Cybernetics Pursue Exceptional Contributions to Privacy and Data Protection in Crypto Recovery
Cybernetics has invested significant resources into research and development to create cutting-edge technologies that bridge the gap between crypto recovery and privacy concerns.
The company's team of world-class experts in cryptography, cybersecurity, and data protection have collaborated to develop revolutionary techniques that enable seamless recovery of crypto assets while adhering to the highest standards of privacy in helping those impacted by crypto trading platform crimes.
@Cyber_Security_Channel
BlackBerry: AI Cybersecurity Pioneer, BlackBerry Introduced Major Update to Next-Generation AI Engine
BlackBerry pioneered the field of AI for predictive cyber defense, and today delivers the highest efficacy scores against the competition whether an endpoint is online or offline.
Cylance AI enables organizations to stay ahead of cyberattacks without sacrificing operational efficiency.
Rolled out automatically to all BlackBerry customers currently using CylanceENDPOINT™, CylanceEDGE™ and CylanceGUARD®, the new engine builds upon previous iterations that stop attacks 12 times faster and with 20 times less resources than other cybersecurity solutions.
@Cyber_Security_Channel
Black Hat USA: Cybersecurity Community Can Help with National Security Policy
The CrowdSec Partner Program operates on three different tiers: silver, gold and platinum.
Each partner receives free training and certification through the CrowdSec Academy, and will have the opportunity to grow through the tiers, which offer different business benefits, such as revenue sharing, dedicated training and exclusive access to product features.
With a partner-first approach, CrowdSec’s primary goal is to elevate existing and future partners, and boost their revenue by providing them with comprehensive marketing resources, training and support.
@Cyber_Security_Channel
'Sufficient Protections Not in Place' to Prevent Data Breach, Regulator Admits
The Electoral Commission expressed its “regret that sufficient protections were not in place to prevent this cyberattack” and indicated that, working with its security providers and experts from the National Cyber Security Centre, it has taken steps since the breach to improve its security systems and processes.
“We have strengthened our network login requirements, improved the monitoring and alert system for active threats and reviewed and updated our firewall policies,” it said.
@Cyber_Security_Channel
Jericho Security Uses AI to Fight AI in New Frontier of Cybersecurity
Jericho Security’s approach marks a new frontier for cybersecurity, using machine-learning capabilities to essentially “fight AI with AI.”
Jericho pits an AI red team against an AI blue team in simulations to uncover vulnerabilities and develop more robust defenses.Jericho Security is the result of decades of collective observation of the evolution of cybersecurity threats by its founders.
@Cyber_Security_Channel
🏹 Get Ready To Hunt 2FA Bugs like a Pro!
Looking for a way to approach Two Factor Authentication Bugs?
Our partners at Hacklido have a digital product that will help you find effective solutions.
↳ It shows you the process of finding 2FA flaws
Grab your copy and improve your skills:
→ https://gumroad.com/a/631226579/jdvwcd
Third Parties Can Intervene in Belgian Data Protection Authority Proceedings and Appeal Its Decisions
The Constitutional Court agreed that the lack of remedies for interested third parties against decisions of the Litigation Chamber of the BDPA was not in line with the constitutional principle of equality.
The legislator has now gone one step further by giving appeal as well as intervention possibilities to interested third parties.
A first step to amend the legal framework and to develop a specific provision on appeal possibilities for interested third parties took place on 12 January 2023 as a result of a decision by the Belgian Constitutional Court.
@Cyber_Security_Channel
White House Offers Prize Money for Hacker-Thwarting AI
To boost participation, the Defense Advanced Research Projects Agency (DARPA) running the competition will put $7 million into funding small businesses that want to compete, according to the White House.
DARPA is collaborating with AI tech titans Anthropic, Google, Microsoft, and ChatGPT-maker OpenAI, which will provide expertise and technology for the competition, Prabhakar said.
@Cyber_Security_Channel
Case from a few days ago: Tesla's Software Cracked: Offers Free Upgrades That Even Musk Can't Fix
A recent revelationby a security researcher and a trio of PhD students from Germany has sent shockwaves across the automobile industry.
The team has reportedly found a backdoor to Tesla's sophisticated, AMD-based cars. They've managed to devise what could be the world's first unpatchable "Tesla Jailbreak", poised to unlock a trove of paid features – all for free.
@Cyber_Security_Channel
Cornell introduces new AI-focused Board Governance program
The program offers presentations, panel discussions and networking events designed specifically for current board members of public and private companies.
Participants will explore matters in AI, data privacy, algorithmic bias and antitrust.
The small cohort size is intended to ensure high-quality peer-to-peer engagement on key issues and solutions that participants can directly apply to their organizations.
@Cyber_Security_Channel
The Importance Of Safeguarding Businesses From Data Privacy And Cybersecurity Risk
Data privacy is handling and safeguarding personal or sensitive information, sometimes by multiple parties.
Businesses collect customer data for different reasons, but their primary purposes are to improve services, understand user behavior, and make efforts toward marketing.
