Cyber attacks on water infrastructure are growing. Josh Corman of IAmTheCavalry joins us to discuss efforts to secure critical water systems.

The post Cyber Threats to Water Infrastructure: Insights from Josh Corman appeared first on The Security Ledger with Paul F. Roberts.

AI-enabled cybercriminals are exploiting the holiday shopping season with precision phishing, account takeovers, payment skimming and ransomware, forcing retailers to adopt real-time, adaptive defenses to keep pace.

The post AI Cybercriminals Target Black Friday and Cyber Monday appeared first on Security Boulevard.

Competitive testing is a business-critical function for financial institutions seeking the ideal solutions provider to help optimize their risk management strategies. Don’t get seduced by inflated test results or flowery marketing claims, however. Selecting the right risk solutions could be one of the most important tasks your business ever undertakes – and one of the..

The post Don’t Use a Ruler to Measure Wind Speed: Establishing a Standard for Competitive Solutions Testing appeared first on Security Boulevard.

Enterprise GenAI success depends on more than models—security, observability, evaluation, and integration are critical to move from fragile pilots to reliable, scalable AI.

The post Securing GenAI in Enterprises: Lessons from the Field appeared first on Security Boulevard.

In today’s fast-evolving digital world, organizations increasingly rely on hybrid workforces, cloud-first strategies, and distributed infrastructures to gain agility and scalability. This transformation has expanded the network into a complex ecosystem spanning on-premises, cloud, and remote endpoints, vastly increasing the attack surface. Cyber adversaries exploit this complexity using stealth techniques like encrypted tunnels, credential misuse,

The post Why Network Monitoring Matters: How Seceon Enables Proactive, Intelligent Cyber Defence appeared first on Seceon Inc.

The post Why Network Monitoring Matters: How Seceon Enables Proactive, Intelligent Cyber Defence appeared first on Security Boulevard.

Welcome back my aspiring cyberwarriors!

You have likely heard of the company NVIDIA. Not only are the dominant company in computer graphics adapters (if you are gamer, you likely have one) and now, artificial intelligence. In recent weeks, they have become the most valuable company in the world ($5 trillion).

The two primary reasons that Nvidia has become so important to artificial intelligence are:

1. Nvidia chips can process data in multiple threads, in some cases, thousands of threads. This makes doing complex calculations in parallel possible, making them much faster.
2. Nvidia created a development environment named CUDA for harnessing the power of these powerful CPU’s. This development environment is a favorite among artificial intelligence, data analytics, and cybersecurity professionals.

Let’s a brief moment to examine this powerful environment.

What is CUDA?

Most computers have two main processors:

CPU (Central Processing Unit): General-purpose, executes instructions sequentially or on a small number of cores. These CPU’s such as Intel and AMD provide the flexibility to run many different applications on your computer.

GPU (Graphics Processing Unit): These GPU’s were originally designed to draw graphics for applications such as games and VR environments. These GPU’s contain hundreds or thousands of small cores that excel at doing the same thing many times in parallel.

CUDA (Compute Unified Device Architecture) is NVIDIA’s framework that lets you take control of the GPU for general computing tasks. In other words, CUDA lets you write code that doesn’t just render graphics—it crunches numbers at massive scale. That’s why it’s a favorite for machine learning, password cracking, and scientific computing.

Why Should Hackers & Developers Care?

CUDA matters as an important tool in your cybersecurity toolkit because:

Speed: A GPU can run password hashes or machine learning models orders of magnitude faster than a CPU.

Parallelism: If you need to test millions of combinations, analyze huge datasets, or simulate workloads, CUDA gives you raw power.

Applications in Hacking: Tools like Hashcat and Pyrit use CUDA to massively accelerate brute-force and dictionary attacks. Security researchers who understand CUDA can customize or write their own GPU-accelerated tools.

The CUDA environment sees the GPU as a device with:

Threads: The smallest execution unit (like a tiny worker).

Blocks: Groups of threads.

