Cyber Security News

01 May 2024 04:57

Quantum-Proof Encryption May not Actually Stop Quantum Hackers

Quantum computers threaten to one day crack the widely used encryption algorithms that keep banking, email and other data safe, so researchers having been working to develop “post-quantum” algorithms to replace them.

Many of these are based on “lattice problems”, an area of mathematics that involves regular patterns, or lattices, in space.

Cyber_Security_Channel

Cyber Security News

30 Apr 2024 07:55

3 Steps Executives and Boards Should Take to Ensure Cyber Readiness

A company's response to a crisis is a direct reflection of its preparedness.

Rather than focus solely on what happens during and after a cyber incident, executives and leadership teams must first understand that the period preceding an event is most critical.

Cyber_Security_Channel

Cyber Security News

29 Apr 2024 09:10

Web3 Game Developers Targeted in Crypto Theft Scheme

"The targeted nature of this campaign suggests that threat actors may perceive Web3 gamers as having a more acute vulnerability to social engineering, due to an assumed trade-off in cyber hygiene — meaning that Web3 gamers may have fewer protections in place against cybercrime — in the pursuit of profit," according to the report.

Cyber_Security_Channel

Cyber Security News

28 Apr 2024 09:14

Critical Infrastructure Security: Observations From the Front Lines

However, as someone who works on the front lines of critical infrastructure security, I believe that, rather than panicking about Volt Typhoon and the threats the group represents, we should focus on several positives.

Cyber_Security_Channel

Cyber Security News

27 Apr 2024 06:42

Google Cloud Unveils Custom Arm AI Chip. Nvidia Stock Falls

Google Cloud offers our AI Hypercomputer, an architecture that combines our powerful TPUs, GPUs, AI software and more to provide an efficient and cost effective way to train and serve models.

Cyber_Security_Channel

Cyber Security News

25 Apr 2024 22:50

LastPass Users Hit by Major Phishing Scam: Master Passwords Breached

One of LabHost’s main services was to help hackers create a fake website that looked just like the legitimate one so that users could be tricked into entering their login credentials.

That’s exactly what happened in this scenario with LastPass.

Cyber_Security_Channel

Cyber Security News

25 Apr 2024 06:07

Hackers Are Using Windows Script Files to Spread Malware and Wwerve Antivirus Software

WSF files used in the attack were uploaded to a number of malicious domains controlled by the hackers, but Schläpfer was unable to identify how victims were being lured to the dangerous URLs, speculating spam or a malvertising campaign.

The file contains the malicious script as well as long strings of ‘junk characters’ used to try and conceal the real threat.

The script itself is heavily obfuscated too, where all functions and variables are encoded and decoded using an array.

Cyber_Security_Channel

Cyber Security News

24 Apr 2024 02:48

SentinelOne Announces Purple AI for Enhanced Cybersecurity Efficiency

Purple AI is a significant upgrade in the cybersecurity landscape.

It makes threat hunts, investigations, and responses faster and simpler, empowering security teams to deliver enhanced defence, savings, and efficiency.

Purple AI is packed with features far surpassing those of a conventional security chatbot or console search box.

It facilitates complex query simplification and streamlines investigations using natural language translations, and it allows analysts to have a normalised view of native and partner data.

The platform also aids in the discovery and mitigation of hidden risks using pre-populated Purple AI Threat Hunting Quick Starts for single-click investigations.

Cyber_Security_Channel

Cyber Security News

23 Apr 2024 02:09

Regulation Remains the Strongest Multiplier to Cybersecurity Growth

The rise of AI has also been increasing and has greatly affected the way cybersecurity could be enhanced at the same time allowing cyber criminals well-versed with AI to launch more sophisticated attacks against their victims and making themselves harder to detect and defend against.

The Internet of Things (IoT) vulnerabilities have also been increasing. According to Statista, the number of IoT devices exceeded 15 billion in 2023.

Cyber_Security_Channel

Cyber Security News

21 Apr 2024 06:05

❤️ Thank You for 50,000 Subscribers on the Telegram News Channel!

↳ Special Competition...

-----

🫶 Dear community members,

We are super grateful for every one of you =)

At the end of the day, you make all of this possible and provide us with motivation!

-----

To celebrate, we are launching an exclusive contest!

🛠 How Does It Work?

1. You will receive a personal invite link to our News Channel.

2. Main goal: get as many people to join @Cyber_Security_Channel with your custom link.

3. Participant with the largest number of subscribers who followed our channel through their link will receive a prize.

🙋‍♂️ How To Participate?

1. Message @cybersecadmin:

→ “I want to participate in the Special Competition”

2. Pick up a custom invite link to our News Channel.

3. Start inviting new subscribers, get as many people as you can to enter the community through your link.

4. Be active for 30 days, compete for a Mystery Prize!

-----

⚡️Ready to Join the Fun?

→ Let us know: @cybersecadmin

Good luck!

