Aggregator

Как активная позиция провоцирует соперника на нарушение прав человека.

SOC最多的障碍是缺乏自动化和编排。

Технология использует лазер для передачи данных с самолета на космическую станцию.

Synnovis has rebuilt “substantial parts” of its systems following the Qilin ransomware attack on June 3, enabling the restoration of core blood supplies to NHS hospitals

This post first appeared on blog.netwrix.com and was written by Jonathan Blackwell.
Your organization deals with various forms of sensitive information. It could be company secrets, customer data, or proprietary research — whatever the case, security should be your top priority.  This is especially true given the heightened security concerns worldwide, with malicious actors targeting businesses everywhere. As such, you must protect your business’s interests and comply … Continued

Страховые компании не смогут покрыть и пятой части нанесённого ущерба.

CrowdStrike has acknowledged the claims by the USDoD hacktivist group, which has provided a link to download the alleged threat actor list on a cybercrime forum

Outlining the wider organization's proactive role in fortifying the security program allows the security team to focus on the most pressing issues that only they can solve.

強くなれる理由知った、僕を連れて進め！

Масштабная проблема цепочек поставок затрагивает 813 UEFI-продуктов.

“Out of sight, out of mind” might be a charming notion when it comes to dealing with household chores, but when IT professionals are attempting to ensure unified-communications-as-a-service (UCaaS) tools at remote sites are operating flawlessly, lack of observability can flat-out ruin your day. As businesses...

Intel works closely with academic researchers on hardware flaws and coordinates efforts with other vendors to roll out fixes for emerging vulnerabilities. That wasn't always the case.

NCSC publishes free e-learning to help organisations manage the cyber security risks across their supply chains.

Взлом производителя шпионского ПО раскрыл масштабную шпионскую кампанию по всему миру.

A Spanish-speaking cybercrime group named GXC Team has been observed bundling phishing kits with malicious Android applications, taking malware-as-a-service (MaaS) offerings to the next level. Singaporean cybersecurity company Group-IB, which has been tracking the e-crime actor since January 2023, described the crimeware solution as a "sophisticated AI-powered phishing-as-a-service platform"

Cyber threat actors are exploiting the CrowdStrike Falcon outage to conduct social engineering attacks. Here's what the CIS CTI team has seen.

本文将以具体案例分析带大家了解区块链黑暗森林的网络钓鱼领域。

Check out a CISA-FBI advisory about North Korean cyber espionage on critical infrastructure orgs. Plus, what Europol found about the use of AI for cybercrime. Meanwhile, the risk concerns that healthcare leaders have about generative AI. And a poll on water plant cybersecurity. And much more!

Dive into six things that are top of mind for the week ending July 26.

1 - CISA, FBI warn about North Korea’s cyber spying

North Korea is engaged in a global cyber espionage campaign targeting critical infrastructure organizations, especially those involved with the defense, aerospace and nuclear sectors.

That’s the warning issued this week by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI and law enforcement agencies from the U.S., South Korea and the U.K.

CISA and the FBI recommend that all critical infrastructure organizations review the joint advisory, titled “North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs,” and implement its mitigation recommendations.

Via a group called Andariel, North Korea is trying to steal confidential technical information in order to advance the goals of its military and nuclear programs. Andariel is focused on the U.S., South Korea, the U.K., Japan and India, although its cyber espionage scope is global.

The joint advisory details Andariel’s tactics, techniques and procedures, such as exploiting known vulnerabilities in web servers and deploying web shells to access sensitive information and applications.

Recommended mitigation strategies include:

• Patch vulnerabilities on a timely manner
• Protect web servers from web shells
• Monitor endpoints to detect malicious activity
• Boost authentication and remote access security

Andariel, also known as Onyx Sleet, initially carried out destructive attacks against U.S. and South Korean organizations but now focuses on cyber espionage and ransomware operations. It funds its activities via ransomware attacks against U.S. healthcare organizations.

To get more details, check out:

• CISA’s announcement “FBI, CISA, and Partners Release Advisory Highlighting North Korean Cyber Espionage Activity”
• The joint advisory “North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs.”

For more information about cyberthreats from North Korea:

• “Exclusive: UN experts investigate 58 cyberattacks worth $3 bln by North Korea” (Reuters)
• “U.S. charges North Korean man with cyberattacks on NASA” (Washington Post)
• “North Korea hacking teams hack South Korea defence contractors” (Reuters)
• “North Korea hacked South Korea chip equipment makers, Seoul says” (BBC)

2 - Europol: AI use by cybercriminals on the rise in the EU

Cybercrime in the European Union grew steadily last year, helped in part by criminals’ growing use of artificial intelligence (AI), according to Europol’s “Internet Organised Crime Threat Assessment (IOCTA) 2024” report.

“Cybercriminals are keen to leverage AI, which is already becoming a common component in their toolbox and is very likely to see even wider application,” reads the report, which was released this week.

