Dec 25, 2024Ravie LakshmananCloud Security / Vulnerability Cybersecurity researchers have discovered several security flaws in the cloud management platform developed by Ruijie Networks that could permit an attacker to take control of the network appliances. "These vulnerabilities affect both the Reyee platform, as well as Reyee OS network devices," Claroty researchers Noam … [Read more...] about Ruijie Networks’ Cloud Platform Flaws Could Expose 50,000 Devices to Remote Attacks
Reducing CVEs in Elastic container images
In this blog post, we will discuss our journey to significantly reduce Common Vulnerabilities and Exposures (CVEs) in Elastic container images by switching to a minimal base image in our Elastic products and optimizing our workflows for a scalable vulnerability management program.Elastic Stack based on Chainguard imagesChainguard images are a collection of container images that … [Read more...] about Reducing CVEs in Elastic container images
Researchers Uncover PyPI Packages Stealing Keystrokes and Hijacking Social Accounts
Dec 24, 2024Ravie LakshmananMalware / Data Exfiltration Cybersecurity researchers have flagged two malicious packages that were uploaded to the Python Package Index (PyPI) repository and came fitted with capabilities to exfiltrate sensitive information from compromised hosts, according to new findings from Fortinet FortiGuard Labs. The packages, named zebo and cometlogger, … [Read more...] about Researchers Uncover PyPI Packages Stealing Keystrokes and Hijacking Social Accounts
New Advancements in GenAI are Warding Off an AI Winter
Small language models, diversified revenue streams and algorithm advancements will see GenAI continue to grow in the coming months. Businesses across industries have already embraced and accepted the potential of AI, but many are now grappling with the task of delivering AI powered solutions that have a tangible impact and deliver high return on investment … [Read more...] about New Advancements in GenAI are Warding Off an AI Winter
CrowdStrike Falcon Next-Gen SIEM’s First Year Transforming the SOC
Fal.Con 2024 wasn’t just about product innovation — it was about delivering an unforgettable experience with countless opportunities to connect, learn and engage. From expert-led breakout sessions and hands-on workshops to SOC Survivor Games and live demos, Fal.Con solidified its place as the premier cybersecurity event of the year. Recognized by Analysts, Trusted by … [Read more...] about CrowdStrike Falcon Next-Gen SIEM’s First Year Transforming the SOC
How the Age of Generative AI is Changing a CISOs Approach to Security
No matter the industry, organizations are managing huge amounts of data: customer data, financial data, sales and reference figures–the list goes on and on. And, data is among the most valuable assets that a company owns. Ensuring it remains secure is the responsibility of the entire organization, from the IT manager to individual employees. However, the rapid onset of … [Read more...] about How the Age of Generative AI is Changing a CISOs Approach to Security
AI Could Generate 10,000 Malware Variants, Evading Detection in 88% of Case
Dec 23, 2024Ravie LakshmananMachine Learning / Threat Analysis Cybersecurity researchers have found that it's possible to use large language models (LLMs) to generate new variants of malicious JavaScript code at scale in a manner that can better evade detection. "Although LLMs struggle to create malware from scratch, criminals can easily use them to rewrite or obfuscate … [Read more...] about AI Could Generate 10,000 Malware Variants, Evading Detection in 88% of Case
Crypto scam: seed phrases shared publicly
“I have a question. I have USDT stored in my wallet, and I have the seed phrase. How to transfer my funds to another wallet?” — we found a comment like this under a finance-related video on YouTube. And the seed phrase was revealed in full in the comment. This looked suspicious: even a complete cryptocurrency beginner should know better than to share their seed phrase with the … [Read more...] about Crypto scam: seed phrases shared publicly
The Imperative of Data Curation
In today’s complex and rapidly evolving business environment, the path from raw data to actionable insights mirrors the meticulous craftsmanship of a master artisan. Consider a scenario where a company makes a significant investment in a state-of-the-art data lake, aiming to establish a flexible, scalable repository for all its data requirements. The vision is to centralize … [Read more...] about The Imperative of Data Curation
The evolving role of SREs: Balancing reliability, cost, and innovation
A look at the expanding roles of SREs and the new skills needed: cost management and AIImagine the CTO walks into your team meeting and drops a bombshell: "We need to cut our cloud costs by 30% this quarter." As the lead SRE, this might cause a strong reaction — isn’t your job about ensuring reliability? When did you become responsible for the company's cloud bill?If you've had … [Read more...] about The evolving role of SREs: Balancing reliability, cost, and innovation