Financial institutions have 30 days to disclose breaches under new rules
Amendments contain loopholes that may blunt their effectiveness.
17-05-2024 19:27

Arizona woman accused of helping North Koreans get remote IT jobs at 300 companies
Alleged $6.8M conspiracy involved "laptop farm," identity theft, and résumé coaching.
16-05-2024 22:49

Archie, the Internet’s first search engine, is rescued and running
A journey through busted tapes, the Internet Old Farts Club, and SPARCstations.
16-05-2024 17:44

#MIWIC2024 One To Watch: Valeen Oseh-Ovarah, Founder and CEO of TisOva
Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2024’s Ones to Watch winners selected by an e
16-05-2024 17:34

Cato Networks Partners with e& Further Expanding Global SASE Platform with New UAE PoP
Today, Cato Networks announces a strategic partnership with e& (etisalat and) during International Telecoms Week (ITW) in the United States, a significant move that will see the establishment of a new Point-of-Presence (PoP) within the global technol
16-05-2024 13:41

Most Companies Affected by Software Supply Chain Attacks in the Last Year, Struggling to Detect and React Effectively
Over the past year, a significant portion of global organisations (54%) experienced software supply chain attacks, with many struggling to adapt to the escalating risk environment. These findings stem from ‘The State of Software Supply Chain Securi
16-05-2024 13:33

Advanced Cyber Defence Systems Joins Elite Group in Signing CISA’s Secure by Design Pledge
Advanced Cyber Defence Systems (ACDS) has today joined the US Cybersecurity & Infrastructure Security Agency’s (CISA) and UK National Cyber Security Centre’s (NCSC) Secure by Design pledge, becoming one of the first 100 companies, alongside AWS, Micr
16-05-2024 13:25

Building a diverse and inclusive cyber workforce
At this month’s DTX Manchester, I’ll be taking part in a panel discussion around the importance of inclusion and diversity in cyber recruitment. For far too long cyber security was seen as a man’s sport. Not only did men take up the majority of leadershi
16-05-2024 12:57

Public Sector IT is Broken: Turning the System Back On
Today’s IT services within public sector organisations are not adequate for their intended purpose anymore. Security breaches frequently make headlines. Downtime disrupts services and productivity. There is excessive overspending across the UK too. What
16-05-2024 10:50

BreachForums, an online bazaar for stolen data, seized by FBI
An earlier iteration of the site was taken down last year; now its reincarnation is gone.
15-05-2024 22:37

Google unveils Veo, a high-definition AI video generator that may rival Sora
Google's video-synthesis model creates minute-long 1080p videos from written prompts.
15-05-2024 20:51

Linux maintainers were infected for 2 years by SSH-dwelling backdoor with huge reach
Ebury backdoors SSH servers in hosting providers, giving the malware extraordinary reach.
15-05-2024 16:56

#MIWIC2024 One To Watch: Jenny McCullagh, Graduate Cybersecurity Engineer at Leonardo and Co-Founder and Director of CyberWomen Groups C.I.C
Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2024’s Ones to Watch winners selected by an e
15-05-2024 15:55

Expert Insight: How Diverse Leadership Can Benefit the Security Sector
In today’s business landscape, diverse leadership is essential for driving innovation, improving decision-making, and maintaining a competitive advantage. Historically, STEM sectors have been male-dominated, with strict job descriptions and rigid h
15-05-2024 15:23

Commonly used passwords for new accounts include “User” & “Welcome
New research into password usage for new accounts during the onboarding process, has revealed a worrying trend where easily guessable passwords are left unchanged for new starters, presenting significant security risks for organisations. The findings fro
15-05-2024 11:45

Chief Scientist Ilya Sutskever leaves OpenAI six months after Altman ouster
CEO Altman: "OpenAI would not be what it is without him."
15-05-2024 03:05

Google strikes back at OpenAI with “Project Astra” AI agent prototype
AI model updates galore at Google I/O, including 2M context window, Imagen 3, Veo, and more.
14-05-2024 19:11

Apple, SpaceX, Microsoft return-to-office mandates drove senior talent away
"It’s easier to manage a team that’s happy.”
14-05-2024 14:40

The hunt for rare bitcoin is nearing an end
Rare bitcoin fragments are worth many times their face value.
14-05-2024 14:03

Expert Insight: What’s the key to bringing more diversity into the tech sector?
It’s often argued that the lack of women and non-binary individuals in tech is due to inadequate support, insufficient attention — especially from senior management — and a dearth of those candidates studying subjects such as science, technology, enginee
14-05-2024 11:01

#MIWIC2024: Jan Carroll, Managing Director at Fortify Institute
Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2024’s Top 20 women selected by an esteemed p
14-05-2024 10:32

