Cyber Security News

24 Mar 2024 06:50

Fast-Growing RA Ransomware Group Goes Global

RA World's continues to use double-extortion tactics.

This gives victims an extra incentive to meet ransom demands by using details of previous victims in their ransom note, according to Trend Micro, which pulled back the veil with specifics of RA World's multistage attack in its post.

@Cyber_Security_Channel

Cyber Security News

22 Mar 2024 18:49

Navigating Cyberthreats and Strengthening Defenses in the Era of AI

As we look to secure the future, we must ensure that we balance preparing securely for AI and leveraging its benefits, because AI has the power to elevate human potential and solve some of our most serious challenges.

@Cyber_Security_Channel

Cyber Security News

21 Mar 2024 19:08

Apple Gets Loud About AI PCs With New M3-Based MacBook Air

What helped give Apple the confidence to apply this superlative is what it says is the M3’s “faster and more efficient” 16-core Neural Engine, which sits alongside the CPU and GPU on the processor’s die to accelerate machine learning workloads on the device.

The tech giant also pointed to how the unified memory architecture of its M-series chips helps the new MacBook Air and other Macs “run optimized AI models, including large language models and diffusion models for image generation locally with great performance.”

@Cyber_Security_Channel

Cyber Security News

20 Mar 2024 22:04

Microsoft Left a Windows Kernel Zero-Day Unpatched for Six Months, Despite Knowing it Was Being Actively Exploited

Avast stated it developed and submitted a custom PoC exploit to Microsoft revealing the significant access the flaw could offer potential threat actors if exploited in the right way in August 2023.

-----

📌 Getting ready for the SC-900 Microsoft Certification Exam?

→ Check this guide for tips, tricks, and best practices.

-----

@Cyber_Security_Channel

Cyber Security News

20 Mar 2024 07:35

Infrastructure Cyberattacks, AI-Powered Threats Pummel Africa

"As more advanced technologies become available, cybercriminals will use these to help them become more effective in their cybercriminal tactics and strategies," he says.

"We have seen how the cyber threat landscape continues to evolve, becoming somewhat different every year."

@Cyber_Security_Channel

Cyber Security News

19 Mar 2024 02:55

AISecOps: Expanding DevSecOps to Secure AI and ML

Over the past five-plus years, DevSecOps has become a staple of how we develop and secure software through collaboration between software and security teams and by embedding improved security practices into every phase of the development process.

The security challenges presented by AI and ML technologies are complex but not new to us. It’s no silver bullet, but we must utilize the lessons from DevSecOps’ successes and failures.

By applying DevSecOps lessons learned to AISecOps, we can approach these challenges with approaches that elevate the visibility of AI and AI data security and emphasize continuous security, collaboration, secure data practices and security by design.

@Cyber_Security_Channel

Cyber Security News

18 Mar 2024 07:53

A New Self-Spreading, Zero-Click Gen AI Worm Has Arrived!

Dubbed Morris II in a nod to the devastating computer worm that took down a sizable chunk of the internet in 1988, the new self-replicating malware uses a prompt injection attack vector to trick generative AI-powered email assistant apps that incorporate chatbots such as ChatGPT and Gemini.

This allows hackers to infiltrate victim emails to steal personal information, launch spam campaigns and poison AI models, according to researchers from Cornell University, Technion-Israel Institute of Technology and Intuit.

@Cyber_Security_Channel

Cyber Security News

16 Mar 2024 19:55

Researchers Highlight Google's Gemini AI Susceptibility to LLM Threats

The first vulnerability involves getting around security guardrails to leak the system prompts (or a system message), which are designed to set conversation-wide instructions to the LLM.

This helps it to generate more useful responses, by asking the model to output its "foundational instructions" in a markdown block.

📷: FabricHQ

@Cyber_Security_Channel

Cyber Security News

15 Mar 2024 00:05

Sentra Announces AI Assistant for Cloud Data Security

Security teams can use Sentra Jagger to get insights and recommendations on specific security actions through an interactive, user-friendly interface.

In addition, customizable dashboards can be easily created based on user roles and preferences to optimize visibility into an organization's data.

With Sentra Jagger, users can also make direct queries about Sentra's findings, eliminating the need to navigate through ancillary information or complicated portals.

@Cyber_Security_Channel

Cyber Security News

14 Mar 2024 11:27

Research Explores India's Aadhaar Privacy Safeguards

Biometric authentication is a pattern-matching process that depends on the biological characteristics of humans to verify their identity.

Some well-known biometric traits include fingerprints, faces, iris, retina and palm prints of individuals. In comparison to traditional token-based systems, biometric-based identification has several advantages.

The Government of India (GoI) established the UIDAI (Unique Identification Authority of India) to provide unique identification to all Indian citizens.

The main task of UIDAI is to generate identities for all citizens based on their biometric and demographic data.

@Cyber_Security_Channel

Cyber Security News

13 Mar 2024 12:59

Amex Customer Data Exposed in Third-Party Breach

Credit card information such as American Express card account numbers, names, and expiration dates are at risk, and users should expect follow-up contact from the company if they have more than one American Express card involved in the breach.

