Postcards from Hacker Summer Camp 2023
The promise and threat of AI, government policy and surprising revelations about the Viasat hack were among the major takeaways from Black Hat and DEF CON.
Dark Caracal: A bumbling, yet surprisingly effective, cyber mercenary group
At DEF CON, EFF security researcher Cooper Quintin discussed a mysterious group called Dark Caracal that has proven effective despite making many mistakes.
Attackers are on the edge. Where are defenders?
VPNs, virtualization hosts, secure email gateways and other network “edge” devices have become a common entry point for attackers in significant enterprise breaches. How can defenders respond?
Top cyber takeaways from the Intelligence and National Security Summit
Concerns about China and generative AI dominated the cybersecurity discussions at the tenth edition of the Intelligence and National Security Alliance’s annual gathering, which drew hundreds of security professionals, spies and government experts.
As APIs proliferate, attackers follow
With APIs accounting for more than half of all internet traffic, attacks on mobile and web application endpoints continue to grow.
How defenders are experimenting with artificial intelligence
AI dominated conversations at the RSA Security Conference in May, but underneath the hype, some real changes are in the works.
Home is where the hackers are: The dizzying task of securing remote work
Increases in phishing attacks, credential stuffing against corporate cloud services and unpatched vulnerabilities in consumer hardware have all skyrocketed since the COVID pandemic upended work routines. With more employees logging in from home, locking down workers’ security habits and local networks has never mattered so much.
Flawed choices: Developers continue to use vulnerable open-source dependencies
While the open-source ecosystem continues to make progress on securing the production of widely used components, developers need better tools and a security culture to benefit.
Russia-Ukraine cyber conflict splits APT groups, raises threat level
The global cyberthreat landscape has changed since Russia’s invasion of Ukraine but not necessarily in the ways predicted.
AI-powered phishing: Chatbot hazard or hot air?
ChatGPT’s launch last November has captivated the security industry, as the artificially intelligent chatbot’s detailed responses seem ripe for abuse by scammers and cybercriminals. What’s the real threat?