Aggregator

When developing an Electron application, you might encounter crashes. However, for various reasons, the application may not have integrated Sentry or other crash analysis platforms. In such cases, you need to manually check the crash logs to identify the issue. Locating Local Crash Logs Since Electron is based on Chromium, the crash-related operations are largely consistent with Chromium. In the Chromium crash-reports, we can see that crash files are stored in the ~/Library/Application\ Support/Chromium/Crashpad/completed directory.

Nametag today extended its identity verification platform to add an ability to detect and block deep fake attacks created using generative artificial intelligence (AI) technologies.

The post Nametag Adds Ability to Thwart Deep Fakes to Identity Verification Platform appeared first on Security Boulevard.

Lazarus 长期瞄准加密货币开展窃密活动

Sectigo announced SiteLock 2.0, a major upgrade to SiteLock, its website security and protection platform. SiteLock 2.0 is designed to simplify website protection for small to medium-sized businesses (SMBs). At the core of SiteLock 2.0 is Site Health, a new, innovative feature offering users a clear, concise, and actionable assessment of a website’s overall security posture. Now, SMBs are empowered to proactively safeguard their websites and act with confidence when it comes to website security … More →

The post Sectigo SiteLock 2.0 simplifies website protection for SMBs appeared first on Help Net Security.

Исследователи обнаружили критические уязвимости в ряде популярных моделей бренда.

军情内参正式更名为QB信息中心专属下载福利《每日开源》已更新2024第54期（总第286期）每周更新五天《全

Learn how data security posture management (DSPM) and AI security posture management (AI-SPM) can help you address key cloud security challenges.

The cloud has become the lifeblood of modern businesses. Its flexibility, scalability and ever-expanding range of storage technologies have fueled a data explosion. From object storage for massive media archives to NoSQL databases for real-time analytics, organizations are embracing a diverse cloud data landscape.

Artificial intelligence (AI) is another key driver behind the ever-increasing volume and variety of data stored in the cloud. As AI applications become more sophisticated, they require more data to learn and function effectively. 

Together, this creates a virtuous cycle — the more data stored and used the greater the range of AI use cases, which attract even more users. But with each new user, data type and storage solution, the cloud attack surface expands.

Traditional, perimeter-based security struggles in the dynamic world of cloud storage. Data in the cloud is constantly on the move, residing in various locations and formats. Further, with the rapid improvements in AI technology, many organizations are now using and/or creating new proprietary AI models based on their data to deliver novel insights and innovations.

How DSPM and AI-SPM can improve cloud security

The cloud’s unique challenges and opportunities for data and AI make it crucial for organizations to address the full spectrum of security responsibilities that accompany collecting, storing and using data. These responsibilities include automatically and continuously scanning data assets, discovering and monitoring sensitive data and alerting on any potential risk. To address these challenges, new solutions such as data security posture management (DSPM) and AI security posture management (AI-SPM) are becoming integral to many organizations.

Most cloud security solutions offer numerous valuable tools, but lack the proper data analysis needed to help practitioners prioritize the organization’s most sensitive assets. Though such cloud security solutions may excel at securing the cloud environment itself, they fail to address the data and AI resources residing within. Conversely, though standalone DSPM and AI-SPM services act as powerful spotlights to illuminate data and AI resources, if they’re not combined with broader cloud security measures, they can't prevent unauthorized access or breaches that exploit vulnerabilities in the cloud infrastructure. 

In order to gain robust protection for your organization, you need DSPM and AI-SPM to pinpoint your valuable data and AI resources and cloud security solutions to build a secure vault around them.

Tenable Cloud Security now offers DSPM and AI-SPM capabilities

To help organizations address their data and AI security needs, Tenable Cloud Security now has fully integrated DSPM and AI-SPM capabilities.

Source: Tenable, October 2024

Tenable Cloud Security’s integrated DSPM and AI-SPM features offer significant advantages over standalone products. Users are empowered with deep data discovery and classification, ensuring sensitive information is identified and prioritized for protection. This intrinsic visibility allows for focused security measures and simplifies compliance efforts. We’ve also further enhanced Tenable’s best-in-class cloud infrastructure entitlement management (CIEM) capabilities to enforce AI entitlement management, enabling organizations to ensure only users with the correct access policies can access proprietary AI models.

The DSPM and AI-SPM features integrated into Tenable Cloud Security, a cloud native application protection platform (CNAPP), make it a force multiplier for securing your organization. 

The future of cloud security lies in a unified approach that addresses the full spectrum of threats. CNAPPs are evolving to become the central nervous system of cloud security, offering a single pane of glass for managing vulnerabilities, workload protection and access control. The integration of DSPM and AI-SPM capabilities into Tenable Cloud Security represents a significant step toward this vision. As CNAPP platforms evolve, we can expect a future where cloud security becomes as seamless and scalable as the cloud itself.

Learn more about DSPM and AI-SPM

• Webinar: Know Your Exposure: Is Your Cloud Data Secure in the Age of AI?
• Data Sheet: Data Security in a Unified Cloud Security Solution
• Data Sheet: Securing AI resources and data in the cloud with Tenable Cloud Security
• Infographic: When CNAPP met DSPM
• Demo Video

今年，有什么产品，改变了一点点你的生活和人生？

诚挚邀请各界人士参与，共同见证中国科技创新的辉煌与未来！

Q3 2024 saw a slight increase in ransomware activity, with 1,266 organizations listed on ransomware data-leak sites—a 2.3% increase from 1,237 in the previous quarter.

Q3 2024 saw a slight increase in ransomware activity, with 1,266 organizations listed on ransomware data-leak sites—a 2.3% increase from 1,237 in the previous quarter.

0xGame week1 re&pwn&web

Windows 内核态驱动本地权限提升漏洞（CVE-2024-35250）

Lawmakers Demand Answers, Security Overhaul After Chinese Hack of Telecom Networks
Congress is demanding answers from AT&T, Verizon, and Lumen after reports revealed that Chinese hackers breached U.S. telecom infrastructure, targeting systems linked to court-authorized wiretaps, as the FBI and the Cybersecurity and Infrastructure Security Agency investigate the Salt Typhoon group.

Texas-Based Gryphon Healthcare Says an Unnamed Third Party Was at Center of Breach
A Texas-based revenue cycle management firm is notifying about 400,000 individuals of a hacking incident it says originated with another third party. The incident is among a growing list of major breaches implicating vendors and cumulatively affecting tens of millions of patients so far this year.

Sector Uses Multifactor, Eschews Cloud, Can't Afford Cyber Insurance
The oil and gas industry has high levels of cyber awareness and low levels of cyber insurance, says a sectoral assessment from credit rating agency Moody's. The sector has experienced a clutch of high-profile attacks including a high-profile 2021 incident at Colonial Pipeline.