Category: AI in news
A Cyber Insurance Backstop In the first week of January, the pharmaceutical giant Merck quietly settled its years-long lawsuit over whether or not its property and casualty insurers would cover a $700 million claim filed after the devastating NotPetya cyberattack in 2017. The malware ultimately infected more than 40,000 of Merck’s computers, which significantly disrupted…
Read More
The ALPHV, also known as the Blackcat ransomware gang, is targeting US healthcare systems, according to a joint cybersecurity advisory by the FBI, CISA, and the Department of Health and Human Services (SSH). The advisory, which was published as part of the #StopRansomware effort that publishes advisories against various ransomware variants and actors, also detailed…
Read More
Feb 28, 2024NewsroomPhishing Attack / Malware Mexican users have been targeted with tax-themed phishing lures at least since November 2023 to distribute a previously undocumented Windows malware called TimbreStealer. Cisco Talos, which discovered the activity, described the authors as skilled and that the “threat actor has previously used similar tactics, techniques and procedures (TTPs) to…
Read More
This confirms that sophisticated malign influence activities rely on developments in a target nation to generate initial interest without compromising the identity of the attacker. Perhaps most interestingly, our research also unexpectedly uncovered evidence of malware being leveraged against Facebook users. While it may seem counterintuitive that the IRA would hack users that they are…
Read More
Feb 28, 2024NewsroomFirmware Security / Vulnerability In a new joint advisory, cybersecurity and intelligence agencies from the U.S. and other countries are urging users of Ubiquiti EdgeRouter to take protective measures, weeks after a botnet comprising infected routers was felled by law enforcement as part of an operation codenamed Dying Ember. The botnet, named MooBot,…
Read More
A potentially $1 billion deal by semiconductor manufacturer Broadcom to sell a security software business it acquired with its $61 billion purchase of VMware last year has reportedly been put on hold, if not abandoned. Investment firm KKR had agreed to buy Carbon Black along with VMware’s entire end-user computing (EUC) business, including VMware’s Workspace…
Read More
Cyberattacks are scaling up. That means security operations center (SOC) teams are overwhelmed by the volume of alerts they must analyze and how to sort out real threats vs. system noise. The good news? Artificial intelligence (AI) is poised to supercharge SOC modernization efforts with unprecedented automation, proactive threat detection, and relief for overstressed security…
Read More
AI hype and adoption are seemingly at an all-time high with nearly 70% of respondents to a recent S&P report on Global AI Trends saying they have at least one AI project in production. While the promise of AI can fundamentally reshape business operations, it has also created new risk vectors and opened the doors…
Read More
Feb 27, 2024NewsroomVulnerability / Website Security A security vulnerability has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable unauthenticated users to escalate their privileges. Tracked as CVE-2023-40000, the vulnerability was addressed in October 2023 in version 5.7.0.1. “This plugin suffers from unauthenticated site-wide stored [cross-site scripting] vulnerability and could allow any…
Read MoreChina Surveillance Company Hacked Last week, someone posted something like 570 files, images and chat logs from a Chinese company called I-Soon. I-Soon sells hacking and espionage services to Chinese national and local government. Lots of details in the news articles. These aren’t details about the tools or techniques, more the inner workings of the…
Read More