Protect AI bought one of the world's largest certified naming authorities to create a bug bounty platform focused exclusively on AI and ML open-source software. The acquisition will allow customers to discover exploits in the AI or ML supply chain weeks before they're publicly revealed.
India's defense ministry will replace the Microsoft Windows operating system with a locally built operating system to enhance cybersecurity in the face of persistent cyberattacks. India is also pursuing a set of laws to create the necessary legal space to secure critical infrastructure.
Security researchers from Microsoft disclosed flaws in a software development kit used for industrial applications, warning that hackers could attempt remote code execution. The computer giant says the flaws are in the Codesys software environment developed by the Germany company of the same name.
Public companies disclosing a cyber incident under the new U.S. reporting requirements should focus on the business impact and stay away from the technical pieces, said Venable's Grant Schneider. The disclosure should examine how the incident will affect revenue, profitability and public perception.
German intelligence is warning Iranian expatriates about a state-sponsored espionage campaign driven by individualized social engineering techniques. Iran's authoritarian regime has long surveilled its Western diaspora in campaigns that have included cyberespionage, assassinations and terrorism.
In the latest weekly update, ISMG editors discuss the White House's debut of a $20 million contest to exterminate bugs with AI, a New York man admitting to being behind the Bitfinex hack, and a new malware campaign that is targeting newbie cybercriminals in order to steal sensitive information.
The Philippines follows a shared cyber defense strategy, bringing together government financial institutions with other agencies under the Department of Finance for a cost-effective defense strategy. Land Bank's Archie Tolentino shared how the model works to protect the banking sector.
In an after-action report on how the Lapsus$ crime group hacked "dozens of well-defended companies with low-complexity attacks," the U.S. Cyber Safety Review Board urges organizations to implement more robust two-factor authentication systems, plus regulations to combat SIM swapping.
A nonprofit firm that administers government dental programs in Canada paid a "substantial" ransom for a decryptor key and the destruction of data stolen in a recent ransomware attack. But the company is now notifying nearly 1.5 million individuals that the hack compromised their data.
In this episode of CyberEd.io's podcast series "Cybersecurity Insights," Aaron Cockerill of Lookout discussed the benefits and concerns associated with generative AI and how to solve challenges related to zero-day attacks, misconfigurations, the cyber skills gap and privacy.
Threat actors are taking control of cloud-based Microsoft 365 accounts of C-suite executives using a multifactor authentication phishing tool. Proofpoint researchers say attackers use automation to identify in real time whether a phished user is a high-level profile company official.
Security researchers uncovered a vulnerability in AMD chips that could allow hackers to trick a computer system into leaking data from its kernel. They named the flaw after the 2010 movie "Inception," since both the hacking technique and the film's plot involve planting false ideas into memory.
In the latest "Proof of Concept," Mike Baker, VP/IT CISO at DXC Technology and a CyberEdBoard member, and Chris Hughes, co-founder and CISO at Aquia, join ISMG editors to explore the state of the software supply chain, MOVEit breaches and the role of SBOMs and transparency in software development.
At least 637 organizations have now confirmed that they were affected by the zero-day attack on MOVEit file-sharing servers that began in late May, collectively affecting 41 million individuals, report cybersecurity researchers who've been tracking the impact of Clop's data-theft campaign.
This week, Wall Street fined firms for using WhatsApp, NK hackers breached a Russian missile maker, Ivanti backtracked, ransomware attacks cost manufacturers $46B, a cyberattack shut down Gemini North Observatory, ad fraud targeted Android users and healthcare workers' personal info was breached.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.