Category: AI in news
A phishing exercise conducted by the IT department of the University of California Santa Cruz (UCSC) has backfired, after causing unnecessary panic amongst students and staff. On the morning of Sunday August 18 2024, an email was sent out by the University’s IT team in what its Student Health Center described as an attempt to…
Read More
To deal with this issue, the OWASP Foundation was launched in 2001. “The initial goal of OWASP was to create a platform where security experts could share knowledge, tools, and best practices to improve web application security,” says Jim Mercer, program vice president, software development, DevOps, and DevSecOps at IDC. And as cyber practitioners scramble…
Read More
Aug 28, 2024Ravie LakshmananWordPress Security / Website Protection A critical security flaw has been disclosed in the WPML WordPress multilingual plugin that could allow authenticated users to execute arbitrary code remotely under certain circumstances. The vulnerability, tracked as CVE-2024-6386 (CVSS score: 9.9), impacts all versions of the plugin before 4.6.13, which was released on August…
Read More
State-sponsored Chinese hackers exploited a zero-day vulnerability in Versa Director, a software platform for managing SD-WAN infrastructure used by internet service providers (ISPs) and managed service providers (MSPs). The group, known in the security industry as Volt Typhoon, has targeted US critical infrastructure organizations in the past. “Black Lotus Labs has observed the zero-day exploitation…
Read More
Under E2EE, decryption keys are stored only on devices, meaning that governments can’t eavesdrop on what is being said by demanding the keys from service providers. Not surprisingly, governments hate this, leading to the suggestion in countries such as the US and UK that the technology might be outlawed at some point. Ironically, Telegram doesn’t…
Read More
In episode 13 of “The AI Fix””, meat avatar Cluley learns that AI doesn’t pose an existential threat to humanity and tells meat avatar Stockley how cybersex is about to get very, very weird. Our hosts also learn that men lie on their dating profiles, hear ChatGPT steal somebody’s voice, and discover an AI that…
Read More
Artificial Intelligence (AI) has long been recognized for its role in detecting phishing attempts, but its capabilities extend far beyond that. With the rise of sophisticated cyber threats, AI has evolved to identify complex and subtle threats, predict attack patterns, and automate responses to emerging risks, significantly enhancing email security. AI is one of the…
Read More
The China-nexus cyber espionage group tracked as Volt Typhoon has been attributed with moderate confidence to the zero-day exploitation of a recently disclosed high-severity security flaw impacting Versa Director. The attacks targeted four U.S. victims and one non-U.S. victim in the Internet service provider (ISP), managed service provider (MSP) and information technology (IT) sectors as…
Read More
The cloud, artificial intelligence (AI), machine learning and other technological breakthroughs are radically changing the modern work environment. New assets and services offer increased flexibility, growth potential and access to more resources. However, they also introduce new security risks. Managing vulnerabilities across this ever-expanding threat landscape requires a risk-based approach beyond point solutions and reactive…
Read More
Empowering K-12 schools and libraries to strengthen their cybersecurity posture with new funding opportunities and best practices. Recent attacks reveal that K-12 schools and libraries are prime targets for cyber actors. Ransomware attacks have had dire consequences and highlighted the need for such institutions to strengthen their cybersecurity posture and reduce risk. Increased attacks against…
Read More