BankInfoSecurity.com

Inquiry Launched to Determine the Company's Compliance With GDPR
The Irish data regulator launched an investigation to determine Google's compliance with a European privacy law when it was developing its PaLM 2 artificial intelligence model. Google launched the multilingual generative AI model last year.

Over-Deployment of Tools Raises Security and Operational Concerns
Excessive deployment of remote access tools in operational technology environments expands attack surfaces and creates operational challenges, warn security researchers from Claroty. Remote access tools are essential, but they introduce numerous potential vulnerabilities that threat actors exploit.

Biden Administration Hits Russian Media With More Sanctions for Covert Operations
The U.S. Department of State announced additional sanctions Friday against the Kremlin news outlet RT after officials received new information from employees of the organization that revealed how it has become a key component in the Russian military machine.

Series C Funds to Fuel AI Research, Government Sector Investment and Global Growth
Strider Technologies has raised $55 million in a Series C funding round to strengthen its AI capabilities and fuel global expansion efforts. The money will enhance the company’s AI-driven insights, support business with government agencies, and fuel international expansion in Europe and Asia.

Also: Critical WHOIS Vulnerability Exposes Internet Security Flaw in .mobi Domains
This week, cyberthreats rising in Mexico; FBI warned of BEC scams; U.K. police arrested hacking suspect; Avis, Slim CD, Medicare and Fortinet disclosed breaches; Highline public schools reopened after cyberattack; a critical flaw was found in WHOIS; and Konni upped attacks on Russia, South Korea.

British Government Says Data Centers Are 'Essential for Functioning of Society'
The U.K. government on Thursday designated data centers as part of its critical national infrastructure in a move intended to prevent the loss of sensitive user data during disruptive cyberattacks. A newly announced data center security team will monitor and anticipate potential cyberthreats.

New Report Warns of Continued Delays and Deficiencies in Federal GPS Modernization
The Space Force is suffering from years of delays, setbacks and shortcomings in its Global Positioning System modernization program, according to a Government Accountability Office report, which found major deficiencies and testing issues that could hinder the United States competitiveness in space.

Company Focused on Safe Deployment Practices, Reducing Kernel Mode Dependencies
Cutting kernel mode dependencies and adopting safe deployment practices will make endpoint systems more resilient and secure for Windows customers. Tuesday's meeting came two months after a faulty CrowdStrike update disrupted 8.5 million Windows machines and caused $5.4 billion in direct losses.

More Competition, Ownership Turnover Among Peers Create an Appealing Time to Sell
Hellman & Friedman has met with several investments banks in recent weeks and will choose one to run the sale process for Paramus, New Jersey-based Checkmarx, in which it hopes to get at least $2.5 billion, Calcalist reported. The private equity firm bought Checkmarx for $1.15 billion in April 2020.

Cyber Researcher Reported Findings to Virtual Care Provider; Data Now Secured
An AI-powered virtual care provider's unsecured database allegedly exposed thousands of sensitive mental health and substance abuse treatment records between patients and their counselors on the internet - where they were available to anyone, said the security researcher who discovered the trove.

Report: North Korean, Russian, Chinese, Iranian Actors Are Targeting Research Orgs
Russian state hackers are targeting think tanks studying strategic interests and the defense sector, warned the French cyber agency. A hacking group that officially is Unit 26165 of the Russian Main Intelligence Directorate appears to be Russia's most prolific targeter of think tanks.

NoName Specializes in Long-Tail Exploits
Up-and-coming online criminal extortion group RansomHub appears to have a new affiliate - NoName, a midtier actor whose main claim to fame so far has been impersonating the LockBit ransomware-as-a-service operation. NoName is known for exploiting years-old vulnerabilities.

State Officials, Security Experts Warn of Increased Cyberthreats Ahead of Vote
Election security experts told Information Security Media Group the United States continues to lack adequate federal funding and resources to support state and local election information technology security efforts amid heightened global tensions and an ever-expanding threat landscape.

PureID Passwordless Authentication Tool Will Boost ColorTokens Microsegmentation
ColorTokens purchased PureID, expanding its zero trust framework with identity-based segmentation for cloud and hybrid environments. The acquisition focuses on securing cloud applications, microservices and APIs through advanced identity-based authentication.

New Tool Uses 40 Indicators to Provide In-Depth Diagnostic Analysis, Officials Say
Commerce Secretary Gina Raimondo unveiled a new data tool Tuesday called Scale. It assesses a wide range of factors affecting supply chains to provide a detailed analysis of potential risks and challenges, from labor shortages to climate challenges and geopolitical tensions.

Agencies Sign Agreement to Boost Cooperation, Share Cyberthreat Information
The British data protection authority and national law enforcement agency signed onto a cyber risk information-swapping agreement. The National Crime Agency and the Information Commissioner's Office will share cyberthreat assessments and information about incidents.

RAM-Based Radio Signal Attack Allows Attackers to Exfiltrate Data
A novel side-channel attack exploits radio signals emitted by random access memory in air-gapped computers, presenting a new threat to highly secure networks. One of the most effective ways to mitigate the risk is to cover sensitive machines with Faraday shielding.