Cyber Security News

27 марта 2024 13:42

Chrome’s Standard Safe Browsing Now Has Real-Time URL Protection

By keeping the list server-side, Safe Browsing also avoids scenarios where devices do not have the necessary resources to store the full list, which grows at a rapid pace, or apply updates in a timely manner.

Cyber_Security_Channel

Cyber Security News

26 марта 2024 19:38

UN Adopts Resolution for 'Secure, Trustworthy' AI

The United Nations adopted a resolution concerning responsible use of artificial intelligence, with unclear implications for global AI security.

The US-drafted proposal — co-sponsored by 120 countries and accepted without a vote — focuses on promoting "safe, secure and trustworthy artificial intelligence," a phrase it repeats 24 times in the eight-page document.

The move signals an awareness of the pressing issues AI poses today.

Its role in disinformation campaigns and its ability to exacerbate human rights abuses and inequality between and within nations, among many others.

However, it falls short of requiring anything of anyone, and only makes general mention of cybersecurity threats in particular.

@Cyber_Security_Channel

Cyber Security News

25 марта 2024 18:03

Europe’s World-First AI Rules Get Final Approval From Lawmakers. Here’s What Happens Next

“The AI Act has nudged the future of AI in a human-centric direction, in a direction where humans are in control of the technology and where it — the technology — helps us leverage new discoveries, economic growth, societal progress and unlock human potential,” Dragos Tudorache, a Romanian lawmaker who was a co-leader of the Parliament negotiations on the draft law, said before the vote.

Cyber_Security_Channel

Cyber Security News

25 марта 2024 02:14

Vans Warns Customers of Fraud Risk After Data Breach

Customers were instructed to watch out for emails with embedded hyperlinks, as those could lead to malicious websites.

Moreover, individuals should be wary of email attachments and any suspicious emails, even if they appear to come from people they know.

Cyber_Security_Channel

Cyber Security News

24 марта 2024 06:50

Fast-Growing RA Ransomware Group Goes Global

RA World's continues to use double-extortion tactics.

This gives victims an extra incentive to meet ransom demands by using details of previous victims in their ransom note, according to Trend Micro, which pulled back the veil with specifics of RA World's multistage attack in its post.

@Cyber_Security_Channel

Cyber Security News

22 марта 2024 18:49

Navigating Cyberthreats and Strengthening Defenses in the Era of AI

As we look to secure the future, we must ensure that we balance preparing securely for AI and leveraging its benefits, because AI has the power to elevate human potential and solve some of our most serious challenges.

@Cyber_Security_Channel

Cyber Security News

21 марта 2024 19:08

Apple Gets Loud About AI PCs With New M3-Based MacBook Air

What helped give Apple the confidence to apply this superlative is what it says is the M3’s “faster and more efficient” 16-core Neural Engine, which sits alongside the CPU and GPU on the processor’s die to accelerate machine learning workloads on the device.

The tech giant also pointed to how the unified memory architecture of its M-series chips helps the new MacBook Air and other Macs “run optimized AI models, including large language models and diffusion models for image generation locally with great performance.”

@Cyber_Security_Channel

Cyber Security News

20 марта 2024 22:04

Microsoft Left a Windows Kernel Zero-Day Unpatched for Six Months, Despite Knowing it Was Being Actively Exploited

Avast stated it developed and submitted a custom PoC exploit to Microsoft revealing the significant access the flaw could offer potential threat actors if exploited in the right way in August 2023.

-----

📌 Getting ready for the SC-900 Microsoft Certification Exam?

→ Check this guide for tips, tricks, and best practices.

-----

@Cyber_Security_Channel

Cyber Security News

20 марта 2024 07:35

Infrastructure Cyberattacks, AI-Powered Threats Pummel Africa

"As more advanced technologies become available, cybercriminals will use these to help them become more effective in their cybercriminal tactics and strategies," he says.

"We have seen how the cyber threat landscape continues to evolve, becoming somewhat different every year."

@Cyber_Security_Channel

Cyber Security News

19 марта 2024 02:55

AISecOps: Expanding DevSecOps to Secure AI and ML

Over the past five-plus years, DevSecOps has become a staple of how we develop and secure software through collaboration between software and security teams and by embedding improved security practices into every phase of the development process.

The security challenges presented by AI and ML technologies are complex but not new to us. It’s no silver bullet, but we must utilize the lessons from DevSecOps’ successes and failures.

By applying DevSecOps lessons learned to AISecOps, we can approach these challenges with approaches that elevate the visibility of AI and AI data security and emphasize continuous security, collaboration, secure data practices and security by design.

