Public-private cybersecurity councils urged the healthcare industry to be more expansive in sharing signs of hacking, warning that traditional indicators aren't enough. Fending off hackers requires additional shared data, such as SIEM rules and automated response playbooks.
The fear that ChatGPT could turn a low-sophisticated hacker into a sophisticated adversary is unfounded, said Howard Marshall, global intelligence lead, Accenture Security. He says most hackers lack the expertise and education to create sophisticated malware.
Kroll is warning claimants in three major cryptocurrency bankruptcy cases that hackers obtained their personal data after the attacker convinced a mobile carrier to redirect an employee's phone number to their own device. Hackers appear to have already begun a phishing campaign.
Venture-backed cloud security firm Wiz swallowing up publicly traded endpoint security firm SentinelOne would be one of the most unorthodox and surprising acquisitions the cybersecurity industry has ever seen. But despite the major financial hurdles, the potential technology synergies are obvious.
Ransomware and data exfiltration attacks continue to stick victims with serious bills to cover cleanup, legal and other resulting costs - to the tune of $10.8 million and counting for cloud computing giant Rackspace, for one. Rackspace was hit by the Play ransomware group last year.
A new healthcare-focused research agency is seeking proposals for innovative cybersecurity technologies that can apply a national security approach to protecting this highly targeted civilian industry. Today's off-the-shelf software is falling short, the agency said.
Spain is set to launch Europe's first-ever artificial intelligence regulatory agency as the trading bloc finalizes legislation meant to mitigate risks and ban AI applications considered too risky. Madrid said its goal is to foster AI that is "inclusive, sustainable, and centered on citizens."
Third-party targeting by attackers has intensified due to the interconnectedness of the business world, enabling adversaries to exploit intermediaries for access. With the surge in cloud adoption, visibility in the cloud is paramount, advised Levi Gundert, chief security officer at Recorded Future.
While a significant number of attacks are not yet AI-driven, there's a noticeable shift in the creation of generative malware and lures for business email compromise, warned Ashan Willy, CEO at Proofpoint. LLMs are being used to create enticing lures in foreign languages to target broader audiences.
This week, charges were filed against Tornado Cash founders, the FBI found North Korean bitcoin wallets holding stolen cash, theft occurred in the Exactly and Harbor protocols, Venus Protocol liquidated a hacker's wallet, Terra paused operations, and Thailand threatened Meta over crypto scam ads.
Enterprises have been keenly exploring the potential of generative AI, deploying it to fuel innovation. But stealthy integration of AI features into products already owned by organizations has cybersecurity experts worried, said Jeff Pollard, vice president and principal analyst at Forrester.
AI holds great promise for certain applications in healthcare, particularly around clinical research, but security leaders - and others involved in governance within medical institutions - must be ready for the implications, said John Frushour, CISO of New York-Presbyterian Hospital.
Business email compromise continues to be a significant threat and is one of the most financially damaging online crimes. Attackers continue to innovate and grow in sophistication, which means defenders need to leverage new technology, warned Mike Britton, CISO of Abnormal Security.
Grant Bourzikas shared his experience as the new CISO at Cloudflare, highlighting a 90-day period during which he engaged with customers, internal nonsecurity personnel, executives and his team to gather insights on Cloudflare's security landscape.
Organizations engaged in software production often run their applications and services within cloud environments. CEO Ganesh Pai advocates the "shift-up" approach for enhanced cloud security, which focuses on operational visibility extending from software composition to production workloads.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.co.uk, you agree to our use of cookies.