Grids: Groups of blocks.

Think of it like this:

• A CPU worker can cook one meal at a time.
• A GPU is like a kitchen with thousands of cooks—we split the work (threads), organize them into brigades (blocks), and assign the whole team to the job (grid).

Coding With CUDA

CUDA extends C/C++ with some keywords.
Here’s the simple workflow:

1. You write a kernel function (runs on the GPU).
2. You call it from the host code (the CPU side).
3. Launch thousands of threads in parallel → GPU executes them fast.

Example skeleton code:

c__global__ void add(int *a, int *b, int *c) {
    int idx = threadIdx.x;
    c[idx] = a[idx] + b[idx];
}

int main() {
    // Allocate memory on host and device
    // Copy data to GPU
    // Run kernel with N threads
    add<<<1, N>>>(dev_a, dev_b, dev_c);
    // Copy results back to host
}

The keywords:

• __global__ → A function (kernel) run on the GPU.
• threadIdx → Built-in variable identifying which thread you are.
• <<<1, N>>> → Tells CUDA to launch 1 block of N threads.

This simple example adds two arrays in parallel. Imagine scaling this to millions of operations at once!

The CUDA Toolchain Setup

If you want to try CUDA make certain you have the following items:

1. an NVIDIA GPU.

2. the CUDA Toolkit (contains compiler nvcc).

3. Write your CUDA programs in C/C++ and compile it with nvcc.

Run and watch your GPU chew through problems.

To install the CUDA toolkit in Kali Linux, simply enter;

kali > sudo apt install nvidia-cuda-toolkit

Next, write your code and compile it with nvcc, such as;

kali > nvcc hackersarise.cu -o hackersarise

Practical Applications of CUDA

CUDA is already excelling at hacking and computing applications such as;

1. Password cracking (Hashcat, John the Ripper with GPU support).
2. AI & ML (TensorFlow/PyTorch use CUDA under the hood). Our application of using Wi-Fi to see through walls uses CUDA.
3. Cryptanalysis (breaking encryption) & simulation tasks.
4. Network packet analysis at high scale.

As a beginner, start with small projects—then explore how to take compute-heavy tasks and offload them to the GPU.

Summary

CUDA is NVIDIA’s way of letting you program GPUs for general-purpose computing. To the hacker or cybersecurity pro, it’s a way to supercharge computation-heavy tasks.

Learn the thread-block-grid model, write simple kernels, and then think: what problems can I solve dramatically faster if run in parallel?

The world is becoming increasingly more digital and, whilst this is a good thing for a number of different reasons, this huge shift brings with it questions and scrutiny as to what exactly these huge tech companies are doing with such vast amounts of data.

The leading tech companies, including Google, Apple, Meta, Amazon and Microsoft – giants within the tech world – have all recently been accused of following unethical practices.

From Meta being questioned in courts over its advertising regime, to Amazon facing concerns over the fact that their Echo devices are potentially recording private conversations within the home, it’s not surprising that users are looking for more information as to how their data is being used.

With this comes the counterargument that big tech companies are doing what they can to strike the balance between privacy rights and ensuring that their product and the experience users get from using them don’t change.  But, how exactly are the big tech companies using and utilising sensitive and personal data while ensuring they still meet and adhere to the ever-expanding list of privacy rights? Let’s take a look.

Is Our Data The Price We Pay For Free?

In marketplaces and stores, we exchange legitimate currency for goods and services. But, with social media and other online platforms, we’re instead paying with our attention. A lot of online users are unaware of the expansive trail of browsing and search history that they leave behind.

Almost everything is logged and monitored online, right from the very first interaction and, depending on the web browser you use, some will collect more information than others. There are costs involved in almost every digital and online service we use and it costs money to host servers and sites – so why do we get to browse for free?

Simply because the cost is being underwritten in other ways. The most common form is through advertising, but the ways that only a few people think about, or want to think about, is through the harvesting and use of our data. Every single website is tracked or recorded in different ways and by different people, from marketing agencies who analyze the performance of a website to broadband providers who check connections.