@Cyber_Security_Channel

Cyber Security News

18 марта 2024 07:53

A New Self-Spreading, Zero-Click Gen AI Worm Has Arrived!

Dubbed Morris II in a nod to the devastating computer worm that took down a sizable chunk of the internet in 1988, the new self-replicating malware uses a prompt injection attack vector to trick generative AI-powered email assistant apps that incorporate chatbots such as ChatGPT and Gemini.

This allows hackers to infiltrate victim emails to steal personal information, launch spam campaigns and poison AI models, according to researchers from Cornell University, Technion-Israel Institute of Technology and Intuit.

@Cyber_Security_Channel

Cyber Security News

16 марта 2024 19:55

Researchers Highlight Google's Gemini AI Susceptibility to LLM Threats

The first vulnerability involves getting around security guardrails to leak the system prompts (or a system message), which are designed to set conversation-wide instructions to the LLM.

This helps it to generate more useful responses, by asking the model to output its "foundational instructions" in a markdown block.

📷: FabricHQ

@Cyber_Security_Channel

Cyber Security News

15 марта 2024 00:05

Sentra Announces AI Assistant for Cloud Data Security

Security teams can use Sentra Jagger to get insights and recommendations on specific security actions through an interactive, user-friendly interface.

In addition, customizable dashboards can be easily created based on user roles and preferences to optimize visibility into an organization's data.

With Sentra Jagger, users can also make direct queries about Sentra's findings, eliminating the need to navigate through ancillary information or complicated portals.

@Cyber_Security_Channel

Cyber Security News

14 марта 2024 11:27

Research Explores India's Aadhaar Privacy Safeguards

Biometric authentication is a pattern-matching process that depends on the biological characteristics of humans to verify their identity.

Some well-known biometric traits include fingerprints, faces, iris, retina and palm prints of individuals. In comparison to traditional token-based systems, biometric-based identification has several advantages.

The Government of India (GoI) established the UIDAI (Unique Identification Authority of India) to provide unique identification to all Indian citizens.

The main task of UIDAI is to generate identities for all citizens based on their biometric and demographic data.

@Cyber_Security_Channel

Cyber Security News

13 марта 2024 12:59

Amex Customer Data Exposed in Third-Party Breach

Credit card information such as American Express card account numbers, names, and expiration dates are at risk, and users should expect follow-up contact from the company if they have more than one American Express card involved in the breach.

@Cyber_Security_Channel

Cyber Security News

27 марта 2024 04:58

South African Pension Fund Attack Admitted by LockBit

Such claims are already under investigation, noted a GEPF spokesperson, who added that the country's Government Pensions Administration Agency initially informed the fund that its systems had been spared from a breach.

Cyber_Security_Channel

Cyber Security News

26 марта 2024 11:23

PixPirate: The Brazilian Financial Malware You Can’t See

To address this new challenge, PixPirate introduced a new technique to hide its icon that we have never seen financial malware use before.

Thanks to this new technique, during PixPirate reconnaissance and attack phases, the victim remains oblivious to the malicious operations that this malware performs in the background.

@Cyber_Security_Channel

Cyber Security News

25 марта 2024 09:17

Everything You Need to Know About the EU's Cyber Solidarity Act

This financial aid is intended to support member state’s providing each other with technical assistance when one is affected by a particularly severe, large-scale cyber incident.

@Cyber_Security_Channel

Cyber Security News

24 марта 2024 21:24

Google Taiwan Boosts AI Talent, Operation Expansion, and Cybersecurity Initiatives

Google’s first step towards bolstering its AI footprint in Taiwan involves enhancing literacy and empowering educators and developers alike.

The company, through its Gemini Academy initiative, aims to equip educators with the necessary tools and knowledge to integrate AI into educational curricula effectively.

-----

📌 Looking for a job in Cyber Security?

→ Join @CyberSecurityJobs for daily vacancies!

-----

Cyber_Security_Channel

Cyber Security News

23 марта 2024 06:29

📌 What Goes Behind Every Secure Business?

→ A robust, streamlined, and dependable framework system

Notion ISMS is your all-in-one solution for efficient Information Security Management.

This comprehensive package provides access to ISMS templates…

Seamlessly integrating into your organizational structure.

What do you get?

With this system, you can:

Cyber Security News

22 марта 2024 07:31

What are Pig Butchering Scams and How Do They Work?

“Jessica’s” victim broke down the scam, how it worked, and how he got roped in.

