The rise of generative artificial intelligence (gen AI) is colliding with elections worldwide, and consumers are worried. Research shows voters worldwide are nervous about political deepfakes, with some country's citizens being far more concerned than others.
See: https://redskyalliance.org/xindustry/deepfake-dangers
Singapore, Mexico, the US, and the UK are all holding general elections this year, and voters are concerned they cannot identify deepfakes. According to a report released by digi
KnowBe4, a cybersecurity company specializing in awareness training and simulated phishing, recently disclosed an attempted infiltration by a North Korean operative posing as a software engineer.[1] This incident sheds light on the evolving tactics of state-sponsored threat actors and underscores the need for enhanced security measures in hiring processes.
KnowBe4's CEO, Stu Sjouwerman, shared the details of the incident, saying, "We posted the job, received resumes, conducted interviews, perfor
Organizations rely on many different vendors to provide and support the technical infrastructure that runs their daily operations. But what if there’s a weak link somewhere in the supply chain? In the case of something like the cyberattack-induced outage at managed IT services provider CTS, it could mean organizations relying on these third-party services experiencing costly downtime and exposing their assets and sensitive content to cyber criminals. In the case of something like the SolarWinds
GitHub’s extensive community and features make it a continued target for threat actors. This week, security researchers identified a network of 3000 fake GitHub accounts pushing infostealing malware through the platform’s repositories as well as compromised WordPress sites. The malware Distribution-as-a-Service (DaaS), dubbed ‘Stargazers Ghost Network’, delivers variants of RedLine, Lumma Stealer, Rhadamanthys, RisePro, and Atlantida Stealer, all packaged in password-protected archives.
Attrib
In California, numerous local and federal lawsuits continue to pile up against Patelco Credit Union following a devastating cyber-attack that crippled the Dublin CA-based company’s online databases and left about half a million customers locked out of their accounts. If the suits are successful, Patelco could be facing damage payouts of as much as $5 billion, which equals half of the assets managed by the company.
So far, at least six federal and four state lawsuits, some of which seek class-ac
Delta Air Lines' slogan, "Keep Climbing," is a call to action that reflects the airline's culture of service and continuous improvement. Delta CEO Ed Bastian explained that the slogan is "What's the next mountain we're going to climb?" after reaching the top of one. There have been so many articles about the CrowdStrike disaster; here is another one. But when you see what Delta Airlines has been doing to passengers five days after this one piece of destructive code ate the Internet, you can n
Climate and weather modeling has long been a staple of high-performance computing, but as meteorologists look to improve the speed and resolution of forecasts, machine learning is increasingly finding its way into the mix. In a paper published in the journal Nature this week, a team from Google and the European Centre for Medium-Range Weather Forecasts (ECMWF) detailed a novel approach that uses machine learning to overcome limitations in existing climate models and try to generate forecasts fa
On 17 July 2024, cybersecurity experts gathered at Cecil College[1] for the Cyber Security in Agriculture Forum to discuss the escalating threats to digital information and privacy across all sectors, specifically agriculture. Panelists unanimously agreed that cyber threats are increasing in frequency and sophistication, posing significant risks to individuals, small businesses, corporations, and large public entities.
