DOJ Warns Using AI in Crimes Will Mean Harsher Sentences
U.S. Deputy Attorney General Lisa Monaco last month was in the UK speaking at the University of Oxford and outlining the different paths the Justice Department is taking to address the benefits and threats associated with AI. Monaco spoke about how existing laws offer a “firm foundation” as the law ... Read More
Broadcom Merging Carbon Black, Symantec to Create Security Unit
Carbon Black’s uncertain future following the closing of Broadcom’s $69 billion acquisition of VMware in November is now settled, with the security software business merging with Symantec to form Broadcom’s new Enterprise Security Group. Broadcom will make “significant investments in both brands” and offer both Carbon Black and Symantec product ... Read More
Irony of Ironies: CISA Hacked — ‘by China’
Richi Jennings | | china, china espionage, Chinese, Chinese Communists, Chinese drive-by attack, chinese government, chinese hacker, Chinese hackers, Chinese state-sponsored hacking group, Chinese Threat Actors, CIRCIA, cisa, CISA.gov, CVE-2023-46805, CVE-2024-21887, CVE-2024-21893, Cyber Security and Infrastructure Security Agency, Cybersecurity & Infrastructure Security Agency, Cybersecurity and Infrastructure Agency, Data Stolen By China, federal agency, Ivanti, Ivanti Connect Secure, Ivanti Policy Secure, Ivanti security, Ivanti Vulnerabilities, Ivanti Zero day vulnerability, Ligolo, Magnet Goblin, NerbianRAT, NSA/CISA, Peoples Republic of China, SB Blogwatch, Volt Typhoon, WARPWIRE
Free rides and traffic jams: U.S. Cybersecurity and Infrastructure Security Agency penetrated in February, via vuln in Ivanti ... Read More
Threat Groups Rush to Exploit JetBrains’ TeamCity CI/CD Security Flaws
The cyberthreats to users of JetBrains’ TeamCity CI/CD platform continue to mount a week after the company issued two fixes to security vulnerabilities, with one cybersecurity vendor noting a ransomware attack that included exploiting the flaws for initial access and a search engine reporting that 1,442 vulnerable instances showed signs ... Read More
Beware of OpenAI and ChatGPT-4 Turbo in Healthcare Orgs’ API Attack Surface
Doug Dooley | | API security, Attack Surface, ChatGPT, Cybersecurity, health care, healthcare, OpenAI
With every new healthcare API integration that OpenAI gets access to, the attack surface grows, creating new opportunities for attackers ... Read More
Change Healthcare Gets Pharmacy Systems Up After Ransomware Attack
There is some relief coming for beleaguered pharmacies, hospitals, and patient now that UnitedHealth Group has the electronic prescribing systems for its Change Healthcare business up and running after being down for weeks following an attack last month by ransomware group BlackCat. In the wake of the February 21 attack, ... Read More
TikTok Ban Incoming — but ByteDance Fights Back
Richi Jennings | | Bytedance, china, chinese government, Privacy, SB Blogwatch, social media, spyware, TikTok, TikTok Ban
Hilltop BillTok: ByteDance mobilizing addicted user base, as U.S. TikTok ban steamrolls through Capitol Hill after unanimous committee vote ... Read More
NSA Issues Guidance for Enterprises Adopting Zero Trust
The National Security Agency (NSA) wants organizations adopt zero-trust framework principles to protect their enterprise networks and is releasing guidance to help them get there. The agency is arguing that adopting controls and functionality that includes segmenting networks and control access via strict policy regulations will reduce the potential damage ... Read More
Healthcare Groups Push for Help in Wake of Ransomware Attack on Change
Healthcare providers groups are ramping up pressure on the federal government, lawmakers, and UnitedHealth Group to help hospitals, healthcare clinics, and pharmacies that have gone more than two weeks without payments following the devastating ransomware attack on Change Healthcare, a UnitedHealth company. Meanwhile, notorious ransomware-as-a-service (RaaS) group BlackCat – also ... Read More
Facebook/Insta FAIL — ‘Anonymous Sudan’ has a Super Tuesday: ‘We Did It.’
Richi Jennings | | Anonymous, Anonymous Hacking Collective, Anonymous Sudan, API Authentication, API Authentication Errors, API Authorization, Application DDoS, application-layer DDoS attacks, Cloud DDoS, cloud outage, ddos, DDoS attack, DDoS attacks, Downtime and outages, facebook, Facebook accounts, facebook breach, facebook instagram hack, facebook login, Facebook outage, Instagram, Instagram outage, instagram vulnerability, Internet outage, internet outages, InternetOutage, Meta, Meta Networks, outage, Outage Investigation, outages, SB Blogwatch, Storm-1359, Stupidity of Instagram, Threads
Shooper Choosday: Was yesterday’s Meta outage outrage caused by a Russian DDoS? ... Read More