Tag: Cybersecurity
Cyber Consultant Claims Universities are More Vulnerable to Cyber Attacks – April 8th
Highlighting the severity of the University of Winnipeg data breach, Cybersecurity consultant Kathy Knight asserts that the education sector is one of the most vulnerable to cyber attacks, potentially leading to significant data loss and privacy breaches. “The thing about universities is they’re very big, complex institutions … and they collect a lot of information and data that is very attractive to cyber criminals. So that puts them really, at the top of the list, in terms of attack targets,” she said.
Cyber-attackers try to divert a commercial flight
Airline security has just entered a new era with the news that on Saturday, cybercriminals hacked the communications network on a commercial flight and tried to divert the plane to a fake destination, putting it in the hands of the gang. On Sunday, EL AL Israel Airlines confirmed the attack on one of its planes. During the attack, instructions were given to the El Al crew that differed from their set route, alerting them to the possibility that terrorists were planning to crash the plane or that their attackers were planning a kidnapping. However, despite the nationality of the airline concerned, the motive behind hacking into the airline’s communications is thought not to have been primarily political. Although the attack took place over an area where Iran-backed Houthis are known to be active, it is believed that the hackers are most likely based in Somaliland, which last month signed a controversial territorial agreement with neighboring Ethiopia.
Visa’s Warning on RAT Campaign Targeting Financial Orgs – April 5th
Visa released an alert on the 'JsOutProx' remote access trojan (RAT) malware phishing campaign which targets financial institutions and customers. The JSOutProx malware linked to the 'Solar Spider' threat actor delivers a RAT that could steal sensitive data, establish a C2 connection, and extract Outlook information, among others.
55% of Organizations Plan to Use AI to Enhance Security – April 4th
According to a report released by the Cloud Security Alliance and Google Cloud, 55% of all organizations plan to use AI to boost security by 2025. The "State of AI and Security Survey Report," also found that 67% of organizations already tested and are pleased with AI-backed security capabilities.
Cisco bets the farm on Splunk
Cisco’s US$28 billion acquisition of cybersecurity firm Splunk is the largest acquisition in the networking giant’s history. It is now being seen as a clear signpost for the future value of cybersecurity companies worldwide. The price paid for the 20-year-old San Francisco company represented over 12 percent of Cisco’s US$198 billion market capitalization. The $28 billion acquisition was closed within only six months, at a time when many large mergers are being blocked or delayed by regulators. “We will revolutionize the way our customers leverage data to connect and protect every aspect of their organization as we help power and protect the AI revolution,” said Cisco CEO Chuck Robbins.
Mid-Market Companies Invest 285% More in Cybersecurity – April 3rd
Corsica Technologies released a study that revealed mid-market companies invest 285% more in cybersecurity-managed services and sales growth. The study also revealed that 74% identified legacy software, and 52% found data integration to be a couple of the main challenges faced by midmarket companies.
OpenAI’s voice cloning raises security concerns
OpenAI, the maker of Microsoft-backed consumer-facing artificial intelligence (AI) service ChatGPT, may have scored something of an own-goal with the unveiling of Voice Engine, billed as “a model for creating custom voices”. While OpenAI’s blog on Friday highlights the legitimate use of voice cloning, sometimes referred to as ‘deepfake voice’, such as providing reading assistance to non-readers and children, its widespread availability could soon metamorphose into a cybersecurity nightmare. Deepfake voice and video software are already being used by cybercriminals to mimic the voices of senior executives to commit financial fraud and other crimes. But the widespread availability and marketing of deepfake voice software is now set to make cybercrime a virtual cottage industry where any number can play. It will open the floodgates to a whole new generation of cybercriminals, terrorists, pranksters, and disgruntled employees.
Google to Remove Billions of Personal Data to Settle Privacy Case – April 2nd
Google agreed to remove billions of personal records amid the previously announced lawsuit, accusing the tech giant of illegal surveillance. The personal records belong to approximately 136 million Google Chrome users. To add to the settlement, Google will add more disclosures of the terms for their 'incognito mode' feature.
Millions of AT&T Data at Risk from Data Breach – April 1st
AT&T sent out a mass announcement to its customers, informing them that a dataset containing sensitive data from 7.6M current users and 65.4M former users is for sale on the dark web. To mitigate the breach, AT&T reset the passcodes of all its current users and will constantly communicate with customers to further protect accounts.
‘INC Ransom’ Group Threatens to Release NHS Data – March 28th
The 'INC Ransom' ransomware group publicly threatened to release three terabytes of NHS Scotland sensitive patient and staff data, after publishing a smaller sample size proving the viability of the threat. NHS Dumfries and Galloway's efforts to prevent the attack from being repeated are underway in collaboration with Police Scotland and the National Cyber Security Centre (NCSC).
Tough Times ahead for Apple
These are troubled times for Silicon Valley tech giant, Apple. Hard on the heels of the US Justice Department suing Apple for monopolizing the smartphone market comes news of a major security flaw in Apple M-series chips (M1, M2, and M3). The US Justice Department appears determined to call time on Apple’s long-standing domination of the smartphone market. It holds that “Apple’s broad-based, exclusionary conduct” makes it harder for Americans to switch smartphones. Apple also stands accused of undermining innovation for apps, products, and services, and imposing extraordinary costs on developers, businesses, as well as on consumers.
Facebook’s “Project Ghostbusters” Discovered to Spy on Snapchat Traffic – March 27th
A federal court in California earlier this week released documents that revealed Facebook's 2016 "Project Ghostbusters" campaign. The campaign was designed to mine Snapchat user data to understand their behavior better. The project was a part of Facebook's In-App Action Panel (IAPP) program, which used techniques to intercept and decrypt encrypted app traffic from Snapchat and, later, from YouTube and Amazon.