Before launching, GPT-4o broke records on chatbot leaderboard under a secret name
Anonymous chatbot that mystified and frustrated experts was OpenAI's latest model.
13-05-2024 21:33

Black Basta ransomware group is imperiling critical infrastructure, groups warn
Threat group has targeted 500 organizations. One is currently struggling to cope.
13-05-2024 19:55

Major ChatGPT-4o update allows audio-video talks with an “emotional” AI chatbot
New GPT-4o model can sing a bedtime story, detect facial expressions, read emotions.
13-05-2024 17:58

Google patches its fifth zero-day vulnerability of the year in Chrome
Exploit code for critical "use-after-free" bug is circulating in the wild.
10-05-2024 17:02

Stack Overflow users sabotage their posts after OpenAI deal
Anti-AI users who change or delete answers in protest are being punished.
09-05-2024 21:20

Dell warns of “incident” that may have leaked customers’ personal info
Notification follows claim of compromised database with 49M Dell customers' data.
09-05-2024 18:40

CIOs and CFOs, two parts of the same whole
The business boardroom: a machine that drives corporate strategy and shapes the future of the company. Such a force requires cohesion and alignment, but silos still exist today. One of the biggest divides lies between the Chief Finance Officer and Chief
09-05-2024 15:10

Critical vulnerabilities in BIG-IP appliances leave big networks open to intrusion
Hackers can exploit them to gain full administrative control of internal devices.
08-05-2024 21:35

Dell responds to return-to-office resistance with VPN, badge tracking
Report claims new tracking starts May 13 with unclear consequences.
08-05-2024 20:57

Robot dogs armed with AI-aimed rifles undergo US Marines Special Ops evaluation
Quadrupeds being reviewed have automatic targeting systems but require human oversight to fire.
08-05-2024 19:59

Robot dogs armed with AI-targeting rifles undergo US Marines Special Ops evaluation
Quadrupeds being reviewed have automatic targeting systems but require human oversight to fire.
08-05-2024 19:59

TrustRadius recognises KnowBe4 for fifth year running in Security Awareness Training
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, announced that TrustRadius has recognised KnowBe4’s Security Awareness Training and PhishER with 2024 Top Rated Awards. KnowBe4’s Security Awareness
08-05-2024 16:17

How Tech Can Help you Obtain a Building Passport: Net-Zero Building Certification Guide
Net-Zero Building Certification  is a credential that identifies structures which have attained parity between the amount of energy they use and how much renewable energy they produce in twelve months’ time. This guide will outline step by step what you
08-05-2024 15:23

Expert Insight: ‘Minding the gap’: how can we work to make cyber accessible for women?
According to the Department for Science, Innovation and Technology (DSIT), only 17% of the UK cyber sector workforce is female, and this is down from 22% in 2022. To make matters worse, we’re fighting a losing battle against an ever-increasing cyber skil
08-05-2024 13:46

Registration Opens for International Cyber Expo 2024: Where Cyber Leaders Converge to Shape Tomorrow’s Defences
Today, Nineteen Group has announced the opening of registration for the highly anticipated International Cyber Expo (ICE) 2024. Set against the iconic Olympia London on September 24th and 25th, ICE 2024 promises to be an unparalleled convergence of the b
08-05-2024 10:34

Salt Security Unveils First AI-Infused API Security Platform to Address Proliferation of GenAI Application Development
This week, Salt Security, a frontrunner in API security, have unveiled its groundbreaking API Security Protection Platform. This platform, powered by Pepper, Salt’s own Large Language Model (LLM) AI, represents a leap forward in API protection. By
08-05-2024 10:20

CyberSmart announces expansion into the Australian market with HAT Distribution partnership
CyberSmart, the UK’s leading provider of complete cyber confidence to UK SMEs has announced its partnership with Australian technology distributor, HAT Distribution. The partnership will provide businesses in Australia with fast, hassle-free Essential Ei
08-05-2024 09:57

Ransomware mastermind LockBitSupp reveled in his anonymity—now he’s been ID’d
The US places a $10 million bounty for the arrest of Dmitry Yuryevich Khoroshev.
07-05-2024 19:34

Microsoft launches AI chatbot for spies
Air-gapping GPT-4 model on secure network won't prevent it from potentially making things up.
07-05-2024 19:22

Cybereason Announces the Availability of Cybereason Mobile Threat Defence in Response to Increases in Sophisticated Mobile Device Attacks
Cybereason has announced the availability of Cybereason Mobile Threat Defence, Powered by Zimperium. With the explosive growth in mobile devices and apps comes an ever-evolving attack surface. Research shows that 60% of endpoints accessing enterprise ass
07-05-2024 15:27