@Cyber_Security_Channel

Cyber Security News

11 Mar 2024 18:47

Patch Now: Apple Zero-Day Exploits Bypass Kernel Security

While Apple, true to form, declined to offer additional details, Krishna Vishnubhotla, vice president of product strategy at mobile security provider Zimperium, explains that flaws like these present exacerbated risk to individuals and organizations.

@Cyber_Security_Channel

Cyber Security News

10 Mar 2024 19:11

Biden Acts to Stop Sales of Sensitive Personal Data to China and Russia

The president asked the Justice Department to write rules restricting the sale of information about Americans’ locations, health and genetics to China, Russia, Iran, North Korea, Cuba and Venezuela, as well as any entities linked to those countries.

The restrictions would also cover financial information, biometric data and other types of information that could identify individuals and sensitive information related to the government.

The officials said the countries were using their access to the data for blackmail and surveillance and could employ artificial intelligence to enhance their use of the information.

The White House made the officials available on the condition of anonymity.

@Cyber_Security_Channel

Cyber Security News

09 Mar 2024 17:31

Forget Nvidia: 2 Fantastic Artificial Intelligence (AI) Stocks to Buy Instead

Cyberthreats are a growing concern in the corporate world.

Data breaches not only have severe financial consequences, but they also shatter the trust between companies and their customers.

Attacks are increasing in sophistication with each passing year, and malicious actors are even using tools like generative AI to trick employees into handing over sensitive information through realistic phishing emails and phone calls.

Palo Alto Networks(NASDAQ: PANW) is the world's largest cybersecurity company, and it's applying AI across its product portfolio to deliver advanced protection against modern threats.

DigitalOcean (NYSE: DOCN), on the other hand, is an under-the-radar cloud services provider emerging as an on-ramp to the AI revolution for small and mid-size businesses.

@Cyber_Security_Channel

Cyber Security News

08 Mar 2024 18:54

EDPB Releases Insightful Case Digest on GDPR Security and Data Breach Notifications

The EDPB's thematic case digest not only illuminates the path for improved data protection practices but also fosters a culture of shared learning and cooperation among DPAs and regulated entities.

As organizations digest the rich insights provided, the broader implications for data security and compliance strategies are clear.

This initiative underscores the ongoing commitment to safeguarding personal data and enhancing trust in the digital economy.

@Cyber_Security_Channel

Cyber Security News

23 Mar 2024 06:29

📌 What Goes Behind Every Secure Business?

→ A robust, streamlined, and dependable framework system

Notion ISMS is your all-in-one solution for efficient Information Security Management.

This comprehensive package provides access to ISMS templates…

Seamlessly integrating into your organizational structure.

What do you get?

With this system, you can:

Cyber Security News

22 Mar 2024 07:31

What are Pig Butchering Scams and How Do They Work?

“Jessica’s” victim broke down the scam, how it worked, and how he got roped in.

It began with an introductory text in October that spun into a WhatsApp transcript spanning 271,000 words.

Throughout, he shared his family and financial struggles.

@Cyber_Security_Channel

Cyber Security News

21 Mar 2024 09:17

Top US Cybersecurity Agency Hacked and Forced to Take Some Systems Offline

Part of the Department of Homeland Security, CISA investigates cyber intrusions at federal agencies and advises private critical infrastructure firms on how to bolster their security.

@Cyber_Security_Channel

Cyber Security News

20 Mar 2024 14:19

⚡️France Travail Data Breach Impacted 43 Million People

The company notified the French data protection authority CNIL (Commission nationale de l’informatique et des libertés) and filed a complaint with the judicial authorities.

Cyber_Security_Channel

Cyber Security News

19 Mar 2024 21:50

Stolen ChatGPT Credentials Found for Sale on Dark Web

The development highlights the threats of AI as associated with sensitive organizational data.

Employees often enter classified information or proprietary code in chatbots for work purposes, potentially offering bad actors access to sensitive intelligence.

In addition, ChatGPT-like tools were developed during this period, including WormGPT, WolfGPT, DarkBARD, and FraudGPT, which were used through social engineering and phishing strategies to enable infostealer malware activities.

@Cyber_Security_Channel

Cyber Security News

18 Mar 2024 15:23

Cloudflare Introduces AI Security Solutions

Cloudflare introduced an AI assistant in the Security Analytics section of its dashboard, to help identify anomalies and cyberattacks faster by eliminating the complexity of using multiple tools and filters.

Another AI-powered solution that Cloudflare uses to improve security products is Defensive AI, a framework that leverages data generated by its network to improve protections against threats, including against AI-powered attacks.

Cloudflare products such as Web Application Firewall (WAF), Email Security service, and Zero Trust rely on AI to identify cyberattacks, analyze phishing patterns, and identify anomalies in user behavior to create user risk scoring.

-----

📌 Want us to publish an article about your company/product?

