Security Boulevard

via the comic humor & dry wit of Randall Munroe, creator of XKCD

Permalink

The post Randall Munroe’s XKCD ‘Muons’ appeared first on Security Boulevard.

Watch this: Want more “speculative execution” bugs? You’re gonna be in a great mood all day.

The post SLAP/FLOP: Apple Silicon’s ‘Son of Spectre’ Critical Flaws appeared first on Security Boulevard.

The Government Accountability Office states that customers are usually unaware of the potential privacy risks and biases that arise from use of personal information.

The post Our Digital Footprints are Breadcrumbs for Mapping our Personal Behavior appeared first on Security Boulevard.

The Codefinger ransomware represents a new frontier in cyber threats, specifically targeting AWS S3 buckets. By exploiting Server-Side Encryption with Customer-Provided Keys (SSE-C), attackers gain control over the encryption process, rendering recovery impossible without their AES-256 keys.

The post Codefinger Ransomware: Detection and Mitigation Using MixMode appeared first on Security Boulevard.

Old accounts are often unmaintained and forgotten - which can be problematic when you want to "clean up" some of your digital footprint by deleting them or go back to secure them with stronger passwords/MFA.

How do you find these old accounts when your recollection isn't enough? Fortunately, we all have some tricks up our sleeves for doing so. Some methods may be more effective for some users.

TABLE OF CONTENTS

• Old accounts are a part of your digital footprint
• Finding old accounts
• • Check your password manager
  • • Check stored credentials in the browser
    • iOS and macOS users: Review accounts in the "Keychain"
    • Android (and Google account users): Check the Google password manager
  • Search inboxes of old email accounts
  • Search data breach databases
  • • Leverage CTI platforms
  • Search for old, but frequently used usernames
• Final thoughts

Old accounts are a part of your digital footprint

Everything you do on the internet leaves a trace, which is commonly collectively referred to as your digital footprint. Creating accounts - whether you use them or not - is a part of this digital footprint.

I probably don't really need to explain it to you if you're reading this, as you likely understand that there's an account for just about everything on the internet. According to a survey conducted by NordPass in 2024, the average user has around 168 passwords to manage (which for the most part translate into accounts). Their survey also indicated this is an upward trend.

A proliferation of accounts and their subsequent management contributes to users' "attack surface" as well, as the more accounts increases the the possible points an unauthorized user can gain access to the information connected to/stored in the account. In this use case, this is typically by breaking into the account itself, a data leak, or a data breach.

The term "attack surface" is typically used for organizations to describe the avenues for attacks, but on the topic of accounts and users, its principles apply here as well. The short story is the less accounts you have, the less "attack surface" you have as a user; though this is primarily a cybersecurity topic, it actually extends to privacy as well.

Of course, you can minimize this attack surface by following and maintaining good cybersecurity hygiene, which includes having good password management and using MFA to secure your accounts. However, note that even following these practices can't mitigate data breaches where the service itself is compromised by a threat actor.

On the privacy front, the less accounts you create, then the less avenues for data breaches (which can leak your personal information) and the less trust you must have in third parties not to disclose personal information - including usage data, device and connection info connected to the account - to potential "adversaries."

Unmaintained "old" accounts can be problematic, especially if you've forgotten about them. They can use weak/leaked passwords and any data contained in the account can be weak to credential stuffing attacks from threat actors... or the account data leaked in a data breach of the service itself. If the account is no longer desired or needed, deletion is the best course of action.

Finding old accounts

There are many ways to find accounts to delete. You probably know of the accounts you currently use - but here are some tips to find old accounts so you can delete them, hopefully reducing your digital footprint and "attack surface."

Check your password manager

Using a password manager is a great way to improve password management - primarily by generating and securely storing strong passwords. Regardless of your password manager - whether it is cloud-based or note, open source (which is preferable) or not, a great place to look for accounts to delete could easily begin in your current password manager vault.

Check stored credentials in the browser

Most modern browsers have a built-in "password manager" able to store website credentials. Users can search these saved logins, which may contain old/abandoned accounts, though doing so varies slightly depending on the browser. Review your browser's help pages to access/search saved logins.

