IT and IT security practitioners. Asked to rate from 1 to 10 how confident they were in CEOs and executives’ abilities to know how to recognize a phishing email, only 28% of respondents…

Read More