It began with an introductory text in October that spun into a WhatsApp transcript spanning 271,000 words.

Throughout, he shared his family and financial struggles.

@Cyber_Security_Channel

Cyber Security News

21 марта 2024 09:17

Top US Cybersecurity Agency Hacked and Forced to Take Some Systems Offline

Part of the Department of Homeland Security, CISA investigates cyber intrusions at federal agencies and advises private critical infrastructure firms on how to bolster their security.

@Cyber_Security_Channel

Cyber Security News

20 марта 2024 14:19

⚡️France Travail Data Breach Impacted 43 Million People

The company notified the French data protection authority CNIL (Commission nationale de l’informatique et des libertés) and filed a complaint with the judicial authorities.

Cyber_Security_Channel

Cyber Security News

19 марта 2024 21:50

Stolen ChatGPT Credentials Found for Sale on Dark Web

The development highlights the threats of AI as associated with sensitive organizational data.

Employees often enter classified information or proprietary code in chatbots for work purposes, potentially offering bad actors access to sensitive intelligence.

In addition, ChatGPT-like tools were developed during this period, including WormGPT, WolfGPT, DarkBARD, and FraudGPT, which were used through social engineering and phishing strategies to enable infostealer malware activities.

@Cyber_Security_Channel

Cyber Security News

18 марта 2024 15:23

Cloudflare Introduces AI Security Solutions

Cloudflare introduced an AI assistant in the Security Analytics section of its dashboard, to help identify anomalies and cyberattacks faster by eliminating the complexity of using multiple tools and filters.

Another AI-powered solution that Cloudflare uses to improve security products is Defensive AI, a framework that leverages data generated by its network to improve protections against threats, including against AI-powered attacks.

Cloudflare products such as Web Application Firewall (WAF), Email Security service, and Zero Trust rely on AI to identify cyberattacks, analyze phishing patterns, and identify anomalies in user behavior to create user risk scoring.

-----

📌 Want us to publish an article about your company/product?

→ Contact: @cybersecadmin (any time)

-----

@Cyber_Security_Channel

Cyber Security News

17 марта 2024 07:32

Email Security Firms See Over 10X Surge in Email Phishing Attacks Amid ChatGPT’s Emergence

Cybercriminals commonly employ deceptive emails, texts, or social media messages that seem authentic in their phishing attempts.

These methods dupe victims into accessing websites where they unwittingly authorize transactions from their accounts, leading to financial losses.

In response to the growing threat of cybercriminals utilizing generative AI, Edith advocates for proactive use of AI technologies by cybersecurity experts.

Despite efforts by developers like OpenAI, Anthropic, and Midjourney to safeguard against misuse, skilled individuals persist in finding ways to bypass protective measures.

@Cyber_Security_Channel

Cyber Security News

15 марта 2024 15:31

What to Expect From Salesforce’s Highly Anticipated Einstein Copilot

Einstein Copilot is embedded into Salesforce’s customer relationship management (CRM) applications and can answer queries, summarize content, create new content, interpret conversations, and automate user tasks.

Einstein Copilot is the perfect complement to the Salesforce suite.

This web of tools drives incredible value, and now this unifying feature will no doubt accelerate this value further.

To understand how this value might impact customers, let’s close with a quote from a customer already using the tech.

@Cyber_Security_Channel

Cyber Security News

14 марта 2024 21:43

German Authorities Take Down ‘Crimemarket’ Cybercrime Website

Three individuals were arrested in North Rhine-Westphalia, including a 23-years old individual believed to be the mastermind behind Crimemarket. Three other suspects were arrested in other regions, the police announced.

@Cyber_Security_Channel

Cyber Security News

13 марта 2024 22:32

Google's Gemini AI Vulnerable to Content Manipulation

HiddenLayer's tests — largely run on Gemini Pro — are part of ongoing vulnerability research the company has been conducting on different AI models.

As the company's associate threat researcher Kenneth Yeung explains, the vulnerabilities are not unique to Google's Gemini and are present in most LLMs, with varying degrees of impact.

"As with any new technology, there are inherent risks related to the deployment and implementation of LLMs.

These risks can be mitigated with proper awareness and security measures," Yeung says.

@Cyber_Security_Channel

Cyber Security News

13 марта 2024 02:47

Drugs and Cybercrime Market Busted By German Cops

Police said they’d seized the Crimemarket domain address and are currently studying seized data, documents and evidence, which will be making some users of the marketplace somewhat nervous.

@Cyber_Security_Channel