Note: Using a browser "password manager" is not recommended. Dedicated password managers provide more features, usability, and security.

iOS and macOS users: Review accounts in the "Keychain"

Apple devices (iOS and macOS) have a built-in credential manager, "Keychain." On iOS this is the new default "Passwords" app.

If you've had or currently have an Apple device, there's a high likelihood you've used Keychain - and it may have old accounts you no longer use stored. If you've ever transitioned from iOS/macOS or have transitioned to using another password manager, then this is a great place to look.

Android (and Google account users): Check the Google password manager

When users are signed into their Google accounts - especially when using Google Android or Google Chrome - the Google password manager may automatically capture and store login information for websites and apps.

As such, it may contain old accounts - especially if users have multiple Google accounts, have used Google Android, or have signed into their Google account when using Google Chrome.

Search inboxes of old email accounts

If you still have access to your old(er) email accounts, searching these inboxes can provide clues to accounts you may have forgotten about - especially if you created them before using a password manager. Many of us don't delete emails; so upon creating an account, it's highly likely you could still have the welcome email for long forgotten accounts.

Some helpful search terms ideas include:

• "Account information"
• "Welcome to"
• "Thanks for creating"
• "Email confirmation"
• "Finish registration"

Similarly, even if the original welcome email is not in your inbox, you may also find old accounts from password reset messages, one-time passwords (OTP), or account information changes. With account information changes, many services will send "confirmation" of key account changes, such as address changes, payment changes, or email address changes.

Some helpful search strings could include:

• "Email address change"
• "Information change"
• "Notice of account change"
• "Change confirmation"
• "Reset link"
• "New password"
• "Password reset"

Search data breach databases

Data breach databases often house information exposed in data breaches and data leaks, which can include email addresses and password hashes/plaintext equivalents. Most breach databases can be easily searched - typically, users will be required to input an email address, username, or phone number to check against the database records.

Common (and reputable) breach databases include:

• Have I Been Pwned
• Dehashed
• Breach Directory
• Mozilla Monitor

Searching breach databases can be useful for uncovering old, long abandoned or “dead” accounts that may have been involved...

The post How to Find Old Accounts for Deletion appeared first on Security Boulevard.

We’re excited to share that we now offer Flare Academy, an educational hub with free interactive online training for cybersecurity professionals.  What is Flare Academy? Flare Academy offers online training modules led by subject matter experts on the latest cybersecurity threats to cybersecurity practitioners interested in progressing their education.  These sessions cover various pressing cybersecurity […]

The post Flare Academy is Here! appeared first on Flare | Cyber Threat Intel | Digital Risk Protection.

The post Flare Academy is Here! appeared first on Security Boulevard.

Editor’s note: We will continue to provide updates as further information is forthcoming. On January 27th, 2025, GuidePoint’s Research and […]

The post Ongoing report: Babuk2 (Babuk-Bjorka) appeared first on Security Boulevard.

Trust is the cornerstone of the hospitality industry. Guests rely on you to safeguard their personal data, payment information, and loyalty rewards. However, in today's digital landscape, this trust faces constant risks. APIs, which serve as the unseen connections among various systems and applications, are particularly vulnerable to cyber threats. A single flaw can compromise sensitive data and cripple your brand’s reputation.

APIs: The Concealed Gateway to Your Critical Data

Modern hotels depend heavily on APIs. They facilitate processes from online reservations and mobile check-ins to loyalty programs and customized guest experiences. Nonetheless, these APIs often manage sensitive information, including:

• Personally Identifiable Information (PII): Names, addresses, phone numbers, passport information
• Payment Card Information (PCI): Credit card numbers, expiration dates, CVV codes
• Loyalty Program Data: Reward points, membership levels, personal preferences

A compromise of any of these APIs can lead to dire outcomes.

Exploiting Loyalty Programs: A Tempting Target

Hotel loyalty programs present a goldmine for hackers. Stolen loyalty points can be exchanged or used for complimentary stays and upgrades on the dark web. Imagine a scenario in which a hacker breaches your API and siphons millions of points from your loyalty program. This would result in financial losses, diminish customer trust, and harm your brand reputation.

