Latest CyberSec News by @thecyberpicker

Latest CyberSec News by @thecyberpicker

30533 bookmarks
Custom sorting
MY TAKE: Microsoft owns AI jailbreak risk — Google, Meta, Amazon, OpenAI look the other way
MY TAKE: Microsoft owns AI jailbreak risk — Google, Meta, Amazon, OpenAI look the other way
Last week at Microsoft Build, Azure CTO Mark Russinovich made headlines by telling the truth. Related: A basis for AI optimism In a rare moment of public candor from a Big Tech executive, Russinovich warned that current AI architectures—particularly autoregressive transformers—have structural limitations we won’t engineer our way past. And more than that, he acknowledged
·lastwatchdog.com·
MY TAKE: Microsoft owns AI jailbreak risk — Google, Meta, Amazon, OpenAI look the other way
WhatsApp to start targeting you with ads
WhatsApp to start targeting you with ads
WhatsApp has announced it will start showing its users targeted ads. Will this be yet another Meta "Pay or OK" choice?
·malwarebytes.com·
WhatsApp to start targeting you with ads
Scattered Spider hackers targeting insurance industry following retail hits, Google warns
Scattered Spider hackers targeting insurance industry following retail hits, Google warns
Security analysts at Google’s Threat Intelligence Group published a warning this week to insurance companies, writing that it is “now aware of multiple intrusions in the US which bear all the hallmarks of Scattered Spider activity.”
·therecord.media·
Scattered Spider hackers targeting insurance industry following retail hits, Google warns
Pro-Cambodian hacktivists launch attacks on Thai government sites amid border dispute
Pro-Cambodian hacktivists launch attacks on Thai government sites amid border dispute
The AnonsecKh group, which goes by Bl4ckCyb3r on Telegram, claimed at least 73 attacks on Thai organizations in the two weeks following a May 28 incident in which a Cambodian soldier was killed in a skirmish with Thai forces.
·therecord.media·
Pro-Cambodian hacktivists launch attacks on Thai government sites amid border dispute
Instagram 'BMO' ads use AI deepfakes to scam banking customers
Instagram 'BMO' ads use AI deepfakes to scam banking customers
Instagram ads impersonating financial institutions like Bank of Montreal (BMO) and EQ Bank (Equitable Bank) are being used to target Canadian consumers with phishing scams and investment fraud. Some ads use AI-powered deepfake videos in an attempt to collect your personal information, while others drive traffic to phishing pages.
·bleepingcomputer.com·
Instagram 'BMO' ads use AI deepfakes to scam banking customers
Des hackers pro-israéliens assurent avoir paralysé une des plus grandes banques d’Iran
Des hackers pro-israéliens assurent avoir paralysé une des plus grandes banques d’Iran
Un groupe de hackers, supposément lié à Israël, revendique une cyberattaque majeure contre la banque Sepah, institution clé du système financier iranien. Ils assurent avoir « détruit toutes les données » de la banque. Le groupe de hackers Gonjeshke Darande, également connu sous le nom de « Predatory Sparrow », a
·numerama.com·
Des hackers pro-israéliens assurent avoir paralysé une des plus grandes banques d’Iran
New Veeam RCE flaw lets domain users hack backup servers
New Veeam RCE flaw lets domain users hack backup servers
​Veeam has released security updates today to fix several Veeam Backup & Replication (VBR) flaws, including a critical remote code execution (RCE) vulnerability.
·bleepingcomputer.com·
New Veeam RCE flaw lets domain users hack backup servers
FTC reminds car dealers to protect customer data
FTC reminds car dealers to protect customer data
The commission described how recently updated federal regulations affect dealerships — and their vendors.
·cybersecuritydive.com·
FTC reminds car dealers to protect customer data
UK fines 23andMe for ‘profoundly damaging’ breach exposing genetics data
UK fines 23andMe for ‘profoundly damaging’ breach exposing genetics data
The UK Information Commissioner's Office (ICO) has fined genetic testing provider 23andMe £2.31 million ($3.12 million) over 'serious security failings' that led to a 'profoundly damaging' data breach in 2023.
·bleepingcomputer.com·
UK fines 23andMe for ‘profoundly damaging’ breach exposing genetics data
Sitecore CMS exploit chain starts with hardcoded 'b' password
Sitecore CMS exploit chain starts with hardcoded 'b' password
A chain of Sitecore Experience Platform (XP) vulnerabilities allows attackers to perform remote code execution (RCE) without authentication to breach and hijack servers.
·bleepingcomputer.com·
Sitecore CMS exploit chain starts with hardcoded 'b' password
Hacker steals 1 million Cock.li user records in webmail data breach
Hacker steals 1 million Cock.li user records in webmail data breach
Email hosting provider Cock.li has confirmed it suffered a data breach after threat actors exploited flaws in its now-retired Roundcube webmail platform to steal over a million user records.
·bleepingcomputer.com·
Hacker steals 1 million Cock.li user records in webmail data breach
Why Do I Have to Fill Out a CAIQ Before STAR Level 2? | CSA
Why Do I Have to Fill Out a CAIQ Before STAR Level 2? | CSA
Completing the CAIQ self-assessment is a prerequisite for pursuing CSA STAR Level 2. This requirement strengthens the overall assurance of cloud providers.
·cloudsecurityalliance.org·
Why Do I Have to Fill Out a CAIQ Before STAR Level 2? | CSA
How to automate IT ticket handling with AI and Tines
How to automate IT ticket handling with AI and Tines
Tired of drowning in IT tickets? This AI-powered workflow built on Tines auto-triages common issues like known bugs & password resets—saving time for your team and speeding up resolution. Learn more about Tines and get a free account now.
·bleepingcomputer.com·
How to automate IT ticket handling with AI and Tines
Federal cyber insurance backstop should be tied to expiring terrorism insurance law, report recommends | CyberScoop
Federal cyber insurance backstop should be tied to expiring terrorism insurance law, report recommends | CyberScoop
Congress should use renewal of an expiring terrorism insurance program to create a federal backstop for cybersecurity insurance, according to a report out Tuesday that tries to thread many difficult needles to bolster an industry that its author says isn’t developing fast enough. In an ideal world, cybersecurity insurance can be a valuable tool to […]
·cyberscoop.com·
Federal cyber insurance backstop should be tied to expiring terrorism insurance law, report recommends | CyberScoop
Taiwan Hit by Sophisticated Phishing Campaign
Taiwan Hit by Sophisticated Phishing Campaign
Phishing campaign targeting Taiwan has been identified, using tax-themed emails and malware like Winos and HoldingHands
·infosecurity-magazine.com·
Taiwan Hit by Sophisticated Phishing Campaign