Over 70% of Staff Use AI At Work, But Only 30% of European Organisations Provide AI Training
Today, new research by ISACA has revealed that, despite nearly three quarters (73%) of European organisations reporting that their staff use AI at work, only 30% provide limited training to employees in tech-related positions, while 40% offer no training
07-05-2024 15:08

Cyber Threat Research: Poor Patching Practices and Unencrypted Protocols Continue to Haunt Enterprises
Cato Networks, the SASE leader, today unveiled the findings of its inaugural Cato CTRL SASE Threat Report for Q1 2024. The report shows all organizations surveyed continue to run insecure protocols across their wide access networks (WAN), making it easie
07-05-2024 13:34

Data Brokers: What They Are and How to Safeguard Your Privacy
As more of our personal data is collected online, privacy concerns have increased. With a few clicks, we share intimate details about ourselves. However, most people are unaware of how widely their data spreads. Behind the scenes is an entire industry of
07-05-2024 08:36

Novel attack against virtually all VPN apps neuters their entire purpose
TunnelVision vulnerability has existed since 2002 and may already be known to attackers.
06-05-2024 20:35

New Microsoft AI model may challenge GPT-4 and Google Gemini
In project headed by former Inflection chief, MAI-1 may have 500B parameters.
06-05-2024 19:51

These dangerous scammers don’t even bother to hide their crimes
Cybercriminals openly run dozens of scams across social media and messaging apps.
04-05-2024 11:37

Microsoft plans to lock down Windows DNS like never before. Here’s how.
ZTDNS brings the best of both worlds to DNS: encryption and fine-grained control.
03-05-2024 23:42

Counterfeit Cisco gear ended up in US military bases, used in combat operations
"One of the largest counterfeit-trafficking operations ever."
03-05-2024 21:58

Microsoft ties executive pay to security following multiple failures and breaches
Microsoft has been criticized for "preventable" failures and poor communication.
03-05-2024 20:25

AI in space: Karpathy suggests AI chatbots as interstellar messengers to alien civilizations
Andrej Karpathy muses about sending a LLM binary that could "wake up" and answer questions.
03-05-2024 19:04

Maximum-severity GitLab flaw allowing account hijacking under active exploitation
The threat is potentially grave because it could be used in supply-chain attacks.
02-05-2024 19:02

World Password Day 2024: Try Passkeys!
On this World Password Day, we should all pause and think about how we can adopt passkeys. Passkeys represent a significant industry shift in identity security, moving away from traditional credentials of usernames and passwords to a more secure “no know
02-05-2024 11:02

World Password Day 2024: What are the experts saying?
It’s World Password Day 2024! What’s clear is that passwords and creating and maintaining good password hygiene is still one of the most effective ways to protect businesses. We’ve gathered some insights from cybersecurity experts who h
02-05-2024 10:55

Hacker free-for-all fights for control of home and office routers everywhere
How and why nation-state hackers and cybercriminals coexist in the same router botnet.
02-05-2024 00:20

Anthropic releases Claude AI chatbot iOS app
Anthropic finally comes to mobile, launches plan for teams that includes 200K context window.
01-05-2024 21:36

The BASIC programming language turns 60
Easy-to-use language that drove Apple, TRS-80, IBM, and Commodore PCs debuted in 1964.
01-05-2024 16:17

Here’s your chance to own a decommissioned US government supercomputer
145,152-core Cheyenne supercomputer was 20th most powerful in the world in 2016.
30-04-2024 21:52

Health care giant comes clean about recent hack and paid ransom
Ransomware attack on the $371 billion company hamstrung US prescription market.
30-04-2024 20:44

AWS S3 storage bucket with unlucky name nearly cost developer $1,300
Amazon says it's working on stopping others from "making your AWS bill explode."
30-04-2024 19:43

Mysterious “gpt2-chatbot” AI model appears suddenly, confuses experts
Mystery LLM highlights transparency issues in AI testing.
30-04-2024 19:31

Guest Blog: Securing K12 Schools with Centripetal and LANRover
In today’s digital age, where technology is deeply ingrained in our daily lives, ensuring the cybersecurity of our educational institutions has become paramount. K-12 schools are increasingly becoming targets for cyberattacks, highlighting the urgent nee
30-04-2024 15:07

Synopsys Introduces Polaris Assist: AI-Powered Application Security Assistant
Synopsys has unveiled Polaris Assist, an innovative AI-powered application security assistant incorporated into the Synopsys Polaris Software Integrity Platform®. Leveraging advanced Large Language Model (LLM) technology alongside Synopsys’ deep kn
30-04-2024 13:08