The forum began with an overview of the current cybersecurity landscape, hig
The experts at NIST have created a simple Cybersecurity Basics page[1] that takes technical information down to a set of guidelines for small business owners and managers. For a simpler, more practical collection of guidelines, try the Secure Our World website, https://www.cisa.gov/secure-our-world run by the Cybersecurity & Infrastructure Security Agency (CISA). It is targeted at an audience of consumers without a technical background, which makes it a good source of information you can share
Researchers have discovered a new malware variant likely used in an attack this January against an energy company in western Ukraine that left 600 households without heat amid freezing temperatures. The tool, called FrostyGoop, is one of only a few malware strains ever discovered in the wild that can interact directly with industrial control systems and have a physical effect on the hardware used by targeted enterprises, according to researchers at industrial cybersecurity firm Dragos, which di
Researchers are saying that electric vehicles (EVs) are at risk of cyber-attacks while connected to fast-charging systems, the quickest and most common way to charge the vehicles, according to research from a team of engineers at Southwest Research Institute (SwRI). “As the grid evolves to take on more EVs, we need to defend our critical grid infrastructure against cyber-attacks while also securing payments to charge EVs,” said the assistant director of SwRI’s High Reliability Systems Departmen
Sentinel Labs blog has provided the following stories: * Interpol-Led Operation Cracks Down on West African Cybercrime Syndicates - Operation Jackal III was a month-long law enforcement effort that involved 21 countries. This week, Interpol reported some 300 arrests, the identification of over 400 suspects, 720 blocked bank accounts, and the seizure of $3 million in illicit funds, all to dismantle multiple criminal networks globally. Among the affected crime syndicates, Black Axe has been a
In a show of international cooperation, intelligence and cybersecurity agencies from eight countries have jointly accused China of orchestrating a series of cyberattacks on government networks. The United States, United Kingdom, Canada, Australia, New Zealand, Germany, Japan, and South Korea have pointed the finger at APT40, a hacking group believed to be sponsored by China's Ministry of State Security.
See: https://redskyalliance.org/transportation/anchor-panda-and-periscope-threat-actors-tar
In today's digital age, ransomware has emerged as a formidable threat to businesses of all sizes. This malicious attack can paralyze operations, damage reputations, and inflict severe financial losses. Mid-market organizations are particularly vulnerable, with over half (57%) admitting they don't regularly review and replace legacy systems, and a similar number (57%) failing to patch their systems regularly.
This creates an expanded attack surface for cybercriminals to exploit them. The conse
Just this past week, a good friend of mine came back from a 2-week vacation in Scotland. He and his wife had a great time walking an old ancient trail along many lakes and mountains. He stayed at various BnB’s and hotels. One thing that bothered my friend is that almost all places of business in Scotland, including the airport in Glasgow, demanded payment with a credit card – another words, e-commerce transitions only. My friend took over 1,000 in British Pounds (cash) to pay for whatever he
Online identities continue to be at risk of vulnerabilities, a colossal password compilation named "RockYou2024" has emerged, containing nearly 10 billion unique passwords. This unprecedented leak has put the cybersecurity community and beyond on high alert as if it was not already there, highlighting the ongoing need for improved digital security practices.
The name "RockYou2024" pays homage to the infamous RockYou data breach of 2009, which exposed 32 million passwords due to insecure storage
The HardBit ransomware first appeared in October 2022, with a 2.0 version coming shortly thereafter in November of 2022. As one expects of a ransomware attack, HardBit targets organizations and demands cryptocurrency payments in exchange for decrypting data.
Earlier variants of HardBit aren’t noted as being especially unique, though one standout attribute of HardBit is that the operators have enhanced their extortion tactics by demanding to know about the victim’s potential cyber insurance co
The recent U.S. Supreme Court decision in Loper Bright Enterprises v. Raimondo questions the topic of cybersecurity regulation. The Court's decision effectively overturned the Chevron Doctrine, a longstanding principle that gave deference to federal agencies' interpretations of ambiguous laws. Cybersecurity leaders are now scrambling to understand the implications for regulating the threat landscape already a moving target. Business leaders have questioned the validity of unelected bureaucrats
The Justice Department announced on 09 July 2024, the seizure of two domain names and the search of 968 social media accounts used by Russian actors to create an AI-enhanced social media bot farm that spread disinformation in the United States and abroad. The social media bot farm used elements of AI to create fictitious social media profiles often purporting to belong to individuals in the United States which the operators then used to promote messages in support of Russian government objective
Executive Summary from Fortinet - Not long ago, the operational technology (OT) networks used in environments such as factories and critical infrastructure were air-gapped, meaning they were not connected to the internet. But today, the once-siloed worlds of OT and information technology (IT) are seeing greater interconnectivity due to digital transformation and support for scarce or remote workers. This connectivity can enhance production via data sharing and new cloud-based tools that allow