Marriott: A Recurrent Cautionary Example

Marriott has repeatedly been a victim of data breaches. The expansive breach in 2018 affected nearly 500 million guests, while a more recent incident in 2024 reignited concerns regarding its system security. While the specifics of the 2024 breach remain under investigation, it is a clear reminder that even well-established hotel chains with strong security measures are susceptible. This highlights the urgent need for ongoing vigilance and robust security practices, particularly around APIs, to safeguard sensitive guest information.

Shielding Your Business with Salt Security

Standard security solutions like firewalls and WAFs are inadequate for defending against advanced API attacks. That's where Salt Security comes into play. Salt Security stands as the premier API security platform, ensuring comprehensive lifecycle protection for your APIs. Here's how Salt can assist:

• API Discovery: Salt automatically identifies all of your APIs, including hidden and neglected APIs, giving you total visibility into your API environment, which is essential in the hospitality sector where APIs frequently change and new ones are continually developed.
• Posture Governance: Salt aids you in establishing and enforcing security policies across all your APIs, ensuring they are securely configured and comply with regulatory standards, encompassing aspects like authentication, authorization, and data encryption.
• Threat Protection: Salt employs AI and machine learning to identify and prevent API attacks in real-time, targeting sophisticated threats like business logic exploitation, account hijacking, and data theft.

With Salt Security, you can rest assured that your APIs are shielded from emerging threats.

Don't Delay: Take Action Now

Investing in API security goes beyond compliance; it's about safeguarding your guests, your brand, and your financial interests. By partnering with Salt Security, you can proactively secure your APIs and reduce risks, ensuring the continued success of your hospitality business.

If you want to learn more about Salt and how we can help you on your API Security journey through discovery, posture governance, and run-time threat protection, please contact us, schedule a demo, or check out our website.

The post Why API Security is Essential for the Hospitality Sector: Safeguarding Your Guests and Your Rewards appeared first on Security Boulevard.

AI poses great opportunities for people and companies to implement robust systems to minimize the success and long-term effects of attacks. 

The post Using AI To Help Keep Your Financial Data Safe  appeared first on Security Boulevard.

Get educated on the security risks of DeepSeek. From data privacy concerns to compliance threats, learn how to stay secure while enabling safe AI adoption.

The post DeepSeek’s Deep Risks: What You Need to Know | Grip Security appeared first on Security Boulevard.

Discover how layered security protects businesses from cyber threats. Learn the key components, benefits, and strategies to implement a robust defense system for your data.

The post Layered Security: A Comprehensive Guide for Businesses appeared first on Security Boulevard.

Cofense Intelligence has continually observed the abuse or usage of legitimate domain service exploitation. This report highlights observed phishing threat actor abuse of .gov top-level domains (TLDs) for different countries over two years from November 2022 to November 2024.

The post Threat Actors Exploit Government Website Vulnerabilities for Phishing Campaigns appeared first on Security Boulevard.

The post How Compliance Automation Enhances Data Security appeared first on AI Security Automation.

The post How Compliance Automation Enhances Data Security appeared first on Security Boulevard.

[written together with Marina Kaganovich, Executive Trust Lead, Office of the CISO @ Google Cloud; originally posted here]

In 2024, we shared our insights on how to approach generative AI securely by exploring the fundamentals of this innovative technology, delving into key security terms, and examining the essential policies needed for AI governance. We also discussed Google Cloud’s approach to AI security and shared helpful resources like the Secure AI Framework (SAIF).

In addition to publishing blogs and papers, our Cloud Security Podcast by Google episodes have featured experts discussing AI’s impact on security, offering practical implementation advice, and addressing emerging challenges.

Finally, we examined lessons learned from various sectors and provided actionable guidance on securing AI systems alongside best practices for avoiding common AI security pitfalls.

A recap of our key blogs, papers and podcasts on AI security in 2024 follows.