@Cyber_Security_Channel
Regtech and Cybersecurity: Strengthening Data Protection in Compliance
Regtech is the application of modern technology to streamline and automate regulatory compliance processes, such as artificial intelligence (AI), machine learning, and big data analytics.
The goal of regtech is to assist financial institutions in staying ahead of regulatory developments, ensuring compliance, and efficiently managing complicated reporting requirements.
Beyond just compliance, regtech offers the ability to improve cybersecurity and data protection policies.
@Cyber_Security_Channel
Average Cost of a Data Breach Has Reached an All-Time High: IBM Report
Involving law enforcement in a ransomware attack also saved money and shortened the lifecycle of the breach.
Organizations that didn’t involve law enforcement in a ransomware attack incurred an additional $470,000 in expenses on average.
About 63% of respondents said they involved law enforcement.
The 37% that didn’t involve law enforcement paid 9.6% more and experienced a 33-day longer breach lifecycle.
@Cyber_Security_Channel
When Your Teammate is a Machine: 8 Questions CISOs Should be Asking About AI
AI will effectively become an extension of automation processes and can uncover a vastly expanded breadth and span of information, helping to evaluate complexities at greater and greater speeds.
1. Did comprehensive testing to ensure the AI algorithm works as intended occur?
2. From where did the data used to train the AI come?
3. How was the AI algorithm designed to prevent, or mitigate as much as possible, bias in the results?
4. How was the algorithm designed to mitigate the new and challenging risks that emerge almost daily related to generative AI?
5. Has the vendor comprehensively addressed security concerns related to machine learning and if so, how?
6. Has the AI been engineered to account for the complexity of AI systems attack surfaces and if so, in what ways?
7. How have supply chain and third-party AI components been reviewed for security and privacy risk, and then mitigated?
8. Has the AI manufacturer or vendor developed their AI products to meet data protection compliance for the areas in which they will be sold?
@Cyber_Security_Channel
KnowBe4 PhishER Plus Uses Triple-Validated Phishing Threat Feed
PhishER Plus users are trained to spot and report phishing attacks, KnowBe4 stated.
The information these users gather about phishing attacks is incorporated into the PhishER Plus Global Blocklist.
KnowBe4 provides a security awareness training and simulated phishing platform used by more than 60,000 organizations, the company said.
It also offers a partner program for MSSPs, MSPs and other technology providers.
@Cyber_Security_Channel
The Forrester Consulting TEI of Guardium Data Protection study: 5 Data Security Lessons
Forrester Consulting Total Economic Impact (TEI) study commissioned by IBM for its IBM Security Guardium Data Protection product.
The TEI study focuses specifically on Guardium Data Protection, but its interviews with security professionals reveal common concerns that data security analysts (DSAs) face.
- Visibility
- Compatibility
- Automated monitoring
- Easier audits
- Adapting to changing regulations
@Cyber_Security_Channel
AI Hallucinations Could Be a Cybersecurity Risk
AI is trained from massive data sets, often containing flaws like thought gaps, content saliency variance, or harmful biases.
Any training from these incomplete or inadequate data sets could be the root of hallucinations, even if later iterations of the data set received curation from data scientists.
@Cyber_Security_Channel
EY Breach Exposes Bank of America Customer Credit Card Numbers
Experts warn that even seemingly insignificant pieces of leaked personal information can be collated to have a devastating impact.
Victims whose data has been leaked often don’t realize they’ve been compromised and therefore take no action to mitigate the outcome.
EY said that Bank of America will provide exposed clients with a “complimentary two-year membership in an identity theft protection service.”
The letter urges potential victims to be vigilant and cautiously review account statements and credit reports for suspicious activity.
@Cyber_Security_Channel
Your Data Protection Checklist
Under certain criteria, regulations such as the GDPR mandate a DPO’s appointment.
However, even if it is optional, you may consider appointing an independent and impartial advisor that will supervise data protection governance in the organization.
They should have expertise in data privacy and security practices and a solid grasp of business processes and industry specifics.
@Cyber_Security_Channel
DARPA, White House launch $20M AI, Cybersecurity Challenge
Dubbed the “AI Cyber Challenge,” or AIxCC, the effort aims to “challenge competitors across the United States, to identify and fix software vulnerabilities using AI,” the White House announced today.
Google, Microsoft, OpenAI and Anthropic will lend expertise and technologies for the challenge.
DARPA will host an open competition for AIxCC where up to 20 teams will advance to the semifinals next August at the DEF CON 2024 conference, followed by up to five teams advancing to the finals, according to the agency’s website.
In August 2025, three winners will be chosen at DEF CON 2025. AIxCC will feature almost $20 million in prizes, according to the White House.
@Cyber_Security_Channel
AmiViz and Darktrace Announce Cybersecurity Partnership
Darktrace’s Cyber AI Loop prevents, detects, responds, and heals from cyber-attacks, all at once, at all times, everywhere an organization touches data and people, whether that’s outside on the attack surface or inside the organization.
