In the latest weekly update, ISMG editors discussed why crypto-seeking drainer scam-as-a-service operations are thriving, a novel legal move that recovered a hospital's stolen data, and a ground-breaking case involving bitcoin that could streamline recovery for victims.
Generative AI, once a buzzword, is now the subject of a focused approach, according to attorney Edward Machin of Ropes & Gray LLP. Organizations are prioritizing specific issues around gen AI and establishing governance frameworks from the outset, Machin said.
Researchers uncovered a critical vulnerability in graphic processing units of popular devices that could allow attackers to access data from large language models. They dubbed the vulnerability LeftoverLocals and said it affects the GPU frameworks of Apple, AMD and Qualcomm devices.
Arati Prabhakar, director of the White House's Office of Science and Technology Policy, said during an event at the 2024 World Economic Forum that generative artificial intelligence has the potential to "dramatically accelerate and amplify the erosion of information integrity."
A U.S. federal agency tasked with ensuring the secure transportation of energy and hazardous materials is launching a series of initiatives to address an increase in cyberattacks, a top official said. Watchdogs have warned for years that action is urgently needed to better protect U.S. pipelines.
Hackers aligned with the Iranian state are masquerading as journalists to target Middle East experts and deploy a new custom backdoor that supports the Iranian government's spying agenda. Tehran may be harvesting perspectives on the Israel-Hamas conflict, according to Microsoft.
The United States has no national ID - but mobile driver's licenses could offer a secure, user-centric and privacy-enhancing alternative for online identity verification and help organizations overcome deficiencies in digital identity infrastructure, said Jeremy Grant, managing director at Venable
The American Hospital Association is warning of increasingly sophisticated social engineering scams targeting hospital IT help desks with schemes involving the stolen credentials of revenue cycle and other finance employees to commit payment fraud against the institutions.
This week, Microsoft expanded plans to store EU citizens' data locally, shipping-themed phishing spam is a threat, the British Library overcame a ransomware setback, the FBI warned of Androxgh0st malware, Remcos RAT targeted South Korea, and eBay was fined $3 million for a cyberstalking campaign.
This week, the U.S. SEC assessed its X account hack, attackers stole $3.3M from Socket, Do Kwon got a new trial date, Alex Mashinsky sought to dismiss charges, Google Play Store removed crypto apps for India users, IRS clarified crypto asset reporting and South Korea mulled crypto mixer legislation.
Ireland - home to the European headquarters of a throng of multinational tech companies - is responsible for the greatest amount of aggregate data protection fines - 2.9 billion euros - since the European Union General Data Protection Regulation went into effect.
A Russian domestic intelligence agency hacking group known for long-lasting logon credential phishing campaigns against Western targets is now deploying malware embedded into PDFs, say security researchers from Google. "Coldriver" is using a family of backdoors Google dubs Spica.
A federal judge said he is inclined to let proceed a putative class action lawsuit against Meta over its gathering of data from medical center patient portals through a web activity tracking tool. U.S. District Judge William Orrick for the District of Northern California heard arguments.
The U.S. Cybersecurity and Infrastructure Security Agency is warning critical infrastructure owners and operators about the dangers associated with the increasing reliance on Chinese unmanned aircraft systems, warning their use in CI sectors "risks exposing sensitive information to PRC authorities."
OpenAI said it is taking steps to prevent use of its models in online influence operations throughout the 2024 election season, amid growing concerns about election security and increasing fears that political deepfakes and AI-generated election misinformation could significantly disrupt democracy.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.