Cyber Security News

20 Apr 2024 11:57

GDPR in the Age of AI Raises a “Data Dilemma” for Enterprises

The process of data minimization is similarly restrictive to the AI supply chain, in that it demands that those collecting data only gather the minimum amount of data needed to deliver a service.“

Aligning with emerging regulations like DORA, which focuses on data security and resilience, is also crucial.

As AI evolves, fostering a synergy between innovation, data protection practices (like GDPR), and responsible regulations like DORA will be vital for its future,” he added.

Cyber_Security_Channel

Cyber Security News

19 Apr 2024 09:07

Banking Giant Wells Fargo Suffers Data Breach, Sends Two Notification Letters

In the breach notification letter, the banking giant claims to be “taking measures to monitor (customer) account(s) for suspicious events or changes, and is continually reviewing security measures to reduce the likelihood of this happening in the future”.

Cyber_Security_Channel

Cyber Security News

18 Apr 2024 11:52

Optiv Expands Strategic Alliance with Google Cloud to Deliver World-Class Cybersecurity Expertise

The Optiv and Google Cloud alliance brings clients:

• End-to-end SecOps transformation
• Scalable security operations solutions
• Third-party solutions through Google Cloud Marketplace

Sunil Potti, general manager and vice president of cloud security, Google Cloud, added, "Our partnership with Optiv combines the technology, people, and process necessary to make security as pervasive as possible and materially less complex.

Our globally recognized cybersecurity offerings including Chronicle Security Operations powered by our advanced AI services, coupled with Optiv's end-to-end expertise, from strategy to execution, enables clients to transform their businesses forward, safely

Cyber_Security_Channel

Cyber Security News

17 Apr 2024 21:02

Misconfigured SaaS Applications Led to the Home Depot Data Breach, and Experts Say it’s no Surprise

Tim Bach, senior VP of security engineering at AppOmni, said while the rapid identification of the incident as the result of a SaaS misconfiguration was impressive, the fact this was the source of the breach was far from surprising.

Cyber_Security_Channel

Cyber Security News

16 Apr 2024 20:55

Palo Alto Networks and Google Cloud Expand Partnership to Revolutionize Cybersecurity with AI

Palo Alto Networks is the world's cybersecurity leader. We innovate to outpace cyber threats, so organizations can embrace technology with confidence. We provide next-gen cybersecurity to thousands of customers globally across all sectors.

Our best-in-class cybersecurity platforms and services are backed by industry-leading threat intelligence and strengthened by state-of-the-art automation.

Whether deploying our products to enable the Zero Trust Enterprise, responding to a security incident, or partnering to deliver better security outcomes through a world-class partner ecosystem, we're committed to helping ensure each day is safer than the one before. It's what makes us the cybersecurity partner of choice.

Cyber_Security_Channel

Cyber Security News

30 Apr 2024 18:39

DDoS Attacks Are Still Growing and There Are New Threats On the Horizon

In aggregate, HTTP DDoS attacks remain (just about) the leading form of attacks, accounting for 37% of all DDoS attacks.

DNS DDoS attacks make up 33%, and the remaining 30% is left for all other types of L3/4 attacks, such as SYN Flood and UDP Floods.

Cyber_Security_Channel

Cyber Security News

29 Apr 2024 20:17

Growing macOS Adoption Opens the Door to Increasingly Sophisticated TCC-based Attacks

The report noted that growing numbers of businesses are adopting Mac systems and that this increased corporate market share is inviting an increased volume of attacks.

Cyber_Security_Channel

Cyber Security News

28 Apr 2024 21:56

FBI Warns of Massive Toll Services Smishing Scam

The FBI also recommended anyone receiving similar messages to check their account on the legitimate toll service’s website or call its customer service number, to see if they do indeed owe money or not.

Cyber_Security_Channel

Cyber Security News

27 Apr 2024 17:29

AT&T Confirms Data Breach Affecting Over 51 Million Customers

TechCrunch reported a subset of the leaked data had first surfaced online three years ago, but AT&T did not take any significant action at that time.

It was only after the complete dataset was published that the company acknowledged the breach and began taking steps to mitigate the potential risks to its customers.

Cyber_Security_Channel

Cyber Security News

26 Apr 2024 17:09

Apple’s New iOS 18 AI Plans—What To Know About Data Privacy

The iOS 18 rumor mill has been in full swing for months now, with other iPhone features including design changes and a more customizable home screen.

Meanwhile, Apple Maps is adding support for customizable routes and messaging standard RCS will be added to iPhones.

At least one of the new iOS 18 AI features—Encrypted Visual Search—seems to have security at its core and this is very typical of Apple.

I expect to see a bunch of AI features on your iPhone when iOS 18 launches this year, but I do think Apple will carefully consider security and privacy.

After all, it has a reputation to protect.

Cyber_Security_Channel

Cyber Security News

25 Apr 2024 14:01

Simbian Emerges From Stealth With $10 Million to Build Autonomous AI-Based Security Platform

Simbian is focusing on the economic benefit of automated security rather than the full potential benefit of autonomous security.