AmiViz is the first B2B enterprise marketplace focused on the cybersecurity industry in the Middle East, designed specially to serve the interests of enterprise resellers and vendors.
Driven by innovation and AI-powered technology, the platform provides a unique collaboration platform through a mobile application on iOS and Android, as well as a web-based platform to enterprise resellers, consultants, system integrators, channel partners, and vendors.
AmiViz and Darktrace will work closely to roll out several new channel initiatives to enhance collaboration and drive greater customer value.
AmiViz will help conduct technical and sales workshops, support proof of concept, and extend pre-sales, implementation, and first-line support to its partners across the region.
@Cyber_Security_Channel
IBM Researchers Easily Trick ChatGPT Into Hacking
Researchers at IBM released a report Tuesday detailing easy workarounds they've uncovered to get large language models (LLMs) — including ChatGPT — to write malicious code and give poor security advice.
All it takes is knowledge of the English language and a bit of background knowledge on how these models were trained to get them to help with malicious acts.
@Cyber_Security_Channel
Royal, Hive, Black Basta Ransomware Gangs ‘Collaborating on Cyber Attacks’
There were “distinct similarities” between techniques employed during four different incidents at the beginning of 2023, analysis showed, raising questions over whether the gangs have been collaborating.
“Despite Royal being a notoriously closed off group that doesn’t openly solicit affiliates from underground forums, granular similarities in the forensics of the attacks suggest all three groups are sharing either affiliates or highly specific technical details of their activities,” Sophos said.
@Cyber_Security_Channel
Google Awards USD 15,000 to Apple Security Team for Finding Bug in Chrome Web Browser
The collaboration between tech companies in identifying and addressing security vulnerabilities is crucial for maintaining the safety and privacy of users’ data and ensuring the overall security of online platforms.
The ‘CVE-2023-4072’ vulnerability is a critical security flaw identified in Google Chrome’s WebGL implementation. It is classified as an “out of bounds read and write” bug, which means that an attacker could potentially access and modify memory areas beyond the allocated space, leading to potential security exploits.
@Cyber_Security_Channel
GDPR Fines Just 6% of the Total Cost of Data Breaches
The most common causes of the breaches in the research weren’t cyber attacks.
Only a third (33%) of breaches reported were due to malware or phishing, with all breaches caused by threats from outside an organization accounting for 35% of reports. Insider threats, however, came to 40%.
Human error accounted for more – 23% were caused by data being shared with the wrong person, while 11% was due to lost or stolen data.
This includes, for example, stolen devices or paperwork being left in an unsecured location.
@Cyber_Security_Channel
Downfall: New Intel CPU Attack Exposing Sensitive Information
Daniel Moghimi, the Google senior research scientist who discovered the flaw.
“I discovered that the Gather instruction, meant to speed up accessing scattered data in memory, leaks the content of the internal vector register file during speculative execution.
To exploit this vulnerability, I introduced Gather Data Sampling (GDS) and Gather Value Injection (GVI) techniques,” Moghimi added.
@Cyber_Security_Channel
Protection is No Longer Straightforward – Why More Cybersecurity Solutions Must Incorporate Context
Think of it like making a trip to the Emergency Room.
The admitting ER physician is not likely to make a diagnosis and prescribe treatment based solely on the symptoms presented by the patient.
Doing so could lead to complications or further injury.
Instead, the physician must also consider additional context, such as past illnesses, medications, allergies, surgeries, and other relevant information. In many cases, it would be life-threatening if the physician had to take the time to make calls to previous doctors, pharmacies, etc., to gather this information.
@Cyber_Security_Channel
How to Get Unlimited Airline Miles: Researchers Find the Cheat Codes
Vulnerabilities in the Points.com API could have been exploited to expose customer data, steal customers’ “loyalty currency” (like miles), or even compromise Points global administration accounts to gain control of entire loyalty programs.
An encrypted cookie assigned to each user had been encrypted with an easily guessable secret—the word “secret” … the researchers could decrypt their cookie, reassign themselves global administrator privileges for the site … and essentially assume god-mode-like capabilities
@Cyber_Security_Channel
Understanding the Role of Runtime Application Self-Protection (RASP) in Cybersecurity
The primary function of RASP is to identify and block attacks in real-time.
It does this by continuously monitoring the behavior of an application, identifying malicious activities, and preventing them from causing harm.
This is particularly important in today’s digital landscape where attacks are becoming more sophisticated and harder to detect with traditional security tools.
RASP’s real-time response capability is another significant advantage. In the event of an attack, RASP can immediately take action to prevent the attack from progressing.
This could involve terminating a user’s session, stopping an application’s execution, or alerting the security team.
This immediate response can significantly reduce the potential damage caused by an attack.
@Cyber_Security_Channel
Cybersecurity: What the Defense Industry Needs to Unlock to Stay Ahead
Cybersecurity is a key requirement for supporting software infrastructure across the entire military supply chain due to the recent increase in cyber warfare.
Organizations’ systems must be pen-tested and have enough built-in protection to avert and react to attempted data breaches or cyberattacks.
@Cyber_Security_Channel