Users will struggle to understand why companies want their data, but that’s simply because they don’t quite understand the value behind it. Data is currently considered to be one of the most valuable assets, mainly because it is a non-rival entity – this means that it can be replicated for free and with little to no impact on the quality. The nature of data means that it can be used for product research, market analysis or to train and better inform AI systems. All companies want more data in order to have as many financial and legal incentives and rights as they can.

What Are Cookies?

Data tracking is done through cookies, which are small files of letters and numbers which are downloaded onto your computer when you visit a website. They are used by almost all websites for a number of reasons, such as remembering your browsing preferences, keeping a record of what you’ve added to your shopping basket or counting how many people visit the site. Cookies are why you might see ads online months after visiting a website or get emails when you’ve left something in a shopping basket online.

Why Do Big Tech Companies Want User Data?

How Laws Have Changed How Companies Use Your Data

In the EU, data is more heavily protected than it is in the US, for example. EU laws have taken a more hardline stance against the big tech companies when it comes to protecting users, with the General Data Protection Regulation, or GDPR, in place to offer the “toughest privacy and security law in the world”.

This law makes it compulsory for companies, particularly big tech companies, to outline specifically what it is they are using data for. This law was passed in 2016 and any company which violates it is subjected to fines which either total 4% of the company’s overall revenue, or €20 million – whichever is greater. In 2019, Google was fined a huge €57 million for violating GDPR laws, citing that they posed huge security risks.

Unlike the EU, the US does not have comprehensive laws to protect online users, which is what allows these companies to have access to data that they can then use to take advantage of said data. Following the EU’s introduction of GDPR, both Facebook and Google had to change and update their privacy rights and laws, but in the US, there is still some way to go.

This is because Google makes a lot of money from their user data. Over 80% of Google’s revenue comes from the advertising aspect of its business, which allows advertisers to target ads for services and products based on what users are searching for, with this information gathered from Google. Google is the largest search engine in the world, so all of these user’s data quickly adds up. It’s been said that “Google sells the data that they collect so the ads can be better suited to user’s interests.”.

Advertisers will also make use of Google’s Analytic data, which is a service that gives companies insight into their website activity by tracking users who land on there. A few years ago, there were rumours that Google Analytics wrongly gave U.S intelligence agencies access to data from French users, whilst Google hadn’t done enough in order to ensure privacy when this data was transferred between the US and Europe.

Reasons Why Big Tech Companies Want Your User Data

• Social media apps want information on how you use their platform in order to give you content that you actually want. TikTok in particular works to build you a customised and personalised algorithm to try and show you videos that you will actually engage with to keep you on the app for longer based on ads and content that you have previously watched and engaged with.
• Big tech companies will be interested in your data so that they can show you relevant ads. Most of the big tech companies make a lot of money through advertising on their platform, so they want to ensure that they keep advertisers happy by showing their services or products to the consumers who are more likely to convert.
• Your data will be used to personalise your browsing and platform experience to keep you coming back.

How Is Data Collection Changing?

One of the biggest reasons why companies are using your data is in order to serve you better when you are online. But, in terms of big tech companies, these reasons are often very different. With more and more people relying on technology provided by the likes of Google, Apple, Microsoft and Amazon, these companies need to be more reliable and be held to accountability more so that the rights of consumers are protected.

Changes and popularity in technology such as AI and cryptocurrency are becoming increasingly more common, and with these technologies comes the increase in risks of scams and fraud, such as the recent Hyperverse case. It is important now more than ever for these companies to put user’s minds at ease and improve their privacy rights.

Originally posted 2024-04-13 23:13:36. Republished by Blog Post Promoter

The post Data Dilemmas: Balancing Privacy Rights in the Age of Big Tech first appeared on Information Technology Blog.

