[tl;dr sec] #291 - Build a GuardDuty Triage Agent, Scaling Netflix's Threat Detection Pipelines, Claude for Security Review
How to build an AI agent that triages GuardDuty alerts, lessons learned scaling Netflix's detection pipelines, Anthropic releases a slash command and GitHub Action for performing secure code review
Google Among Victims in Ongoing Salesforce Data Theft Campaign
Google confirms it was among the victims of an ongoing data theft campaign targeting Salesforce instances, where publicly available business names and contact details were retrieved by the threat actor
Most companies have not turned cybersecurity awarenessâespecially in cloud & SaaS environmentsâinto action. They need to shift to continuous posture management.
MY TAKE: The GenAI security crisis few can see â but these startups are quietly mapping the gaps
LAS VEGAS â A decade ago, the rise of public cloud brought with it a familiar pattern: runaway innovation on one side, and on the other, a scramble to retrofit security practices not built for the new terrain. Related: GenAI workflow risks Shadow IT flourished. S3 buckets leaked. CISOs were left to piece together fragmented
China Accuses Nvidia of Putting Backdoors into Their Chips - Schneier on Security
The government of China has accused Nvidia of inserting a backdoor into their H20 chips: Chinaâs cyber regulator on Thursday said it had held a meeting with Nvidia over what it called âserious security issuesâ with the companyâs artificial intelligence chips. It said US AI experts had ârevealed that Nvidiaâs computing chips have location tracking and can remotely shut down the technology.â
Massive IPTV piracy service with 28,000 channels taken offline
The Alliance for Creativity and Entertainment (ACE) announced the shutdown of Rare Breed TV, a major illegal IPTV service provider, after reaching a financial settlement with its operators.
Air France and KLM disclose data breaches impacting customers
Air France and KLM announced on Wednesday that attackers had breached a customer service platform and stolen the data of an undisclosed number of customers.