Tag: Cybersecurity
The root of the problem for dentists
In an exclusive interview with Cyber Intelligence, Tom Terrenez, the chief executive of Medix Dental IT, describes the cyber-threats currently overwhelming many US dental practices. His warnings concerning data can be equally applied to doctors’ surgeries, upmarket beauticians and hairdressers, and other small businesses that provide personal services.
Russian secret service steps up cyber-attacks on the West
Software giant Microsoft has made an urgent public announcement that the Russian secret service is currently sending thousands of weaponized spear-phishing emails to key individuals in over 100 organizations in countries including the US and the UK. According to Microsoft: “The emails were highly targeted, using social engineering lures relating to Microsoft, Amazon Web Services (AWS)… In some of the lures, the actor attempted to add credibility to their malicious messages by impersonating Microsoft employees.”
Can MSN’s new AI Copilot replace human workers?
In a matter of days, Microsoft will unveil the much-heralded new version of its Copilot software to a business world already severely disappointed by Big Tech’s initial AI offerings. It also comes hard on the heels of a stern warning from Gartner to organizations across all sectors that the cost of introducing artificial intelligence (AI) to the workplace could easily balloon by a staggering 500 -1,000 percent. But Microsoft’s current marketing push for its latest AI offering, a souped up version of its Copilot service, is rapidly gathering momentum, in spite of commercial AI’s dismal performance to date. Microsoft chief executive Satya Nadella is currently touring 39 cities around the world with new products and use cases for AI. He predicts that the performance of AI systems will double approximately every six months, and the AI revolution is about to be led by a souped-up version of the company’s existing Copilot software, part of the 365 package. "The question now is how do we transfer this to the real world…Think of Copilot as a user interface for AI," Nadella told an audience in Berlin.
AI-Enabled Drones: Navigating the New Frontier of Cyber C-UAS Defense
In the rapidly evolving landscape of cybersecurity, artificial intelligence (AI) has emerged as a transformative force, revolutionizing operational methodologies across various industries. This development is especially evident in the drone sector, where AI integration into unmanned aerial vehicles (UAVs) presents unprecedented opportunities alongside critical security challenges. As AI-enhanced drones are increasingly deployed across diverse sectors—from precision agriculture to military reconnaissance—their growing autonomy and intelligence introduce significant risks, making robust cybersecurity countermeasures essential.
Hackers infiltrate SEC’s X Account to Boost Bitcoin
A cybercriminal in Alabama, suspected of hacking into the US Securities and Exchange Commission’s (SEC’s) X account, has been arrested. He is accused of using the compromised account to post fake messages, causing the value of Bitcoin to boost by $1,000. Hacker Eric Council Jr, also known as “EasyMunny” and “AGiantSchnauzer,” was allegedly able to secure the credentials for the SEC’s X account through a method called “Sim Swapping.” The council created a fake ID using the stolen personal information of someone who had access to the X account. With the fake ID, he was able to purchase a SIM card linked to the victim’s phone in a cellphone provider store in Alabama, giving Council access to the victim’s personal information and log-in credentials.
Rocky start for Big Tech’s AI rollout
Companies are already becoming disenchanted with the initial rollout of Big Tech’s new artificial intelligence (AI) technology. Rapidly diminishing return on investment (ROI) and poor initial outcomes are forcing companies to rethink their earlier strategies, according to a new report from AI data services company, Appen. “As enterprises gain more AI experience, they are becoming more selective about which projects to pursue, and fewer initiatives are reaching deployment. Appen believes this trend is likely driven by diminishing ROI or the lack of significant outcomes,” says Appen. Gartner also recently issued a stern warning to organizations across all sectors that the cost of introducing artificial intelligence (AI) to the workplace could easily balloon by a staggering 500 -1,000 percent.
Big tech goes nuclear
America’s leading technology companies are now engaged in their own nuclear power race. Advertising and search giant Google has announced that it has signed the world’s first corporate agreement to purchase nuclear energy from multiple small modular reactors (SMR), to be developed by Kairos Power. By investing in its own nuclear energy facilities, Google has now joined the ranks of Amazon, Microsoft, and Oracle in investing heavily in nuclear facilities to power the rollout of new services based around their prematurely launched artificial intelligence (AI) services. According to a recent report from US Madison Avenue investment bankers, Jeffries: “If it feels like Graphics Processing Units (GPUs) are suddenly everywhere, it’s because they are. GPUs drive computation across a wide range of industries and applications, from big data analytics to machine learning [AI].”
Marriott to pay $52m fine for 300m customer data breaches
Marriott International has agreed to pay a $52 million fine for cyber-negligence resulting in data breaches affecting over 300 million of its customers worldwide, representing a fine of less than two cents per customer. The US Federal Trade Commission and attorney generals from 49 states ran parallel investigations into three data breaches which took place between 2014 and 2020. Cybercriminals were able to steal the passport information, payment card numbers, loyalty numbers, dates of birth, email addresses plus personal information from hundreds of millions of customers.
Feds Create Their Own Cryptocurrency for Sting Operation
The US Federal Bureau of Investigation (FBI) has created “NexFundAI”, a cryptocurrency created to further their investigation, “Operation Token Mirrors.” The FBI also announced that 18 individuals have been charged for market manipulation and “wash trading” -- the first of its kind in the cryptocurrency industry. The investigation, described as “a new twist to old-school financial crime”, garnered charges against cryptocurrency company leaders and employees from Texas, the UK, and Portugal, and over $25 million in seized cryptocurrency. NexFundAI enabled the FBI to monitor and track illicit activities conducted by cryptocurrency companies and financial service firms, or “market makers.”
US is top target for mobile cybercrime
The US is the top target for cyber-attacks focusing on mobile devices and those connected by the Internet of Things (IoT) plus the operational technology (OT) systems than run facilities such as power plants. According to cybersecurity firm Zscaler’s ThreatLabz 2024 Mobile, IoT, and OT Threat Report, mobile remains a top threat vector, with 111% growth in spyware and 29% growth in banking malware. Technology (18 percent), education (18 percent) and manufacturing (14 percent) continue to be the sectors most targeted by mobile malware. The education sector saw the most dramatic rise in blocked transactions, with a 136 percent increase on the previous year.
Cybercriminals crack MFA defenses
Cybercriminals are now using social engineering techniques developed to crack passwords to break through multi-factor authentication (MFA) defenses, such as sending a code to another device, such as the user’s smartphone. According to the UK’s National Cyber Security Centre (NCSC) report, Not all types of MFA are created equal...: “Attackers have realized that many of the same social engineering techniques that tricked us into handing over passwords can also be updated to overcome some methods of MFA. We’ve seen the success of attacks against MFA-protected accounts increasing over the past couple of years.”
Feds try to block N. Korea’s crypto-cash pipeline
The US Federal Bureau of Investigation (FBI) is conducting an ongoing investigation into the notorious North Korean cybercrime group Lazarus, formerly known as “God’s Apostles”. The group is alleged to have stolen over $800 million in virtual currency. Over the past decade, the Lazarus group has targeted entertainment companies, banks, and pharmaceutical companies both in the US and worldwide. One heist, in particular, is referenced in the court documents, where approximately $41 million worth of virtual money was allegedly stolen from the online casino platform Stake.com and laundered through VCM Sinbad. Sinbad has since been sanctioned by the US Treasury Department’s Office of Foreign Assets Control for its involvement in laundering money from the Stake.com heist, among others executed by Lazarus.