Researchers at security firm Salt Security have uncovered multiple vulnerabilities in third-party plug-ins used in ChatGPT, including a zero-click account takeover flaw that was triggered when users attempted to install the plug-in using their ChatGPT accounts.
Advanced attackers increasingly feel the need for speed, lowering the time they spend lurking after they infiltrate networks before exfiltrating data and crypto-locking systems, experts warn in a review of top hacking strategies seen in 2023. Cue challenges for defenders.
This week, amounts for crypto and phishing losses were released, the Bitcoin Fog operator was convicted, the EU approved rules to strengthen sanctions, the federal government sought to recover losses linked to pig butchering, and the Philippines blocked unlicensed crypto websites.
Six years after it was founded, the UK Cyber Security Council is taking a multipronged approach to building professionalism in the industry. Board Chair Claudia Natanson discussed the council's journey, its role in shaping industry standards and efforts to foster diversity and narrow the skills gap.
This week, the FCC OK'd cybersecurity labeling, DarkGate exploited Google, Fortinet patched a bug, cyberattacks hit the French government and employment agencies, Google restricted Gemini AI chatbot and paid bug bounties, Microsoft had Patch Tuesday, Marine Max was attacked, and Alcasec moved on.
Machines are gradually taking on activities of human customers such as research, negotiations and user reviews. The rise of the AI customers marks a shift from machines as passive tools to active participants in economic transactions, said Donald Scheibenreif, vice president and analyst at Gartner.
The U.S. healthcare sector needs to closely watch government regulatory and legislative developments involving artificial intelligence, including the European Union AI Act, said Lee Kim, senior principal of cybersecurity and privacy at the Healthcare Information and Management Systems Society.
Healthcare sector organizations need to focus their attention on meeting the "voluntary" essential and enhanced cybersecurity performance goals set out by federal regulators before they become potential mandates, said Kate Pierce, virtual information security officer at Fortified Heath Security.
It's critical for hospitals and other firms to not only prepare for how they will respond to a cyberattack but also to consider the regional impact if a neighboring provider of services needed in the community is disrupted by a serious cyber incident, said Margie Zuk of Mitre.
Federal regulators have informed UnitedHealth Group that they have launched a full-fledged investigation into a potential massive compromise of protected health information stemming from the Change Healthcare cyberattack. A potential PHI breach could affect tens of millions of individuals.
Experts told ISMG a final version of the Cybersecurity and Infrastructure Security Agency's self-attestation form for federal software providers takes bold steps to ensure new technologies are made with "secure by design" principles but lacks critical components that should come in future versions.
Nozomi Networks notched a $100 million funding round led by Schneider Electric and Mitsubishi, spotlighting the urgent need for advanced cybersecurity measures to protect critical infrastructure, industrial control systems and IoT networks in light of the increased destructiveness of attacks.
Threat actors are using image files or Scalable Vector Graphics files to deliver ransomware, download banking Trojans or distribute malware. The campaign uses an open-source tool, AutoSmuggle, to facilitate the delivery of malicious files through SVG or HTML files.
The European Parliament on Wednesday approved the Artificial Intelligence Act, completing a penultimate step to enacting the world's first comprehensive AI regulation. The act needs final signoff from the European Council, which is expected by May.
Agility, scale and consumption - these are three business benefits Palo Alto Networks Software Firewalls bring to cloud network security. Tiffany Henry and Katherine Rigdon of Palo Alto Networks showcase these features and the value of finding them all on a single platform.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.