Summary: Apple has reached a $95 million settlement in a class action lawsuit concerning allegations that Siri unintentionally recorded conversations. The lawsuit claims that this feature led to unauthorized recordings and targeted advertising based on private discussions.

Threat Actor: Apple Inc. | Apple Inc. Victim: Mobile device owners | mobile device owners

Key Point :

Settlement covers the period from Sept.…
Read More

Summary: As cyber threats escalate, small businesses must adopt proactive cybersecurity strategies to protect themselves, especially in the context of remote work. The reliance on AI for security must be balanced with human oversight and awareness to effectively mitigate risks.

Threat Actor: Cybercriminals | cybercriminals Victim: Small Businesses | small businesses

Key Point :

43% of cyberattacks target small businesses, with 95% linked to human error.…
Read More

Summary: Cyberhaven fell victim to a supply-chain attack where attackers compromised their Chrome extension, allowing them to exfiltrate sensitive data such as Facebook access tokens. The incident highlights the vulnerabilities in software supply chains and the need for better security measures regarding browser extensions.

Threat Actor: Unknown | unknown Victim: Cyberhaven | Cyberhaven

Key Point :

Attackers used social engineering to gain access rights to Cyberhaven’s Chrome extension.…
Read More

### #CyberTreaty #DigitalSafety #GlobalCooperation

Summary: The UN has adopted a groundbreaking treaty aimed at combating cybercrime, marking a significant milestone in international cooperation. This treaty will enhance collaboration among nations to protect individuals and uphold human rights in the digital realm.

Threat Actor: UN Member States | UN Member States Victim: Global Community | Global Community

Key Point :

The Convention against Cybercrime is the first international criminal justice treaty negotiated in over two decades.…
Read More

### #ActiveDirectoryThreats #LDAPExploits #WindowsServerVulnerabilities

Summary: A critical vulnerability in Active Directory’s LDAP protocol, tracked as CVE-2024-49113, allows attackers to crash multiple unpatched Windows servers simultaneously, raising concerns about organizational vulnerabilities. Experts emphasize the urgency of patching systems to mitigate potential exploitation.

Threat Actor: Unknown | unknown Victim: Organizations running Windows Servers | organizations running Windows Servers

Key Point :

The vulnerability allows for denial-of-service attacks and potential remote code execution.…
Read More

### #AIinMilitary #CrowdsourcedRedTeaming #GenerativeAI

Summary: The Chief Digital and Artificial Intelligence Office (CDAO) has completed a pilot program utilizing crowdsourced red-teaming to assess vulnerabilities in Large-Language Model (LLM) chatbots for military medicine applications. This initiative aims to enhance AI assurance and risk mitigation within the Department of Defense (DoD).…

Read More

### #DataExposure #CloudMisconfiguration #EthicalHacking

Summary: Volkswagen Group faced a significant data breach due to a misconfiguration in an Amazon cloud storage system, exposing sensitive information of around 800,000 electric vehicle owners. The breach was reported by an ethical hacker to the Chaos Computer Club, which confirmed the vulnerability before notifying Volkswagen.…

Read More

### #LLMJailbreaks #BadLikertJudge #AIThreats

Summary: Researchers at Palo Alto Networks’ Unit 42 have discovered a new jailbreak technique called the Bad Likert Judge attack, which significantly increases the likelihood of large language models (LLMs) generating harmful content. This method exploits the LLM’s ability to evaluate responses based on a psychometric scale, allowing attackers to refine harmful outputs effectively.…

Read More

In late 2023, I wrote an article comparing how well ChatGPT and Google Bard handle writing security policies. Given that ChatGPT 4.0 has been available as a paid version, called ChatGPT Plus, for some time now, and Google recently rebranded Google Bard as Gemini (with Gemini Advanced available as paid offering), it’s a good time to compare how the two perform in a head-to-head of the top 10 use cases for information security professionals.…

Read More

The reality of cybersecurity for companies is that adversaries compromise systems and networks all the time, and even well-managed breach-prevention programs often have to deal with attackers inside their perimeters.

On March 5, the National Security Agency continued its best-practice recommendation to federal agencies, publishing its latest Cybersecurity Information Sheet (CIS) on the Network and Environment pillar of its zero-trust framework.…

Read More

PRESS RELEASE

DENVER, March 5, 2024 – Red Canary today announced full coverage of its detection and response capabilities to include all major cloud infrastructure and platform services providers, such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). Red Canary can detect suspicious activity across all major cloud environments and seamlessly correlate that data with other leading cloud security products, enabling enterprises to find and stop threats before they can cause damage.…

Read More

PRESS RELEASE

HERNDON, Va., March 13, 2024 — (BUSINESS WIRE) — Expel, the leading managed detection and response (MDR) provider, today unveiled the updated version of its National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) Getting Started toolkit. The kit, which includes a “getting started” guide and a self-scoring spreadsheet, helps security leaders and operators assess their cybersecurity postures, aligned with the recently released version 2.0 of the NIST CSF.…

Read More

SAN FRANCISCO, March 13, 2024 — Nozomi Networks Inc. today announced a $100 million Series E funding round to help accelerate innovative cyber defenses and expand cost-efficient go-to-market expansion globally. This latest round includes investments from Mitsubishi Electric, a global leader in digital manufacturing, electronics and electrical equipment and Schneider Electric, a global leader in digital automation and energy management.…

Read More

The Federal Communications Commission (FCC) will be rolling out a voluntary cybersecurity labeling program for Internet of Things (IoT) products for consumers

At its public meeting today, the Commission unanimously voted to approve the program, which will allow IoT manufacturers to slap US Cyber Trust Certification Marks onto products that meet certain minimum criteria defined by the National Institute for Standards and Technology (NIST).…

Read More

Fortinet has patched a critical remote code execution (RCE) vulnerability in its FortiClient Enterprise Management Server (EMS) for managing endpoint devices.

The flaw, identified as CVE-2024-48788, stems from an SQL injection error in a direct-attached storage component of the server. It gives unauthenticated attackers a way to execute arbitrary code and commands with system admin privileges on affected systems, using specially crafted requests.…

Read More

DarkGate malware operators have been exploiting a now-patched Windows SmartScreen bypass flaw through a phishing campaign that distributes fake Microsoft software installers to propagate the malicious code.

Trend Micro researchers, among others, discovered a then zero-day Internet Shortcut Files security feature bypass vulnerability tracked as CVE-2024-21412 earlier this year, which Microsoft patched as part of its February raft of Patch Tuesday updates.…

Read More