cybersecurity - The Stack (Page 2)

Is Snowflake the 'third-party cloud platform' caught up in massive AT&T data heist?

The customer of records of almost 110 million people have been stolen - and it's claimed that a familiar name may be at the centre of the story

Jasper Hamill July 12, 2024

vulnerabilities

ServiceNow

News

Trio of unauthenticated ServiceNow vulnerabilities exposed 42,000

CVE-2024-4879 (CVSS 9.8) lets “an unauthenticated user remotely execute code” -- ServiceNow swiftly pushed fix to hosted instances but those self-hosting must...

Edward Targett July 11, 2024

Nuclear sector 'lacks understanding of cybersecurity threat landscape', think tank warns

critical infrastructure

News

Nuclear sector 'lacks understanding of cybersecurity threat landscape', think tank warns

Chatham House confirms that nuclear infrastructure is a 'high value' target for threat actors, but calls on the industry to do more to protect itself (and the rest of us) from attack

Azania Imtiaz Patel July 03, 2024

CEOs and CIOs need to start accepting “red” security dashboards. Two CISOs explain why...

No plan survives contact.

Joe Fay July 02, 2024

CVSS 10 bug in LLM-to-SQL library highlights prompt injection risks

"When we stumbled upon this library we immediately thought that connecting an LLM to SQL query execution could result in a disastrous SQL injection..."

Edward Targett June 27, 2024

Ollama: Easy to exploit vulnerability discovered, patched

LLMs

News

Ollama: Easy to exploit vulnerability discovered, patched

Files can be overwritten, corrupted say security researchers.

Azania Imtiaz Patel June 26, 2024

Kaspersky

News

Kaspersky CTO among 12 executives hit with US sanctions one day after antivirus sales ban

"Today’s action against the leadership of Kaspersky Lab underscores our commitment to ensure the integrity of our cyber domain and to protect our citizens against threats."

Jasper Hamill June 21, 2024

Jay Chaudhry, CEO, Chairman and Founder of Zcaler, speaks at its "Zero Trust Meets AI" conference

"Fighting AI with AI": Zscaler leaders on new threats and how to defeat them

Threat actors are already using large language models to enhance their attack capabilities - but it's not just the bad guys that can deploy Generative AI to their advantage.

Jasper Hamill June 21, 2024

Is Snowflake the 'third-party cloud platform' caught up in massive AT&T data heist?

Trio of unauthenticated ServiceNow vulnerabilities exposed 42,000

Nuclear sector 'lacks understanding of cybersecurity threat landscape', think tank warns

CEOs and CIOs need to start accepting “red” security dashboards. Two CISOs explain why...

CVSS 10 bug in LLM-to-SQL library highlights prompt injection risks

Ollama: Easy to exploit vulnerability discovered, patched

Kaspersky CTO among 12 executives hit with US sanctions one day after antivirus sales ban

"Fighting AI with AI": Zscaler leaders on new threats and how to defeat them