→ Contact: @cybersecadmin (any time)

-----

@Cyber_Security_Channel

Cyber Security News

17 Mar 2024 07:32

Email Security Firms See Over 10X Surge in Email Phishing Attacks Amid ChatGPT’s Emergence

Cybercriminals commonly employ deceptive emails, texts, or social media messages that seem authentic in their phishing attempts.

These methods dupe victims into accessing websites where they unwittingly authorize transactions from their accounts, leading to financial losses.

In response to the growing threat of cybercriminals utilizing generative AI, Edith advocates for proactive use of AI technologies by cybersecurity experts.

Despite efforts by developers like OpenAI, Anthropic, and Midjourney to safeguard against misuse, skilled individuals persist in finding ways to bypass protective measures.

@Cyber_Security_Channel

Cyber Security News

15 Mar 2024 15:31

What to Expect From Salesforce’s Highly Anticipated Einstein Copilot

Einstein Copilot is embedded into Salesforce’s customer relationship management (CRM) applications and can answer queries, summarize content, create new content, interpret conversations, and automate user tasks.

Einstein Copilot is the perfect complement to the Salesforce suite.

This web of tools drives incredible value, and now this unifying feature will no doubt accelerate this value further.

To understand how this value might impact customers, let’s close with a quote from a customer already using the tech.

@Cyber_Security_Channel

Cyber Security News

14 Mar 2024 21:43

German Authorities Take Down ‘Crimemarket’ Cybercrime Website

Three individuals were arrested in North Rhine-Westphalia, including a 23-years old individual believed to be the mastermind behind Crimemarket. Three other suspects were arrested in other regions, the police announced.

@Cyber_Security_Channel

Cyber Security News

13 Mar 2024 22:32

Google's Gemini AI Vulnerable to Content Manipulation

HiddenLayer's tests — largely run on Gemini Pro — are part of ongoing vulnerability research the company has been conducting on different AI models.

As the company's associate threat researcher Kenneth Yeung explains, the vulnerabilities are not unique to Google's Gemini and are present in most LLMs, with varying degrees of impact.

"As with any new technology, there are inherent risks related to the deployment and implementation of LLMs.

These risks can be mitigated with proper awareness and security measures," Yeung says.

@Cyber_Security_Channel

Cyber Security News

13 Mar 2024 02:47

Drugs and Cybercrime Market Busted By German Cops

Police said they’d seized the Crimemarket domain address and are currently studying seized data, documents and evidence, which will be making some users of the marketplace somewhat nervous.

@Cyber_Security_Channel

Cyber Security News

11 Mar 2024 05:28

Google Employee Charged With Stealing AI Trade Secrets

The suspect has been charged with soliciting trade secrets regarding Google’s artificial intelligence technology, specifically information surrounding supercomputing data centers, to AI companies affiliated with the People’s Republic of China.

@Cyber_Security_Channel

Cyber Security News

10 Mar 2024 04:09

AI-driven Attacks Expected to Surge in 2024: Trend Micro

The report underscores that in 2024, a growing number of enterprises will adopt artificial intelligence and machine learning (AI/ML) technologies.

It notes that approximately 69% of IT leaders view the integration of machine learning as a critical operational priority.

Although these technological advancements are anticipated to drive organizational growth, they also pose substantial risks, with bad actors exploiting these innovations to orchestrate attacks.

The report underscores that in 2024, a growing number of enterprises will adopt artificial intelligence and machine learning (AI/ML) technologies.

It notes that approximately 69% of IT leaders view the integration of machine learning as a critical operational priority.

Although these technological advancements are anticipated to drive organizational growth, they also pose substantial risks, with bad actors exploiting these innovations to orchestrate attacks.

@Cyber_Security_Channel

Cyber Security News

09 Mar 2024 06:17

AI Revolutionizes Consumer Tech in 2024: TVs, Cybersecurity, and Beyond

The digital realm is no stranger to the threats posed by sophisticated cyber-attacks.

Biz Bahrain reports a surge in AI-driven cyber-attacks, necessitating the evolution of cybersecurity measures.

AI and machine learning technologies are being harnessed to bolster defenses, predict potential threats, and counteract phishing scams with unprecedented efficiency.

The incorporation of Generative AI and Generative Adversarial Networks marks a proactive approach towards securing digital assets in an increasingly vulnerable cyber landscape.

@Cyber_Security_Channel

Cyber Security News

08 Mar 2024 07:03

IBM Expands Technology Expert Labs In India To Accelerate AI, Cloud, Cybersecurity Adoption

IBM’s India Centre is looking to build capacity and competency in generative AI, data, automation, sustainability, security, cloud and software.

Located in Bengaluru and Kochi, the team of technical experts will help advise, design and deploy technologies for global clients in an attempt to increase return on investment and minimise implementation risks.

According to the Global AI Adoption Index 2023 conducted on behalf of IBM, 33% of surveyed companies reported that limited AI skills and expertise are hindering successful AI adoption, and 22% said that AI projects are too difficult to integrate and scale.

In addition, 35% said that a lack of skills for implementation is a big inhibitor for adopting generative AI.

@Cyber_Security_Channel