AI Threats to Authentication Lead 2024 Fraud Trends

Suparna Goswami • December 8, 2023

In the future, deepfake technology will have a significant impact on newer forms of authentication such as voice and facial recognition and pose new challenges to defenders, said Ofer Friedman, chief business development officer at AU10TIX, an Israel-headquartered identity verification company.

Standards, Regulations & Compliance

Steve Katz, World's First CISO, Dies in Hospice Care

Latest

Artificial Intelligence & Machine Learning

Europe Reaches Deal on AI Act, Marking a Regulatory First

David Perera • December 8, 2023

EU officials announced a compromise over a regulation on artificial intelligence in the works since 2021, making the trading bloc first in the world to comprehensively regulate the nascent technology. Europe understands "the importance of its role as global standard setter,” said Thierry Breton.

Information Sharing

ISMG Editors: Call for Cooperation at Black Hat Europe 2023

Anna Delaney • December 8, 2023

In this special edition at Black Hat Europe 2023 in London, three ISMG editors cover the highlights of the conference, including a resounding call for better collaboration between government agencies and the private sector, regulatory trends, and the cautionary tale of ex-Uber CISO Joe Sullivan.

Cybercrime

Ukrainian, Polish Authorities Latest Phishing Wave Targets

Mihir Bagwe • December 8, 2023

A threat actor with a history of sending Trojan-laced phishing emails targeted Ukrainian and Polish authorities with emails with the subject lines "judicial claims" and "debts," Ukrainian cyber defenders said Thursday. CERT-UA tracks the threat actor as UAC-0050.

Next-Generation Technologies & Secure Development

'Krasue' Linux RAT Targets Organizations in Thailand

Prajeet Nair • December 8, 2023

Hackers targeted telecommunications companies in Thailand with a Linux remote access Trojan designed to attack different versions of the open-source kernel, researchers say. Dubbed "Krasue," the malware poses a "severe risk to critical systems and sensitive data," says Group-IB researchers.

Artificial Intelligence & Machine Learning

UK Market Regulator Reviews Microsoft's Interest in OpenAI

David Perera • December 8, 2023

The British antitrust authority is conducting a preliminary review of Microsoft's interest in OpenAI. The agency will examine whether the companies' partnership means Microsoft has material influence or whether it in effect controls more than half of OpenAI voting rights.

Artificial Intelligence & Machine Learning

How a CEO Runs a Company in Wartime

Steve King • December 8, 2023

Yossi Appleboum, CEO of Sepio Systems in Israel, discusses the international support for Israel in the Israel-Hamas war and what his employees are doing to support the war effort, how the war is affecting Sepio Systems' performance and how generative AI can be "not a tool but a member of your team."

Cybercrime

Breach Roundup: Meta Debuts Messenger End-to-End Encryption

Anviksha More • December 7, 2023

This week, Meta debuted end-to-end encryption on Messenger, AeroBlade cyberespionage targeted U.S. aerospace, Trojan-Proxy threatened cracked apps, Tipalti investigated a ransomware attack, a Pennsylvania hospital faced lawsuits, Nissan probed a cyber incident and the U.S. FCC teamed up with states.

Training & Security Leadership

Microsoft CISO, Deputy CISO Reassigned in Management Shakeup

Cal Harrison • December 7, 2023

Microsoft has demoted its CISO after 14 years on the job, reassigned its deputy CISO and named Igor Tsyganskiy - a former CTO at Bridgewater Associates who just joined Microsoft four months ago as chief strategy officer - as its new chief information security officer.

Cyberwarfare / Nation-State Attacks

UK and US Accuse Russian FSB of 'Hack and Leak' Operation

David Perera • December 7, 2023

The U.K. government accused Russia's domestic intelligence agency of running a yearslong campaign to interfere in British politics. U.S. federal prosecutors unsealed a criminal indictment against two FSB agents, accursing them of phishing campaigns against national security government employees.

Artificial Intelligence & Machine Learning

EU AI Act Talks Drag on Past Expected End Date

Akshaya Asokan • December 7, 2023

European lawmakers and officials failed to hammer out a compromise regulation on artificial intelligence after two days of talks that stretched over 22 hours and were intended to culminate in a Thursday settlement. The European Union has been at work on the Artificial Intelligence Act since 2021.

Blockchain & Cryptocurrency

Cryptohack Roundup: Bitzlato Boss Admits to Laundering Money

Rashmi Ramesh • December 7, 2023

This week, a Bitzlato co-founder pleaded guilty to money laundering charges, a federal judge accepted ex-Binance chief's guilty plea, thieves stole $363M in crypto this November, KyberSwap looks to compensate hack victims, Platypus hackers walked free, and Velodrome and Aerodrome were hacked again.

Cybercrime

Ransomware, Vendor Hacks Push Breach Number to Record High

Marianne Kolbasuk McGee • December 7, 2023

The number of data breaches in the U.S. has hit an all-time high, amid mounting attacks against third-party vendors and aggressive ransomware attacks, says a report from Apple and a Massachusetts Institute of Technology researcher. Breaches have more than tripled between 2013 and 2022.