In the past I tested GoAccess as solution to monitor page views, visitors activity and technology. I also compared it to the Google Analytics. When I wrote article about Anonymous Tor Phone I received one comment like:

How fucking ironic is

Does Google Analytics shows the same stats as logs from your server? Sure it doesn’t. A lot of people (including me) use various Privacy tools, Ads or

In your cybersecurity practice, do you ever worry that you’ve left your back door open and an intruder might sneak inside? If you answered yes, you’re not alone. The experience can be a common one, especially for security leaders of large organizations with multiple layers of tech and cross-team collaboration to accomplish live, continuous security workflows.

At Synack, the better way to pentest is one that’s always on, can scale to test for urgent vulnerabilities or compliance needs, and provides transparent, thorough reporting and coverage insight.

Know what’s being tested, where it’s happening and how often it’s occurring 

With Synack365, our Premier Security Testing Platform, you can find relief in the fact that we’re always checking for unlocked doors. To provide better testing oversight, we maintain reports that list all web assets being tested, which our customers have praised. Customer feedback indicated that adding continuous oversight into host assets would also help to know which host or web assets are being tested, when and where they’re being tested, and how much testing has occurred. 

Synack’s expanded Coverage Analytics tells you all that and more for host assets, in addition to our previous coverage details on web applications and API endpoints, all found within the Synack platform. With Coverage Analytics, Synack customers are able to identify which web or host assets have been tested and the nature of the testing performed. This is helpful for auditing purposes and provides proof of testing activity, not just that an asset is in scope. Additionally, Coverage Analytics gives customers an understanding of areas that haven’t been tested as heavily for vulnerabilities and can provide internal red team leaders with direction for supplemental testing and prioritization. 

Unmatched Oversight of Coverage 

Other forms of security testing are unable to provide the details and information Synack Coverage Analytics does. Bug bounty testing typically goes through the untraceable public internet or via tagged headers, which require security researcher cooperation. The number of researchers and hours that they are testing are not easily trackable via these methods, if at all. Traditional penetration testing doesn’t have direct measurement capabilities. Our LaunchPoint infrastructure stands between the Synack Red Team, our community of 1,500 security researchers, and customer assets, so customers have better visibility of the measurable traffic during a test. More and more frequently, we hear that customers are required to provide this kind of information to their auditors in financial services and other industries. 

A look at the Classified Traffic & Vulnerabilities view in Synack’s Coverage Analytics. Sample data has been used for illustration purposes.

Benefits of Coverage Analytics 

• Know what’s being tested within your web and host assets: where, when and how much 
• View the traffic generated by the Synack Red Team during pentesting
• Take next steps with confidence; identify where you may need supplemental testing and how to prioritize such testing

Starting today, security leaders can reduce their teams’ fears of pentesting in the dark by knowing what’s being tested, where and how much at any time across both web and host assets. Coverage Analytics makes sharing findings with executive leaders, board members or auditors simple and painless.

Current Synack customers can log in to the Synack Platform to explore Coverage Analytics today. If you have questions or are interested in learning more about Coverage Analytics, part of Synack’s Better Way to Pentest, don’t hesitate to contact us today!

The post Worry-free Pentesting: Continuous Oversight In Offensive Security Testing appeared first on Synack.

Some of the best intelligence an operator or decision-maker can obtain comes straight from the belly of the beast. That’s why dark web intelligence can be incredibly valuable to your security operations center (SOC). By leveraging this critical information, operators can gain a better understanding of the tactics, techniques and procedures (TTPs) employed by threat actors. With that knowledge in hand, decision-makers can better position themselves to protect their organizations.

This is in line with the classic teachings from Sun Tzu about knowing your enemy, and the entire passage containing that advice is particularly relevant to cybersecurity:

“If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.”

Let’s translate the middle section of this passage into colloquial cybersecurity talk: You can have the best security operations center in the world with outstanding cyber hygiene, but if you aren’t feeding it the right information, you may suffer defeats — and much of that information comes from dark web intelligence.