Keeper Security Forges Cybersecurity Partnership With Williams Racing
Today, Keeper Security joins Williams Racing as an Official Partner on the eve of the F1 Miami Grand Prix. Trusted by thousands of businesses and millions of individuals globally for its zero-trust and zero-knowledge cybersecurity software, Keeper’s bran
30-04-2024 12:50

Critics question tech-heavy lineup of new Homeland Security AI safety board
CEO-heavy board to tackle elusive AI safety concept and apply it to US infrastructure.
29-04-2024 20:15

UK outlaws awful default passwords on connected devices
The law aims to prevent global-scale botnet attacks.
29-04-2024 19:45

Account compromise of “unprecedented scale” uses everyday home devices
Credential-stuffing attack uses proxies to hide bad behavior.
29-04-2024 19:35

UK to Take Steps in Helping Protect Consumers Against Cyber Threats from Smart Devices
The UK has taken a pioneering step by introducing new laws aimed at safeguarding consumers against hacking and cyber-attacks while using internet-connected smart devices such as baby monitors, televisions, and speakers. Under these new laws, manufacturer
29-04-2024 16:13

Hackers try to exploit WordPress plugin vulnerability that’s as severe as it gets
WP Automatic plugin patched, but release notes don't mention the critical fix.
26-04-2024 19:07

APIContext’s Global Cloud API Performance Report Show A Decline In Cloud API Availability
APIContext has unveiled its 2024 Cloud Service Provider API Report, offering an in-depth examination of the performance of leading cloud service providers in the essential API domain. This annual global analysis scrutinised data stemming from 650 million
26-04-2024 12:54

Cato Networks to Showcase New Security Evasion Tactics at RSA Conference 2024
Cato Networks, the SASE leader, today announced that Cato CTRL, the SASE leader’s cyber threat intelligence (CTI) research team, will demonstrate threat actors’ latest tactics designed to capitalise on organisations’ complex security architectures during
26-04-2024 10:36

Apple releases eight small AI language models aimed at on-device use
OpenELM mirrors efforts by Microsoft to make useful small AI language models that run locally.
25-04-2024 20:55

Millions of IPs remain infected by USB worm years after its creators left it for dead
Ability of PlugX worm to live on presents a vexing dilemma: Delete it or leave it be.
25-04-2024 18:49

School athletic director arrested for framing principal using AI voice synthesis
Police uncover plot to defame principal with AI-generated racist and antisemitic comments.
25-04-2024 15:30

Salt Security Enhances API Security Platform with OAuth Protection Package
Salt Security have announced the release of its new multi-layered OAuth protection package to detect attempts to exploit OAuth and proactively fix vulnerabilities. Salt is enhancing its API protection platform with a comprehensive suite of new OAuth thre
25-04-2024 15:27

Female Tech Duo take Flight to Dubai to Launch the future of Cyber Leadership
Two formidable female tech leaders have joined forces to launch an innovative new leadership development and mentoring platform for the cyber community – Leading Cyber.  Danielle Phillips, Founder and Managing Director of Durham based Inside Out, a
25-04-2024 13:29

Interview: Cydea’s Risk Management Platform, Understanding Not Eliminating Risk
Last week, the IT Security Guru team attended Cydea’s Risk Management Platform launch in London. After the event, Robin Oldham, CEO and Founder of Cydea, sat down with the Gurus to answer some questions about risk management and why it’s crit
25-04-2024 13:16

AI-driven cyber attacks to be the norm within a year, say security leaders
Netacea, the bot detection and response specialist, today announced new research into the threat of AI-driven cyberattacks. It finds that most businesses see “offensive AI” fast becoming a standard tool for cybercriminals, with 93% of security leaders ex
25-04-2024 11:58

Coalition Finds More Than Half of Cyber Insurance Claims Originate in the Email Inbox
Coalition, the world’s first Active Insurance provider designed to prevent digital risk before it strikes, today published its 2024 Cyber Claims Report, which details emerging cyber trends and their impact on Coalition policyholders throughout 2023
25-04-2024 11:48

Nation-state hackers exploit Cisco firewall 0-days to backdoor government networks
Perimeter devices ought to prevent network hacks. Why are so many devices allowing attacks?
24-04-2024 20:55

Deepfakes in the courtroom: US judicial panel debates new AI evidence rules
Panel of eight judges confronts deep-faking AI tech that may undermine legal trials.
24-04-2024 20:14

