In their 2024 cybersecurity outlook, WatchGuard researchers forecast headline-stealing hacks involving LLMs, AI-based voice chatbots, modern VR/MR headsets, and more in the coming year. Companies and individuals are experimenting with LLMs to increase operational efficiency. But threat actors are learning…
Category: EN
The AI readiness race and where global companies stand
According to Cisco, only 14% of organizations worldwide are ready to implement and utilize AI technologies. The report found that 61% of respondents indicated they have a maximum of one year to deploy their AI strategy before there’s a negative…
Put guardrails around AI use to protect your org, but be open to changes
Artificial intelligence (AI) is a topic that’s currently on everyone’s minds. While in some industries there is concern it could replace workers, other industries have embraced it as a game-changer for streamlining processes, automating repetitive tasks, and saving time. But…
Microsoft Warns of Malvertising Scheme Spreading CACTUS Ransomware
Microsoft has warned of a new wave of CACTUS ransomware attacks that leverage malvertising lures to deploy DanaBot as an initial access vector. The DanaBot infections led to “hands-on-keyboard activity by ransomware operator Storm-0216 (Twisted Spider, UNC2198), culminating in the…
LogoFAIL: UEFI Vulnerabilities Expose Devices to Stealth Malware Attacks
The Unified Extensible Firmware Interface (UEFI) code from various independent firmware/BIOS vendors (IBVs) has been found vulnerable to potential attacks through high-impact flaws in image parsing libraries embedded into the firmware. The shortcomings, collectively labeled LogoFAIL by Binarly, “can be used by…
Understanding the New SEC Rules for Disclosing Cybersecurity Incidents
The U.S. Securities and Exchange Commission (SEC) recently announced its new rules for public companies regarding cybersecurity risk management, strategy, governance, and incident exposure. Some requirements apply to this year—for example, disclosures for fiscal years ending December 15, 2023, or…
Google Introduces RETVec: Gmail’s New Defense to Identify Spams
Google has recently introduced a new multilingual text vectorizer called RETVec (an acronym for Resilient and Efficient Text Vectorizer), to aid identification of potentially malicious content like spam and fraudulent emails in Gmail. While massive platforms like YouTube and Gmail…
Researchers: ‘Black Basta’ Group Rakes in Over $100 Million
A cyber extortion group believed to be an offshoot of the infamous Russian Conti hacker organization has reportedly amassed over $100 million since its emergence last year, according to a report published on Wednesday by digital currency tracking service…
Okta: October Data Breach Impacts All User Across Customer Support Systems
The latest investigation Okta’s recent investigation into the exploit of its Help Center environment in October disclosed that the threat actors stole the data that belonged to all customer support system users. Okta mentioned that the hackers also stole extra…
Active Attacks Targeting Google Chrome & ownCloud Flaws: CISA Warns
The CISA announced two known exploited vulnerabilities active attacks targeting Google Chrome & own cloud vulnerabilities in their catalog. As the national coordinator for critical infrastructure security and resilience, CISA oversees government cybersecurity operations. Document Protect Your Storage With SafeGuard…
You should probably update your Google Chrome browser this weekend
2023 has been a banner year for zero-day exploits in Chrome, and Google has patched its 6th one, calling it an “emergency.” This article has been indexed from Latest stories for ZDNET in Security Read the original article: You should…
ChatGPT Spit Out Sensitive Data When Told to Repeat ‘Poem’ Forever
Plus: A major ransomware crackdown, the arrest of Ukraine’s cybersecurity chief, and a hack-for-hire entrepreneur charged with attempted murder. This article has been indexed from Security Latest Read the original article: ChatGPT Spit Out Sensitive Data When Told to Repeat…
Europol Dismantles Ukrainian Ransomware Gang
A well-known ransomware organization operating in Ukraine has been successfully taken down by an international team under the direction of Europol, marking a major win against cybercrime. In this operation, the criminal group behind several high-profile attacks was the target…
Amazon Introduces Q, a Business Chatbot Powered by Generative AI
Amazon has finally identified a solution to counter ChatGPT. Earlier this week, the technology giant announced the launch of Q, a business chatbot powered by generative artificial intelligence. The announcement, made in Las Vegas at the company’s annual conference…
China continues Pig-Butchering Crack-down
One of my techniques for keeping current on Cybercrime trends is having an “interesting” collection of international news ticklers. This story came to me via X:CyberScamMonitor via a QQ account called “onCambodia.” @CyberScamMonitor is a Twitter/X account and Substack account…
Next-Level AI: Unbelievable Precision in Replicating Doctors’ Notes Leaves Experts in Awe
In an in-depth study, scientists found that a new artificial intelligence (AI) computer program can generate doctors’ notes with such precision that two physicians could not tell the difference. This indicates AI may soon provide healthcare workers with groundbreaking…
Scores of US credit unions offline after ransomware infects backend cloud outfit
Supply chain attacks: The gift that keeps on giving A ransomware infection at a cloud IT provider has disrupted services for 60 or so credit unions across the US, all of which were relying on the attacked vendor. … This article…
How Kasada Counters Toll Fraud and Fake Account Creation for Enterprises
Amidst surging fake account creation and messaging charges from SMS toll fraud, two industry giants chose Kasada to protect their customers and profit margins. The post How Kasada Counters Toll Fraud and Fake Account Creation for Enterprises appeared first on…
Fortune-telling website WeMystic exposes 13M+ user records
WeMystic, a website on astrology, numerology, tarot, and spiritual orientation, left an open database exposing 34GB of sensitive data about the platforms’ users. Telling the future is a tricky business, and failure to foretell your own mishaps doesn’t help. The…
Agent Racoon Backdoor Targets Organizations in Middle East, Africa, and U.S.
Organizations in the Middle East, Africa, and the U.S. have been targeted by an unknown threat actor to distribute a new backdoor called Agent Racoon. “This malware family is written using the .NET framework and leverages the domain name service (DNS)…