“Users provide their goal and business context in natural language,” says the firm, “and Simbian’s patent-pending LLM-powered platform provides personalized recommendations and generates automated actions across heterogeneous environments.”

The argument is that human experts will be relieved from tedious tasks, and business will need fewer of those expensive humans.

Cyber_Security_Channel

Cyber Security News

24 Apr 2024 18:36

DuckDuckGo Launches Privacy Pro: A New Subscription Service Focused on Enhanced Online Privacy

DuckDuckGo’s decision to offer Privacy Pro stems from its commitment to user privacy, aligned with its business ethos.

The company has traditionally provided several privacy tools for free, funded by non-intrusive advertising.

However, some advanced features like a VPN require more resources, justifying the move towards a paid subscription model.

This approach allows DuckDuckGo to maintain its privacy-focused offerings while introducing enhanced capabilities that necessitate additional investment in infrastructure and technology.

Cyber_Security_Channel

Cyber Security News

23 Apr 2024 15:24

Meta AI Restricts Election-Related Responses in India to Combat Misinformation

However, there are also significant potential downsides to the use of AI in elections. Malicious actors could exploit AI to spread misinformation or disinformation about candidates or issues.

This could be done by creating fake social media accounts or websites that propagate false information about candidates.

AI could also be used to target voters with misleading or manipulative advertising, designed to exploit their fears or biases.

Cyber_Security_Channel

Cyber Security News

22 Apr 2024 06:37

What is Data Protection as a Service (DPaaS)

DPaaS is available through many backup vendors, large public cloud providers, managed service providers and traditional infrastructure vendors that provide storage as a service (STaaS).

Cyber_Security_Channel

Cyber Security News

20 Apr 2024 23:46

Top MITRE ATT&CK Techniques and How to Defend Against Them

For defenders looking to allocate limited attention and resources, here are just some of the most common ATT&CK techniques, and how to defend against them.

Cyber_Security_Channel

Cyber Security News

19 Apr 2024 21:29

Scientists Install Encryption Shield to Protect Advanced Chinese Quantum Computer From Attack

The new methods are to replace the conventional public-key cryptography system, which could be vulnerable in the face of quantum computers with powerful computing capabilities.

The next year, the company delivered the 24-qubit Wuyuan second-generation machine – the country’s first practical quantum computer – making China the third country capable of delivering a complete quantum computing system after Canada and the United States.

Cyber_Security_Channel

Cyber Security News

18 Apr 2024 20:44

LG Smart TVs at Risk of Attacks, Thanks to 4 OS Vulnerabilities

They impact webOS 4.9.7-5.30.40 running on LG43UM7000PLA, webOS 5.5.0-04.50.51 running on OLED55CXPUA, webOS 6.3.3-442 (kisscurl-kinglake)-03.36.50 running on OLED48C1PUB, and webOS 7.3.1-43 (mullet-mebin)-03.33.85 running on OLED55A23LA.

Cyber_Security_Channel

Cyber Security News

18 Apr 2024 00:55

2024 Expectations From the SEC on AI, Cybersecurity and ESG

Organizations will likely remain hesitant to publicize at an early stage whether an incident has a significant impact on current or future revenues and it may take time for them to factor in reputation risk and loss of customer or investor trust into their determinations.

It is possible that the SEC will continue to interpret poorly considered or excessively risk-averse communications strategies as misrepresentations, meaning that organizations must have effective strategies in place ahead of an incident.

The SEC’s new climate disclosure rule has attracted legal and political challenges,8 given the current politicization of ESG.

These challenges will test how much climate information the SEC can require from companies under their existing legal authority.

Cyber_Security_Channel

Cyber Security News

17 Apr 2024 07:43

Google Survey: 63% of IT and Security Pros Believe AI Will Improve Corporate Cybersecurity

The advent of AI in cybersecurity marks a transformative era in the realm of digital defense, bringing a blend of promising breakthroughs and intricate challenges," the researchers wrote in their survey.

"AI has the potential to be a vital ally in bolstering security defenses, identifying emerging threats, and facilitating swift responses.

Cyber_Security_Channel

Cyber Security News

16 Apr 2024 08:37

GDPR, EU AI Act Will Overlap as Businesses Face Enforcement

DPAs function as independent public authorities that monitor and enforce the EU's data protection law, which governs data privacy and security and grants data rights to individuals.

While the GDPR focuses on data, DPAs can pursue investigations tied to technology such as artificial intelligence.

The newly adopted EU AI Act provides more comprehensive AI regulation, asking companies to categorize their AI systems into different risk levels and produce impact assessments.

The EU AI Act also asks member states to establish governing bodies to oversee the law's implementation.

Meanwhile, DPAs have already brought multiple AI-related enforcement actions against companies under the GDPR, and some DPA members are advocating that the DPAs should serve as EU AI Act enforcers as well, given how the GDPR and the EU AI Act could overlap in some ways.

Cyber_Security_Channel