Completing Your Threat Intelligence Picture

To be candid, if you’re not looking at the dark web, there is a big gap in your security posture. Why? Because that’s where a lot of serious action happens. To paraphrase Sir Winston Churchill, the greatest defense against a cyber menace is to attack the enemy’s operations as near as possible to the point of departure.

Now, this is not a call to get too wrapped up in the dark web. Rather, a solid approach would be to go where the nefarious acts are being discussed and planned so you can take the appropriate proactive steps to prevent an attack on your assets.

The first step is to ensure that you have a basic understanding of the dark web. One common way to communicate over the dark web involves using peer-to-peer networks on Tor and I2P (Invisible Internet Project). In short, both networks are designed to provide secure communications and hide all types of information. Yes, this is only a basic illustration of dark web communications, but if your security operations center aims to improve its capabilities in the dark web intelligence space, you must be able to explain the dark web in these simple terms for two reasons:

1. You cannot access these sites as you would any other website.
2. You’re going to have to warn your superiors what you’re up to. The dark web is an unsavory place, full of illegal content. Your decision-makers need to know what will be happening with their assets at a high level, which makes it vitally important to speak their language.

And this part is critical: If you want to get the most out of dark web intelligence, you may have to put on a mask and appear to “be one of the bad guys.” You will need to explain to your decision-makers why full-time staff might have to spend entire days as someone else. This is necessary because when you start searching for granular details related to your organization, you may have to secure the trust of malicious actors to gain entry into their circles. That’s where the truly rich intelligence is.

This could involve transacting in bitcoins or other cryptocurrencies, stumbling upon things the average person would rather not see, trying to decipher between coded language and broken language, and the typical challenges that come with putting up an act — all so you can become a trusted persona. Just like any other relationship you develop in life, this doesn’t happen overnight.

Of course, there are organizations out there that can provide their own “personas” for a fee and do the work for you. Using these services can be advantageous for small and medium businesses that may not have the resources to do all of this on their own. But the bigger your enterprise is, the more likely it becomes that you will want these capabilities in-house. In general, it’s also a characteristic of good operational security to be able to do this in-house.

Determining What Intelligence You Need

One of the most difficult challenges you will face when you decide to integrate dark web intelligence into your daily operations is figuring out what intelligence could help your organization. A good start is to cluster the information you might collect into groups. Here are some primer questions you can use to develop these groups:

• What applies to the cybersecurity world in general?
• What applies to your industry?
• What applies to your organization?
• What applies to your people?

For the first question, there are plenty of service providers who make it their business to scour the dark web and collect such information. This is an area where it may make more sense to rely on these service providers and integrate their knowledge feeds into existing ones within your security operations center. With the assistance of artificial intelligence (AI) to manage and make sense of all these data points, you can certainly create a good defensive perimeter and take remediation steps if you identify gaps in your network.

It’s the second, third and fourth clusters that may require some tailoring and additional resources. Certain service providers can provide industry-specific dark web intelligence — and you would be wise to integrate that into your workflow — but at the levels of your organization and its people, you will need to do the work on your own. Effectively, you would be doing human intelligence work on the dark web.

Why Human Operators Will Always Be Needed

No matter how far technological protections advance, when places like the dark web exist, there will always be the human element to worry about. We’re not yet at the stage where machines are deciding what to target — it’s still humans who make those decisions.

Therefore, having top-level, industrywide information feeds can be great and even necessary, but it may not be enough. You need to get into the weeds here because when malicious actors move on a specific target, that organization has to play a large role in protecting itself with specific threat intelligence. A key component of ensuring protections are in place is knowing what people are saying about you, even on the dark web.

As Sun Tzu said: “If you know the enemy and know yourself, you need not fear the result of a hundred battles.” There’s a lot of wisdom in that, even if it was said some 2,500 years ago.

The post The Case for Integrating Dark Web Intelligence Into Your Daily Operations appeared first on Security Intelligence.