Hackers use generative AI to churn out code that exploits vulnerabilities, while defenders use it to get more context around flaws discovered in their ecosystem, said CEO Amit Yoran. Tenable uses generative AI to spot and prioritize all the instances of MOVEit in a customer's environment.
Organizations need to adopt a creative approach when building policies around the legal, commercial and reputational risks raised by generative AI tools - such as with privacy, consumer protection and contractual obligations, said legal expert Anna King of Markel.
Every week, ISMG rounds up cybersecurity incidents in the digital assets world. This week, a Poly Network hacker stole $10 million, Belarus mulled banning P2P crypto payments, the Ethereum community proposed a new security standard and Russia raised $20 million in crypto.
The world is moving on from magnetic stripe payment cards, with one notable exception: the United States. Credit card issuers, banks and consumers agree the magnetic stripe is prone to hacking - so why is one of the largest markets for plastic payment still clinging to decades-old technology?
Ransomware believed to originate from the Russian LockBit 3.0 group locked up computer systems for the Port of Nagoya, Japan's largest cargo hub. The attack held up shipments of Toyota auto parts containers for two days, but the port reopened Thursday morning.
A Chinese nation-state group is hacking foreign affairs ministries and embassies across Europe, employing a sophisticated HTML-smuggling technique to deliver the insidious PlugX remote access Trojan to compromised systems. The technique raises concern about the security of diplomatic institutions.
Buying both the networking and security pieces of SASE from a single vendor will be the predominant long-term approach, given the benefits of tight integration, said Cato Networks CEO Shlomo Kramer. Some three-fourths of Cato clients today get both SD-WAN and security service edge from the company.
A hacker suspected to be based in Mexico is targeting financial institutions using "relatively unsophisticated" tools but is achieving a high degree of success among banking customers, SentinelOne said. The threat actor also offers smishing as a service.
CISO Ian Thornton-Trump said he is opportunistic about using chatbots but warns that the technology needs oversight and testing to ensure "the responses that it's giving are accurate and the information it's able to access is also pertinent to the questions that are commonly asked."
Experts believe China's revised Counter-Espionage Law gives the Chinese Communist Party the power to retaliate against Western financial and technological sanctions and also control rising discontent among Chinese citizens. The law went into effect on Saturday.
A Tennessee medical clinic and surgical center is notifying more than half a million patients and employees that their personal information may have been stolen by cybercriminals in an April cyberattack that disrupted healthcare services for several days.
Over five dozen British academics joined a widening group of technology firms and privacy groups in criticizing a U.K. government bill aimed at protecting children from online harassments by weakening encryption. In an open letter, they said the bill is "doomed to fail."
Russia has relied on blunt-force cyberattacks in Ukraine to inflict maximum damage rather than turning to new techniques. In many cases, Ukrainian defenders are flying blind because Russian wiper malware is designed to evade most security controls, said Mandiant CEO Kevin Mandia.
Hackers kept pace with the rapid evolution of blockchain systems, stealing about $920 million in the first half of 2023. Cybercriminals attacked smart contracts, phished victims and stole from crypto exchanges in dozens of security incidents through June 30.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.