Generative AI tools boost developer productivity, but they also generate code with similar vulnerability rates as human developers. Chris Wysopal, co-founder and CTO of Veracode, explains why enterprises must treat AI-generated code with caution and automate security testing.
The CrowdStrike outage exposed recovery challenges, highlighting cloud systems' resilience over physical infrastructure. Jonathan Hatzor, co-founder and CEO of Parametrix, advises CIOs and CISOs on strategies that can effectively manage, mitigate and transfer risks.
AI's influence on social engineering and election security has become a focal point at Black Hat. ISMG editors discuss how advanced technologies are making it easier to manipulate people and compromise security systems and offer key insights on machine learning vulnerabilities.
Artificial intelligence, much like when the internet became public, is simultaneously the most overhyped and underhyped technology in history, said Sam Curry, vice president and CISO at Zscaler. Its application in cyber defense is still evolving.
Cybercriminals are exploiting emergency data requests to obtain sensitive personal information from service providers and social media companies, says Jacob Larsen, team lead of security testing and assurance at CyberCX. This flaw in verification protocols puts user privacy at risk.
SafeBreach security researcher Alon Leviev discusses how downgrade attacks expose vulnerabilities in Windows systems. He shares insights into how attackers manipulate Windows Update processes and stresses the importance of monitoring and securing critical system components to prevent exploitation.
SSH is designed for secure communications, but common misconfigurations significantly expose systems to threats, according to Rob King, director of security research at runZero. King discusses the implications of these vulnerabilities, citing real-world breaches and best practices for SSH security.
Russian hackers are leveraging unpatched vulnerabilities to exploit networks for more than 20 months. Michael Sikorski, VP of threat intelligence at Palo Alto Networks, shares insights on ransomware gangs, AI's role in attacks and the importance of defense-in-depth strategies for organizations.
AI systems acting autonomously bring risks of large-scale mistakes that current human defenses can't match, says Matt Turek, deputy director at DARPA. He discusses AI agents, adversarial attacks and the need for provable AI safety in both offensive and defensive capacities.
The SolarWinds case has intensified legal risks for CISOs. A judge validated the SEC's theory of intentional securities fraud against Tim Brown, the SolarWinds' CISO, marking the first time a federal court accepted this theory against a CISO, said Jess Nall, partner at Baker McKenzie.
Economic uncertainties and technological advancements are transforming the cybersecurity landscape. The recent breaches and the use of automation and AI by adversaries have intensified the need for robust security measures, said Alberto Yépez, co-founder and managing director of Forgepoint Capital.
AI's integration into cybersecurity demands a strong foundational approach. Many companies seek advanced AI solutions but struggle with basic cybersecurity practices such as managing assets and patching vulnerabilities, said Michael Thiessmeier, executive director of U.S. NAIC-ISAO.
Illegal gambling operations depend on trafficked individuals to perform cybercriminal activities. Threat researchers at Infoblox explain how cybercriminals use trafficked people for operations such as pig-butchering scams and leverage European sports sponsorships to boost illegal gambling websites.
Maricopa County CISO Lester Godsey highlights the growing threat of misinformation and its impact on election security. He explains how his team is integrating cybersecurity frameworks to address both digital and physical risks, focusing on disinformation campaigns and election integrity.
RedSense’s Yelisey Bohuslavskiy and Marley Smith believe ransomware is declining but caution that it still poses a significant threat. While attackers recycle old methods, they're taking desperate measures to target vulnerable groups such as cancer centers and to stoke fears in the marketplace.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.co.uk, you agree to our use of cookies.