Gen AI Security Fundamentals

Gen AI demystified: Understanding gen AI types and their risks

In today’s rapidly evolving technological landscape, gen AI presents both opportunities and security challenges for business leaders. Navigating this complex and dynamic landscape necessitates a strategic understanding of several key distinctions to inform decisions for optimal security and operational effectiveness: consumer vs. enterprise Gen AI, with the former prioritizing ease of use and the latter emphasizing security; open vs. proprietary models, balancing innovation with controlled access; and cloud vs. on-premise deployments, weighing scalability against data security.

5 gen AI security terms busy business leaders should know

Leaders must be cognizant of 5 key security risks: prompt manipulation, where malicious prompts yield harmful outputs; data leakage, which involves the unintended exposure of sensitive information; model theft, that results in financial and reputational damage; data poisoning, where compromising model outputs are the result of corrupted training data; and hallucinations, a condition where the model generates inaccurate or nonsensical information. Mitigating these risks requires robust security protocols including prompt sanitization, data governance policies, access controls, output filtering, data source vetting, and continuous monitoring, coupled with responsible AI practices such as data curation, model stress-testing, and customer safety tools.

Governance and policy

Gen AI governance: 10 tips to level up your AI program

To effectively operationalize AI at scale, adopt a comprehensive approach encompassing these 10 best practices. These include establishing a cross-functional team of stakeholders, defining clear AI principles, using a robust framework like SAIF, documenting and implementing AI policies, prioritizing use cases, integrating with existing data governance programs, collaborating with compliance and legal teams, establishing escalation pathways, ensuring visibility of AI initiatives, and enabling continuous learning through a dedicated AI training program.

How to craft an Acceptable Use Policy for gen AI

A well-defined Acceptable Use Policy (AUP) for gen AI is crucial for organizations to establish clear guidelines, mitigate risks, and foster responsible AI adoption. Key elements of an AUP include a clear purpose statement, defined scope, assigned accountability, approved tools and data handling guidelines, and practical examples of acceptable and unacceptable AI use.

Google Cloud’s Approach to Trust in Artificial Intelligence

Google Cloud takes a comprehensive approach to secure AI, emphasizing risk management, data governance, privacy, security, and compliance throughout the entire AI lifecycle. With a principled AI development process guided by strong ethical considerations, this approach includes rigorous risk assessments, robust data governance protocols that prioritize customer privacy, and a security-first design mindset that champions transparency, customer control over data, and compliance with industry standards.

EP135 AI and Security: The Good, the Bad, and the Magical

We feature insights from Google Cloud’s CISO, Phil Venables, on the multifaceted impacts of AI on security. Our discussion focuses on AI’s potential as a game-changer in cybersecurity, its applications in threat detection and productivity enhancement, and the unique security concerns it presents. We examine the advantages and disadvantages AI offers to both defenders and attackers, and address the nuances of securing AI systems by emphasizing the concept of shared responsibility in this evolving landscape.

EP185 SAIF-powered Collaboration to Secure AI: CoSAI and Why It Matters to You

This episode introduces the Coalition for Secure AI (CoSAI), featuring Google’s David LaBianca, who highlights CoSAI’s mission to foster collaboration and establish secure AI practices. The discussion explores the importance of partnerships with organizations like Microsoft, OpenAI, and existing AI security initiatives. It also examines CoSAI’s approach to addressing the rapidly evolving AI landscape and emerging threats, outlining anticipated outcomes like a defender’s framework and secure software supply chains for AI.

Building AI securely

Staying on Top of AI Developments

Successfully implementing AI hinges on taking a people-centric approach to AI adoption and emphasizing the importance of workforce preparation through comprehensive AI education and skills development. Demystifying AI concepts, implementing tailored training programs with hands-on experience, and fostering a culture of continuous learning are all key to ensuring employees stay abreast of the latest advancements in this dynamic field. By investing in their workforce’s AI literacy, organizations can effectively leverage AI’s potential while minimizing risks and fostering a smooth transition into an AI-powered future.

