Tag: Security Boulevard

Using a single, carefully-crafted prompt, Cybernews researchers were able to manipulate Lenovo’s customer service AI chatbot, Lena, into giving up customer agent session cookies, which opened up the possibility of multiple lines of attack, from dropping backdoors and stealing to…

Read more →

As the Internet of Things (IoT) continues to transform industries and daily lives, security has become one of the most critical challenges organizations face. From smart homes and connected cars to industrial systems and healthcare devices, IoT ecosystems are vast…

Read more →

As AI adoption accelerates, businesses face hidden risks from third-party models like ChatGPT and Claude, including data leakage and malicious data infiltration. By implementing corporate AI tools and educating employees, companies can harness generative AI’s benefits while safeguarding sensitive data,…

Read more →

Security misconfiguration is a significant concern, in the OWASP Top 10. During our web application penetration tests, we often discover numerous vulnerabilities of this nature. According to OWASP, this issue impacts nearly 90% of all web applications. In this blog,…

Read more →

Key Takeaways SAQ eligibility depends on exactly how you accept payments, how you handle cardholder data, and how your payment systems connect to the rest of your environment. The PCI Security Standards Council defines the SAQ types, but your acquiring…

Read more →

At Blackhat, there wasn’t a space of 10 feet not festooned with vapid promises of AI curing – basically everything in security. During an AI summit here, multiple tens of would-be AI security contenders, sometimes with little else but a…

Read more →

Generative-AI systems are a dense web of non-human identities (NHIs)—APIs, services, agents, schedulers, model endpoints, data pipelines—talking to each other over Transport Layer Security (TLS). Attackers now target these NHIs to move laterally, hijack tools, exfiltrate models/data, and impersonate trusted…

Read more →

Is There a Simple Way to Stay Calm in the Face of Rising Cyber Threats? It’s no secret that cyber threats are increasing at an alarming pace. From financial services and healthcare to travel and development operations, we all grapple…

Read more →

The Importance of Secure Cloud-Native Identities Why is the management of Non-Human Identities (NHIs) and their associated secrets paramount to driving innovation while ensuring security? The answer lies in the need for high-level control and applying a strategic approach to…

Read more →

In today’s hyper-connected digital world, businesses of all sizes face relentless cyber threats. From ransomware and phishing campaigns to advanced persistent threats (APTs) and insider risks, attackers are becoming increasingly sophisticated in the ways they infiltrate corporate networks. Protecting sensitive…

Read more →

Osterman’s 2025 research shows how to close identity security gaps from compromised passwords with faster detection and remediation. The post Strengthening Identity Security appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read the original article:…

Read more →

Workday, a high-profile HR and finance software solutions maker, is the latest victim of a string of data breaches orchestrated by the resurgent ShinyHunters threat group through Salesforce’s CRM solution, joining a lineup of targets that includes Google, Qantas, Pandora,…

Read more →

U.S. authorities seized $2.8 million crypto and $70,000 from Ianis Aleksandrovich Antropenko, who they say used the Zeppelin ransomware to attack companies in the United States and elsewhere and then laundered the cryptocurrency used to pay the ransoms through a…

Read more →

Winners of DARPA’s AI Cyber Challenge proved AI can automate patching at scale. Their tools will go open source, offering defenders new power—but also raising concerns about AI-fueled exploits. The post DARPA AI Cyber Challenge Winners Impress With Quick, Scalable…

Read more →

Pay-for-access dinners. Equity asks. Quiet kickbacks. The CISO payola problem is real — and it’s threatening the integrity of cybersecurity leadership. The post Do We Have a CISO Payola Problem? appeared first on Security Boulevard. This article has been indexed…

Read more →

Are Your Machine Identities Secure in the Cloud? More and more organizations are shifting their operations to the cloud. While this move optimizes business processes and enhances productivity, it also presents new challenges. One of the top concerns is the…

Read more →

Can Non-Human Identity and Data Rights Solutions Revolutionize Your Cybersecurity Protocol? Non-Human Identities (NHIs) are proving to be fundamental. When data breaches escalate both in frequency and impact, a renewed focus has shifted towards robust security measures where NHIs and…

Read more →

Is Your Travel Organization Safeguarding Its Precious Data? With cybersecurity increasingly becomes a topic of concern in every industry, the travel sector isn’t exempted. The pressing question is, “Are your travel data secrets truly protected?” Despite the advancements in data…

Read more →

Creator, Author and Presenter: Jack Cable Our deep appreciation to Security BSides – San Francisco and the Creators, Authors and Presenters for publishing their BSidesSF 2025 video content on YouTube. Originating from the conference’s events held at the lauded CityView…

Read more →

I found this in my files. I no doubt intended to publish it months ago and forgot to finish it and press the button. Senior government officials traditionally restrict defense-related conversations to special locations to prevent eavesdropping. The most secret…

Read more →