 

 

Not only are cybercrooks abusing legitimate large language models (LLMs), but they have access to a growing number of malicious LLMs designed specifically for cybercriminal activities, such as phishing.

“There is increased marketing of AI tools and services on the dark web,” the report reads.

To get more details, read the “Internet Organised Crime Threat Assessment (IOCTA) 2024” report.

For more information about the use of AI for cyberattacks:

• “FBI Warns of Increasing Threat of Cyber Criminals Utilizing Artificial Intelligence” (FBI)
• “Cybercriminals are creating their own AI chatbots to support hacking and scam users” (The Conversation)
• “AI advances risk facilitating cyber crime, top US officials say” (Reuters)
• “Cyber Criminals Are Getting Faster--and Generative AI Could Make Their Work Easier” (Inc)

3 - An ad-hoc Tenable poll on the cybersecurity of water plants

During our recent webinar “Safeguarding Your Water Utility,” we took the opportunity to poll attendees about their strategies for protecting these critical infrastructure facilities from cyberattacks. Check out what they said about their biggest challenges and concerns.

(24 webinar attendees polled by Tenable, July 2024)

(18 webinar attendees polled by Tenable, July 2024)

(24 webinar attendees polled by Tenable, July 2024)

Want to learn more about cybersecurity for water utilities? Watch the on-demand webinar “Safeguarding Your Water Utility,” which covers water-sector cyberthreats, regulation, legislation, funding opportunities, best practices for cyber resilience and more.

For more information about the cybersecurity of water and wastewater plants:

• “Shoring Up Water Security: Industry Leaders Testify Before Congress” (Tenable)
• “EPA Cybersecurity for the Water Sector” (Environmental Protection Agency)
• “US officials find weak security practices at water plants breached by pro-Russia hackers” (CNN)
• “More than 70% of surveyed water systems failed to meet EPA cyber standards” (NextGov)

VIDEO

Tenable Homeland Security Testimony 2024: CISA funding for OT security and water sector

4 - Report: Risk is top obstacle to GenAI adoption in healthcare

Concerns about privacy, information accuracy, regulation compliance, biased analysis and other risks ranked as the top challenge healthcare organizations face when considering the adoption of generative AI.

That’s according to the report “Generative AI in healthcare: Adoption trends and what’s next” from McKinsey, which surveyed 100 leaders in payer, provider and healthcare services and technology (HST) organizations.

“Risk concerns and considerations top the list of scale-up challenges faced by surveyed leaders, regardless of whether they work at a payer, provider, or HST company,” reads the report.

Fueling risk concerns are generative AI’s lack of a track record, its investment requirements and uncertainty regarding regulations.

To reap the benefits generative AI promises without running afoul of regulations or compromising safety, healthcare organizations need to establish “governance processes, frameworks and guardrails” to proactively address and mitigate risks, according to McKinsey.

For more information about AI risk and opportunity in healthcare:

• “Artificial intelligence and cybersecurity in healthcare” (International Hospital Federation)
• “Evaluating the Impact of AI in Healthcare Cybersecurity” (American Hospital Association)
• “How the Executive Order on AI Will Impact Healthcare Cybersecurity” (TechTarget)
• “AI, deepfakes and other cybersecurity threats facing hospitals” (Chief Healthcare Executive)

5 - Tenable’s insights on global IT outage

Check out some thoughts from Tenable’s CEO and CSO about last week’s unprecedented IT outage, which was caused by a faulty software update. 

In these interviews with CNBC and CNN, Tenable CEO Amit Yoran explains why organizations should focus on the diversity of their IT systems amidst the fallout from the massive outage. 

 

 

You can also catch more comments from Yoran in the Wall Street Journal article “Blue Screens Everywhere Are Latest Tech Woe for Microsoft.”

Meanwhile, in his blog “Tenable’s Software Update Process Protects Customers’ Business Continuity with a Safe, Do-No-Harm Design,” Tenable CSO Robert Huber outlines how our comprehensive approach to the software development lifecycle (SDLC) allows us to produce extremely high-quality software and protect our customers’ business operations.

6 - U.S. Health Department unveils tech-focused reorg

The U.S. Department of Health and Human Services (HHS) this week rolled out a reorganization aimed at improving tech operations, including cybersecurity, data management and AI.

The revamping involves consolidating under two HHS groups all the tech functions that until now have been handled by three groups. 

One of the new consolidated groups will establish the Office of the Chief Technology Officer and reinstitute the CTO role. The CTO will oversee data and AI strategy and policy. 

Directly reporting to the CTO will be the Chief AI Officer, the Chief Data Officer and a new Office of Digital Services.

“Cybersecurity, data, and AI are some of the most pressing issues facing the healthcare space today,” HHS Secretary Xavier Becerra said in a statement.

Responsibilities of the Chief AI Officer include:

• Setting AI policy and strategy
• Implementing governance, policy and risk management for AI use
• Support safe and appropriate AI use

Одна из старейших и самых активных групп получила «золотой статус» в киберпреступном мире.