7 key questions CISOs need to answer to drive secure, effective AI

Here we’ve taken some of the most common security concerns around AI that we have heard from CISOs around the world and summarized them along with our answers. CISOs should be asking — and answering — these questions related to establishing clear AI guidelines, mitigating emerging threats, safeguarding data security and privacy, and leveraging AI to enhance existing security measures. By proactively addressing these critical areas, organizations can confidently harness AI’s potential while minimizing risks.

To securely build AI on Google Cloud, follow these best practices

Robust security practices are crucial in mitigating the unique risks associated with AI systems. Our research report offers best practices for securing AI workloads on Google Cloud and provides a comprehensive checklist for both security and business leaders by covering key areas like model development, application security, infrastructure, and data management. By adhering to these recommendations, organizations can confidently build and deploy secure AI solutions on Google Cloud while minimizing potential risks.

How SAIF can accelerate secure AI experiments

Accelerate AI adoption through secure and effective AI experiments using the Secure AI Framework (SAIF). Starting with well-defined objectives and targeted use cases, assembling a cross-functional team, utilizing high-quality data, and implementing robust security measures, organizations can support responsible AI experimentation that drives innovation.

SAIF Risk Map

The SAIF Risk Map provides a comprehensive overview of the diverse security risks inherent in AI development spanning data poisoning, model tampering, unauthorized access, and insecure outputs. These risks are introduced at various stages of the AI lifecycle, from data ingestion and model training to deployment and usage. The map emphasizes proactive mitigation strategies, including robust access controls, data sanitization, secure infrastructure, and thorough testing, to address these vulnerabilities and ensure the responsible development and deployment of AI systems.

SAIF Risk Assessment: A new tool to help secure AI systems across industry

The SAIF Risk Assessment is an interactive tool designed to help organizations enhance the security of their AI systems. This questionnaire-based assessment guides users through an evaluation of their AI security practices, identifies potential risks like data poisoning and prompt injection, and offers tailored mitigation strategies, serving as a practical resource for translating the Secure AI Framework (SAIF) into actionable steps and empowering organizations to proactively assess and strengthen their AI security posture.

Securing the AI Software Supply Chain

The evolution of AI brings new security challenges, paralleling those found in traditional software supply chains but with increased complexity. The AI supply chain, encompassing data sourcing, model training, deployment, and maintenance, introduces vulnerabilities at every stage. This paper highlights the urgency of addressing these risks, emphasizing that compromised AI models are already a reality. The paper underscores the adaptability of existing security measures like provenance and SLSA to the AI domain and includes key takeaways such as the importance of provenance and the need for robust security measures throughout the AI development lifecycle.

EP192 Confidential + AI: Can AI Keep a Secret?

We delve into the intersection of confidential computing and AI, featuring Nelly Porter from Google Cloud who discusses real-world applications where confidential AI makes a significant impact, comparing it to on-premises AI solutions and examining which parts of the AI lifecycle are best suited for a confidential environment. The performance, cost, and security implications of confidential AI are also addressed, providing listeners with valuable resources to further explore this emerging technology and its role in safeguarding sensitive data while leveraging the power of AI.

EP173 SAIF in Focus: 5 AI Security Risks and SAIF Mitigations

Honing in on the unique challenges of securing AI systems in cloud environments, we highlight 5 key AI security risks that organizations should address. Featuring Google’s Shan Rao, the discussion explores how the Secure AI Framework (SAIF) can mitigate these risks through common security controls and best practices. We also tackle striking the balance between rapid AI adoption and security, examine future trends in AI security, and provide valuable resources for listeners to further their understanding of this critical domain.

Lessons learned

Be secure, save money: AI-era lessons from financial services CISOs

Here we examine the multifaceted challenges faced by CISOs in the financial sector, particularly in light of the rapid evolution of AI, highlighting the delicate balancing act between embracing AI’s potential and mitigating its inherent risks including evolving threats, securing legacy systems, and managing costs. This blog emphasizes the need for CISOs to adopt a proactive approach by fostering strong governance structures, enhancing threat intelligence capabilities, and building resilient security programs.

