The European Commission is proposing to spend more than 1 billion euros on cybersecurity operations centers amid long-standing worries that cyberthreats against the members of the continental alliance go undetected, concerns made more urgent by Russia's invasion of Ukraine.
In the latest weekly update, Venable's Grant Schneider joins ISMG editors to discuss takeaways from the RSA Conference 2023, the state of software supply chain security post-SolarWinds, safeguards to prevent unintended adverse impacts of AI, and whether AI could be used to write and digest SBOMs.
When Russia launched its all-out war against Ukraine in February 2022, many cybersecurity watchers feared ransomware groups would serve as a proxy force. But Moscow doesn't appear to have deputized cybercrime-driven crypto-locking malware brigades.
Social media giant Meta took down hundreds of fake Facebook and Instagram accounts used by South Asia advanced persistent threat groups to glean sensitive information and coax users into installing malware. It found activity by threat actors affiliated with India and Pakistan.
Cybersecurity expert Mikko Hypponen recently got sent "LL Morpher," a new piece of malware that uses OpenAI's GPT to rewrite its Python code with every new infection. While more proof-of-concept than current threat, "the whole AI thing right now feels exciting and scary at the same time," he said.
An Idaho federal court dismissed the U.S. Federal Trade Commission's lawsuit against data analytics vendor Kochava in a bid by the agency to permanently stop the company from selling geolocation data collected from mobile devices. The agency can file an amended complaint within 30 days.
Pharmaceutical giant Merck's insurers must cover the company's losses involving the 2017 NotPetya malware attack because the "all-risks" property insurance policies' "hostile warlike" exclusions do not apply to the incident, ruled a New Jersey appellate court this week.
Organizations must extend identity protection beyond employees to safeguard contractors, supply chain partners, software bots and intelligent devices, said SailPoint CEO Mark McClain. Businesses struggle to keep up with what applications or data non-employee or non-human identities need access to.
AI Trust Risk and Security Management - AI TRiSM - is a new Gartner research category, and distinguished analyst Avivah Litan is assigned to it. She discussed today's AI attack surface, including attacks that use AI as well as attacks against it and trends to watch in the second half of 2023.
Joe Sullivan, the former chief security officer of Uber, will not spend time in prison for his role in impeding a federal investigation into the ride-hailing company's security practices. His sentence is three years of probation and a $50,000 fine.
Network segmentation and microsegmentation are ways to contain cyberattacks and prevent lateral spreading. Within the cloud, network segmentation ties into zero trust. Yet the diversity of information systems with different levels of criticality poses a challenge to implementing zero trust.
2023 is the year of exposure, said Cyentia Institute's Wade Baker. Exposure dominated Cyentia research this year, and many breaches were linked to mistakes in vulnerability management and poorly managed identities. Organizations are struggling with prioritizing hardware and software vulnerabilities.
Generative AI tools such as ChatGPT have created quite a buzz. Cybersecurity defenders are excited about the prospect of simplifying coding but are concerned about security and privacy issues. SentinelOne’s Milad Aslaner said security teams should get to know emerging AI - before the criminals do.
Companies have taken a hatchet to their "innovation budget" amid economic headwinds, making it difficult for startups to hit their sales projections, said Momentum Cyber's Dino Boukouris. Long sales cycles for early-stage startups have resulted in them burning through cash faster than anticipated.
Complexity has made it tough for organizations to be secure and efficient, which is driving many customers to look at vendor consolidation, said Palo Alto Networks President BJ Jenkins. Organizations that deploy a lot of point solutions are stuck finding a way to make all the products work together.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.