Author: nlqip
A global stop-payment mechanism created by INTERPOL successfully recovered over $40 million stolen in a BEC attack on a company in Singapore. INTERPOL says this is the largest recovery of funds stolen through a business email compromise (BEC) scam. BEC scams are a type of cyberattack in which cybercriminals attempt to redirect legitimate corporate payments to an…
Read MoreToday, CISA and the Federal Bureau of Investigation (FBI) have released Secure by Demand Guide: How Software Customers Can Drive a Secure Technology Ecosystem to help organizations drive a secure technology ecosystem by ensuring their software manufacturers prioritize secure technology from the start. An organization’s acquisition staff often has a general understanding of the core…
Read More
Black Hat USA 2024 kicks off Aug. 3 at Mandalay Bay in Las Vegas with training sessions, followed by a series of summits on Aug. 6, including the CISO Summit, with sessions on quantifying the cost of cyber risk, navigating regulatory complexity, and rebuilding after a cyber crisis, among others. But the big show rolls…
Read More
The cybersecurity vendor released its technical root cause analysis for the faulty July 19 update that caused a massive Windows outage. CrowdStrike has released further analysis of the faulty July 19 update that caused a massive global IT outage, detailing how testing and staged rollouts of updates should help to prevent such issues in the…
Read More
Security researchers at SafeBreach, led by Alon Leviev, discovered that Windows Updates could be similarly hacked to force a downgrade of the software on Windows PC. The researchers were able to show that attacks carried out using this approach could be crafted to bypass verification steps performed during updates, including integrity verification and Trusted Installer…
Read More
Samsung has launched a new bug bounty program for its mobile devices with rewards of up to $1,000,000 for reports demonstrating critical attack scenarios. The new ‘Important Scenario Vulnerability Program (ISVP)’ program focuses on vulnerabilities related to arbitrary code execution, the unlocking of devices, data extraction, arbitrary application installation, and bypassing device protections. Highlighted payouts…
Read More
As AI usage becomes more prevalent in organizations globally, security teams must get full visibility into these applications. Building a comprehensive inventory of AI applications in your environment is a first step. Read on to learn what we found about AI application-usage in the real world when we analyzed anonymized telemetry data from scans using…
Read More
Are you worried about your credit report? Are you eager for your credit report to be “cleaned-up” so lenders and landlords will have a better opinion of your financial responsibility and creditworthiness? Tempted by internet ads that promise an easy fix to the pecuniary pickle that you find yourself in? If you think that describes…
Read More
Aug 06, 2024Ravie LakshmananEmail Security / Financial Fraud INTERPOL said it devised a “global stop-payment mechanism” that helped facilitate the largest-ever recovery of funds defrauded in a business email compromise (BEC) scam. The development comes after an unnamed commodity firm based in Singapore fell victim to a BEC scam in mid-July 2024. It refers to…
Read More
In episode ten of “The AI Fix” podcast, Graham attempts to say “quinoa”, Mark draws a line in the amper-sand, ChatGPT becomes an expert in solar panels and bomb disposal, and our hosts watch a terrifying tailer for a creepy new AI friend. Graham discovers that the world of AI cookery is a soggy, limey…
Read More