North Korea's Lazarus hackers exploited a Windows AppLocker driver zero-day to gain kernel-level access and turn off security tools that could detect the group's bring-your-own-vulnerable-driver exploitation techniques. Microsoft fixed the bug in its February patch dump.
This week, progress was made in the FTX case, a hacker testified in the Bitcoin Fog case, an Axie Infinity co-founder and a MicroStrategy account were hacked, the KyberSwap hacker moved funds, the EU has a new AMLA office, and Aleo was breached.
The U.S. presidential election is still eight months away, but the FBI is already seeing its share of cyberattacks, nation-state threats and AI-generated deepfakes. According to FBI Agent Robert K. Tripp, "We're no longer considering threats as a what-if situation; it's happening now."
Is Moscow using the Russian-speaking LockBit ransomware group as a tool to disrupt critical infrastructure and democracy in the West? While no publicly available evidence reveals direct ties, what are the chances that the prolific, trash-talking group has escaped authorities' attention - or demands?
Chinese threat actors are continuing to persist after exploiting the recent Ivanti Connect Secure VPN vulnerability even after factory resets, system upgrades and patches. The threat actor, UNC5325, is adept at "living off the land" techniques, warned threat intelligence firm Mandiant.
Microsoft once again finds itself in the crosshairs of antitrust regulators, this time for practices around its Entra ID identity management tool. The European Commission is probing whether Microsoft prevents customers from buying security software that competes with its own, The Information said.
Has the U.S. created the wrong war machine? Developing and deploying advanced military technologies involves balancing the desire to improve national security with the need to navigate the ethical, strategic and existential challenges these technologies present.
Cybersecurity researchers identified a suspected Iranian espionage campaign targeting aerospace, aviation and defense industries across the Middle East. Hackers targeted employees within the aviation and defense sectors with fake job offers for tech and defense-related positions.
The European competition regulator will examine a partnership between Microsoft and French artificial intelligence startup Mistral AI for potential anti-competitive effects. Microsoft announced Monday that it has entered a $16.3 million, multiyear partnership with the firm.
It pays to be nice, even to an inanimate chunk of code masquerading as a conversation partner, find Japanese researchers from Tokyo's Waseda University who investigated the performance of large language models under conditions ranging from rudeness to obsequiousness.
In the latest "Proof of Concept," Jeff Brown, CISO for the state of Connecticut, and Lester Godsey, CISO for Maricopa County, Arizona, join ISMG editors to discuss AI-related threats to election security, safeguarding against cyber and physical threats and coordinating efforts for complete security.
Microsegmentation is a fundamental concept in zero trust security, but CISOs should assess its feasibility before diving in. This is particularly true in a public cloud environment where there is no real network policy, said David Holmes, principal research analyst at Forrester.
Carbon Black won't be getting a new residence anytime soon after indications of interest in the organization fell short of Broadcom's expectations. The semiconductor giant had been looking to fetch $1 billion for the security firm - including debt - but offers at that dollar figure remained elusive.
In late 2023, the debut of ISO/IEC 42001 marked a major advance in AI standards, offering a systematic framework for AI management. Avani Desai of Schellman sees it as a "paradigm shift" that emphasizes managing AI-specific risks that are distinctly different from traditional concerns.
Nearly 1,000 artificial intelligence and technology experts globally have called for regulation around deepfakes to mitigate risks including fraud and political disinformation that could cause "mass confusion." The letter comes on the heels of a 400% spike in deepfake content in the past four years.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.