Oops! 5 Serious gen AI security mistakes to avoid

Based on Office of the CISO’s discussions with customers, we’ve identified 5 key AI security mistakes to watch for: weak governance guidance, data security, too much access, failure to consider inherited vulnerabilities, and over-indexing on certain risks. To ensure secure and successful gen AI deployments, organizations should prioritize robust AI governance, maintain high-quality data, enforce strict access controls, scrutinize third-party models for vulnerabilities, and apply consistent security measures across all AI implementations, including internal tools. Addressing these key areas will help to mitigate risks, foster secure AI usage, and promote trust while driving positive business outcomes.

EP198 GenAI Security: Unseen Attack Surfaces & AI Pentesting Lessons

In this episode, we consider the unique security challenges posed by gen AI, featuring insights from SplxAI’s Co-Founder and CTO, Ante Gojsalic. The discussion explores the evolving attack surfaces of Gen AI, common security mistakes made by organizations, and the benefits of automating penetration testing for these applications.

Recommendations

From understanding the fundamental concepts and risks to establishing effective governance frameworks and leveraging resources like SAIF, you have access to resources that can help you make informed decisions about your AI initiatives.

Now it’s time to put this knowledge into action!

Related posts:

• Our Security of AI Papers and Blogs Explained
• Cloud Security Podcast by Google on AI

Cross-post: Office of the CISO 2024 Year in Review: AI Trust and Security was originally published in Anton on Security on Medium, where people are continuing the conversation by highlighting and responding to this story.

The post Cross-post: Office of the CISO 2024 Year in Review: AI Trust and Security appeared first on Security Boulevard.

Could There be a Simpler Way to Enhance Cloud-Native Security? Where maintaining top-tier security is as effortless as sipping a chilled lemonade on a beach. Yes, it may seem unlikely, but it is entirely achievable with the systematic and relaxed approach of Non-Human Identity (NHI) and Secrets Security Management. So, what is the key secret […]

The post Relax with Top-tier Cloud-Native Security appeared first on Entro.

The post Relax with Top-tier Cloud-Native Security appeared first on Security Boulevard.

Can NHI Management Be the Key to Unlocking Cybersecurity for Automated Systems? Where data is the new oil, we need to continually revisit and beef up our cybersecurity measures to protect crucial information. The rise in automated systems across various industries has paved the way for Non-Human Identities (NHIs) to gain prominence. This poses an […]

The post Keeping Your Automated Systems Safe and Secure appeared first on Entro.

The post Keeping Your Automated Systems Safe and Secure appeared first on Security Boulevard.

Why is Secrets Management Crucial in Healthcare Systems? Have you ever considered how privileged access to digital systems in healthcare organizations can be both a boon and a bane? As more healthcare institutions migrate to cloud-based services, ensuring the security of sensitive data becomes paramount. Inadequate secrets management could lead to severe consequences, including security […]

The post Improving Secrets Management in Healthcare Systems appeared first on Entro.

The post Improving Secrets Management in Healthcare Systems appeared first on Security Boulevard.

Not all approaches to data de-identification and anonymization are created equal. Many approaches leave your data exposed to the very real risk of re-identification. Here's how that can happen and how to avoid it.

The post Reverse engineering your test data: It’s not as safe as you think it is appeared first on Security Boulevard.

The short answer? Adding data synthesis to your CI/CD pipeline makes your processes better, faster, and more efficient.

The post What is the role of data synthesis in my CI/CD pipeline, anyway? appeared first on Security Boulevard.

David Jemmett, CEO & Founder of CISO Global Unlike Western AI systems governed by privacy laws and ethical considerations, DeepSeek operates under a regime notorious for state-sponsored hacking, surveillance, and cyber espionage. With AI-driven automation at its disposal, China can rapidly scale its cyberattacks, embedding malware, manipulating financial markets, and eroding trust in global AI […]

The post DeepSeek: The Silent AI Takeover That Could Cripple Markets and Fuel China’s Cyberwarfare appeared first on CISO Global.

The post DeepSeek: The Silent AI Takeover That Could Cripple Markets and Fuel China’s Cyberwarfare appeared first on Security Boulevard.