This week: Amazon settled privacy and cybersecurity investigations with the U.S. FTC, SAS received a $3 million extortion demand and apparently Ukrainian hacktivists penetrated Russia's Skolkovo Foundation. Plus, breaches at Onix Group and Toyota and a warning about Salesforce "ghost sites."
Hackers have exploited a critical zero-day vulnerability in Progress Software's managed file transfer offering in several customer environments. Progress warned of a critical SQL injection vulnerability in MOVEit Transfer that allows for "escalated privileges and potential unauthorized access."
In the days between May 26 and June 1, Tornado Cash validators regained control, Tron patched a bug that could be exploited for $500 million, Binance said it will delist privacy coins in four European countries, Coinbase settled insider trading charges and Hong Kong police joined the metaverse.
In this episode of "Cybersecurity Insights," Rodrigo Liang of SambaNova Systems discusses what he calls "the fastest industrial revolution we've seen." The topic, of course, is generative artificial intelligence, and Liang considers whether businesses should embrace it or hold back.
Former members of the defunct Conti ransomware group are continuing to ply their trade under a variety of other guises, including Royal and Black Basta. Thanks to their agile and innovative approaches, post-Conti operations are "stronger than ever," one ransomware expert reports.
Artificial intelligence poses a global risk of extinction tantamount to nuclear war and pandemics, say a who's who of artificial intelligence executives in an open letter that evokes danger without suggesting how to mitigate it. Among the signatories are Sam Altman and Geoffrey Hinton.
Cisco plans to make its third tuck-in cybersecurity acquisition of 2023 to protect email, cloud office applications and enterprise communications through natural language understanding. Cisco will take advantage of Armorblox's predictive and generative AI to help customers bolster their security.
Ukrainian cyber defenders warn users for the second time this month to be aware of financially motivated phishing campaigns that load the SmokeLoader malware onto computers. Hackers behind UAC-0006 typically target computers used by accountants and look for banking and credential data.
A community hospital and its clinics in rural Idaho are diverting ambulances and some patients to other facilities as the entities recover from a cyberattack discovered on Monday. The incident spotlights ongoing healthcare sector cyber challenges, especially in rural communities.
Cisco Security Executive Vice President and General Manager Jeetu Patel said the industry struggles to address multifaceted attacks that originate in email and include bad links, malware downloads to a device and more. Cyber defenders need correlated data from multiple sources of telemetry, he said.
Amazon agreed to pay $5.8 million to settle a Federal Trade Commission investigation into allegedly poor cybersecurity practices by its Ring home surveillance device subsidiary. The company is also poised to come under two decades' worth of outside reviews of a mandated data and security program.
Change management is a critical part of a robust API management program, said Shaam Farooq, vice president of technology at Atlas Energy Solutions and a CyberEdBoard member. Team members must review and approve changes as they happen and communicates those changes across IT and OT security teams.
A recently emerged threat actor dubbed Dark Pink is updating its custom tool set in a bid to evade detection while expanding its operations to new Southeast Asian targets. Threat intel firm Group-IB counts 13 total victims of Dark Pink, which first became active in mid-2021.
Barracuda Networks is warning that a zero-day vulnerability that it recently discovered and patched in its Email Security Gateway appliances appears to have been exploited since October 2022. Attackers used the flaw to gain persistent remote access to networks and exfiltrate data, it said.
In this episode of "Cybersecurity Insights," Chen Burshan and Amir Shachar of Skyhawk Security discuss how they integrated generative AI into their threat detection process and significantly increased the speed and lowered the costs of detecting breaches based by focusing on anomalous activity.