Expert Insight: ‘Minding the Gap’: How can we work to make cyber accessible for women?
According to the Department for Science, Innovation and Technology (DSIT), only 17% of the UK cyber sector workforce is female, and this is down from 22% in 2022. To make matters worse, we’re fighting a losing battle against an ever-increasing cyber skil
24-04-2024 15:10

KnowBe4 acquires UK’s Egress to create advanced AI-driven platform to manage human risk
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today announced it has entered into a definitive agreement to acquire Egress, a leader in adaptive and integrated cloud email security. Egress’ Inte
24-04-2024 12:36

Google’s Core Update is ‘Biggest’ Algorithm Update in History
Search giant Google is currently undergoing one of its biggest algorithm updates in its history, sources are told. The online search platform which manages more than 8 billion searches per day is doing a significant update to its internal systems which w
24-04-2024 09:28

Hackers infect users of antivirus service that delivered updates over HTTP
eScan AV updates were delivered over HTTP for five years.
23-04-2024 21:03

Microsoft’s Phi-3 shows the surprising power of small, locally run AI language models
Microsoft’s 3.8B parameter Phi-3 may rival GPT-3.5, signaling a new era of “small language models."
23-04-2024 20:47

Expert Insight: Outdated Recruitment Methods Are Impeding The Global Cyber Army
Cybersecurity is ‘inclusive’ by nature: no one is exempt from the fallout of the expanding cyber threat landscape. The notion, therefore, that some groups of individuals are offered fewer opportunities to join the cyber industry than others is frankly ab
23-04-2024 15:09

Mandiant’s M-Trends Report Reveals New Insights from Frontline Cyber Investigations
Mandiant, part of Google Cloud, today released the findings of its M-Trends 2024 report. Now in its 15th year, this annual report provides expert trend analysis based on Mandiant frontline cyber attack investigations and remediations conducted in 2023. T
23-04-2024 13:59

Windows vulnerability reported by the NSA exploited to install Russian malware
Microsoft didn't disclose the in-the-wild exploits by Kremlin-backed group until now.
22-04-2024 20:36

#MIWIC2024: Melissa Chambers, CEO and Co-Founder of Sitehop
Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2024’s Top 20 women selected by an esteemed p
22-04-2024 16:00

ACDS Launches Revolutionary OBSERVATORY Solution: Redefining Attack Surface Management
Advanced Cyber Defence Systems (ACDS) has unveiled its groundbreaking Attack Surface Management (ASM) solution: OBSERVATORY. Engineered with a comprehensive three-pronged approach—Discovery, Validation, and Insight—OBSERVATORY offers an unparalleled leve
22-04-2024 10:04

Microsoft’s VASA-1 can deepfake a person with one photo and one audio track
YouTube videos of 6K celebrities helped train AI model to animate photos in real time.
19-04-2024 13:07

UK’s Cydea introduces new way to quantify risk management
Cydea, the cyber risk management provider, has announced the Cydea Risk Platform, set to quantify threats in financial terms to businesses, allowing them to visualise the consequences of different business security-related scenarios. By giving a monetary
19-04-2024 10:50

LLMs keep leaping with Llama 3, Meta’s newest open-weights AI model
Zuckerberg says new AI model "was still learning" when Meta stopped training.
18-04-2024 21:04

LastPass users targeted in phishing attacks good enough to trick even the savvy
Campaign used email, SMS, and voice calls to trick targets into divulging master passwords.
18-04-2024 18:42

Report Reveals Healthcare Industry is Disillusioned in its Preparedness for Cyberattacks
Kroll, the leading independent provider of global risk and financial advisory solutions, has released the State of Cyber Defense: Diagnosing Cyber Threats in Healthcare report, exposing the healthcare industry’s disillusionment in terms of its cyber matu
18-04-2024 13:04

Goldilock Partners with organisation behind NATO’s largest cyber defence exercise
Goldilock, the British cybersecurity startup behind a unique physical network isolation solution, has partnered with CR14, a cyber defence organisation established by the Estonian ministry of defence and host of NATO’s operative Cyber Defence Centre of E
18-04-2024 12:54

Police apprehend global cyber gang implicated in large-scale fraud
The Met Police, a long with a host of other global law enforcement agencies, have dismantled a criminal gang that used a technology service to facilitate fraudulent text messages, leading to theft from victims. The scam primarily targeted younger individ
18-04-2024 12:19

OpenAI winds down AI image generator that blew minds and forged friendships in 2022
How a group of friends found themselves at the center of a fierce debate about the future of art.
18-04-2024 11:00

Kremlin-backed actors spread disinformation ahead of US elections
To a lesser extent, China and Iran also peddle disinfo in hopes of influencing voters.
17-04-2024 21:55

source : arstechnica, darkreading, itsecurityguru