Welcome to "Cyber Fail," where our experts uncover fails so we can all strengthen our defenses. Today, we examine what happens when ransomware groups get careless, application developers' laissez-faire attitude toward vulnerabilities, and the security woes of a beleaguered crypto exchange.
Proposed legislation called the "snoopers' charter," which would allow British intelligence agencies to collect data on a large scale, cleared further parliamentary scrutiny this week despite mounting criticism from privacy advocates, watchdog groups and technology companies.
U.S. federal agencies have until midnight Friday to disconnect Ivanti VPN devices and perform a factory reset before reconnecting them to the network. Fifteen agencies use the gateways, which were hit by likely Chinese hackers in an espionage campaign and are riddled with zero-day vulnerabilities.
South Korean President Yoon Suk Yeol expects North Korea to interfere with the upcoming legislative elections and warned citizens to prepare for waves of cyberattacks, fake news and disinformation. Investigators believe North Korea conducted 80% of the attacks on public sector organizations in 2023.
The Biden administration is contemplating updating for the artificial intelligence age the privacy guidance that federal agencies must follow before activating new systems or adding a new collection of personal identifiable information to existing information technology systems.
Multiple Information Sharing and Analysis Centers decried a proposed incident reporting measure for vendors selling to the U.S. federal government as being costly and ineffective. The proposal will affect three of every four contracts in which the government is a contracting party.
The FBI and the U.S. Department of Justice used a court order to disrupt a Chinese hacking operation that compromised thousands of internet-connected devices and targeted sensitive areas of U.S. critical infrastructure, according to media reports.
A draft international cybercrime treaty set to enter a final round of negotiations at the United Nations Monday drew condemnation from civil society groups that said it will criminalize security research and promote indiscriminate police surveillance.
The U.S. Cybersecurity and Infrastructure Security Agency is aiming to improve the implementation of software bills of materials across the public and private sectors as experts warn that a failure to build and use the critical inventory lists could result in "catastrophic security breaches."
South Korea's intelligence agency has reported that North Korean hackers are using generative AI to conduct cyberattacks and search for hacking targets. Experts believe North Korea's AI capabilities are robust enough for more precise attacks on South Korea.
Experts are raising fresh concerns about the "significant risk" for Chinese espionage against U.S. federal networks after a government watchdog caught the government's main acquisition arm purchasing unauthorized, Chinese-manufactured video conference cameras.
Rumors are swirling about how the Department of Health and Human Services lost about $7.5 million in grant payments through a series of cyberattacks last year, including speculation over whether the incidents involved sophisticated AI-augmented spear-phishing or more commonplace fraud schemes.
Hackers have reportedly stolen about $7.5 million from a Department of Health and Human Services grant payment system in a series of cyberattacks last year. The news comes in the midst of HHS and other authorities warnings about rising threats involving social engineering and payment scams.
The U.S. Cybersecurity and Infrastructure Security Agency directed federal agencies to implement mitigation measures for two zero-day exploits that affect Ivanti’s popular VPN products while they await a patch, in what one official described as "a rapidly evolving situation."
Arati Prabhakar, director of the White House's Office of Science and Technology Policy, said during an event at the 2024 World Economic Forum that generative artificial intelligence has the potential to "dramatically accelerate and amplify the erosion of information integrity."
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.
