Category: AI in news
The cybersecurity threat landscape has witnessed a dramatic and alarming rise in the average ransomware payment, an increase exceeding 500%. Sophos, a global leader in cybersecurity, revealed in its annual “State of Ransomware 2024” report that the average ransom payment has increased 500% in the last year with organizations that paid a ransom reporting an…
Read More
CISOs and other security execs often find themselves in a difficult position. Attackers are always getting better, and now they can use genAI to help craft ransomware emails or create deepfakes. At the same time, security practitioners are bombarded by vendors with an alphabet soup of solutions: SSE, SASE, ZTNA, DLP, CASB, SWG, SOAR, DEM,…
Read More
Jul 02, 2024NewsroomDigital Regulation / Tech News Meta’s decision to offer an ad-free subscription in the European Union (E.U.) has faced a new setback after regulators accused the social media behemoth of breaching the bloc’s competition rules by forcing users to choose between seeing ads or paying to avoid them. The European Commission said the…
Read More
Jul 02, 2024NewsroomData Theft / Wi-Fi Security An Australian man has been charged with running a fake Wi-Fi access point during a domestic flight with an aim to steal user credentials and data. The unnamed 42-year-old “allegedly established fake free Wi-Fi access points, which mimicked legitimate networks, to capture personal data from unsuspecting victims who…
Read More
“From a theoretical point of view, we must find a useful code path that, if interrupted at the right time by SIGALRM, leaves sshd in an inconsistent state, and we must then exploit this inconsistent state inside the SIGALRM handler,” the researchers wrote in their technical advisory. “From a practical point of view, we must…
Read MoreUpcoming Book on AI and Democracy If you’ve been reading my blog, you’ve noticed that I have written a lot about AI and democracy, mostly with my co-author Nathan Sanders. I am pleased to announce that we’re writing a book on the topic. This isn’t a book about deep fakes, or misinformation. This is a…
Read MoreJul 01, 2024NewsroomSupply Chain / Software Security A trio of security flaws has been uncovered in the CocoaPods dependency manager for Swift and Objective-C Cocoa projects that could be exploited to stage software supply chain attacks, putting downstream customers at severe risks. The vulnerabilities allow “any malicious actor to claim ownership over thousands of unclaimed…
Read More
Jul 01, 2024NewsroomSupply Chain Attack / Threat Intelligence Installers for three different software products developed by an Indian company named Conceptworld have been trojanized to distribute information-stealing malware. The installers correspond to Notezilla, RecentX, and Copywhiz, according to cybersecurity firm Rapid7, which discovered the supply chain compromise on June 18, 2024. The issue has since…
Read More
Jul 01, 2024NewsroomLinux / Vulnerability OpenSSH maintainers have released security updates to contain a critical security flaw that could result in unauthenticated remote code execution with root privileges in glibc-based Linux systems. The vulnerability has been assigned the CVE identifier CVE-2024-6387. It resides in the OpenSSH server component, also known as sshd, which is designed…
Read More
Isolated Web applications (IWAs) are defined as applications which, rather than being hosted on a live web server and fetched over HTTPS, are packaged into bundles signed by their developers and distributed to users through various methods including platform-specific installation formats like APK, MSI, or DMG, raw singed bundles, through an operating system, browser or…
Read More