cybersecurity - The Stack (Page 2)

cybersecurity

CVSS 10 bug in LLM-to-SQL library highlights prompt injection risks

"When we stumbled upon this library we immediately thought that connecting an LLM to SQL query execution could result in a disastrous SQL injection..."

cybersecurity

Ollama: Easy to exploit vulnerability discovered, patched

Files can be overwritten, corrupted say security researchers.

Kaspersky

Kaspersky CTO among 12 executives hit with US sanctions one day after antivirus sales ban

"Today’s action against the leadership of Kaspersky Lab underscores our commitment to ensure the integrity of our cyber domain and to protect our citizens against threats."

Jay Chaudhry, CEO, Chairman and Founder of Zcaler, speaks at its "Zero Trust Meets AI" conference

cybersecurity

"Fighting AI with AI": Zscaler leaders on new threats and how to defeat them

Threat actors are already using large language models to enhance their attack capabilities - but it's not just the bad guys that can deploy Generative AI to their advantage.

cybersecurity

CDK Global suffers second cyberattack after breach crashed thousands of car dealerships

Alleged ransomware attack forces SaaS provider for the automotive sector to take down its systems, causing dealers to potentially miss out on car sales

open source

AI-powered code copilots are threatening to shoot down security systems

Adoption of artificial intelligence tools in highly regulated industries is much faster than expected, Chainguard boss warns

vulnerabilities

How the NVD backlog highlights the need for context in vulnerability management

"A Vulnerability Operations Centre (VOC) approach can work wonders here..."

cybersecurity

True scale of London hospital cyberattack revealed

800 planned operations and 700 outpatient appointments were rearranged following the incident

Microsoft

Microsoft's President grilled over multiple security failures, defends controversial "Recall" handling

Says State Department cyber team deserve a medal for spotting intrusion based on Microsoft security issue before Microsoft's own team did.

Fortinet

20,000 Fortinet devices breached by Chinese hackers – reboots, firmware updates no defence

"It is important that organizations practice the ‘assume breach’ principle..." YARA rules, hashes etc. available for defenders.

Arm's GPU kernels are having a bad year for vulnerabilities in 2024 (Image credit: Isai Ramos, Unsplash)

cybersecurity

Arm GPU vulnerability under active attack

So far in 2024, Arm has highlighted eight vulns affecting its Bifrost GPU and 10 impacting Valhall.

News

Network devices now riskier than endpoints, research claims

Study highlights devices which suffer the most vulnerabilities and warns of risks to come - including industrial robots

See all