MY TAKE: Microsoft owns AI jailbreak risk — Google, Meta, Amazon, OpenAI look the other way
Last week at Microsoft Build, Azure CTO Mark Russinovich made headlines by telling the truth. Related: A basis for AI optimism In a rare moment of public candor from a Big Tech executive, Russinovich warned that current AI architectures—particularly autoregressive transformers—have structural limitations we won’t engineer our way past. And more than that, he acknowledged
Scattered Spider hackers targeting insurance industry following retail hits, Google warns
Security analysts at Google’s Threat Intelligence Group published a warning this week to insurance companies, writing that it is “now aware of multiple intrusions in the US which bear all the hallmarks of Scattered Spider activity.”
Pro-Cambodian hacktivists launch attacks on Thai government sites amid border dispute
The AnonsecKh group, which goes by Bl4ckCyb3r on Telegram, claimed at least 73 attacks on Thai organizations in the two weeks following a May 28 incident in which a Cambodian soldier was killed in a skirmish with Thai forces.
Instagram 'BMO' ads use AI deepfakes to scam banking customers
Instagram ads impersonating financial institutions like Bank of Montreal (BMO) and EQ Bank (Equitable Bank) are being used to target Canadian consumers with phishing scams and investment fraud.
Some ads use AI-powered deepfake videos in an attempt to collect your personal information, while others drive traffic to phishing pages.
Des hackers pro-israéliens assurent avoir paralysé une des plus grandes banques d’Iran
Un groupe de hackers, supposément lié à Israël, revendique une cyberattaque majeure contre la banque Sepah, institution clé du système financier iranien. Ils assurent avoir « détruit toutes les données » de la banque. Le groupe de hackers Gonjeshke Darande, également connu sous le nom de « Predatory Sparrow », a
Cyber experts call for supercharging volunteer network to protect community organizations | CyberScoop
To defend “target rich, resource poor” critical infrastructure from cyberattacks, the U.S. must expand its patchwork volunteer system, a new report concludes.
New Veeam RCE flaw lets domain users hack backup servers
Veeam has released security updates today to fix several Veeam Backup & Replication (VBR) flaws, including a critical remote code execution (RCE) vulnerability.
UK fines 23andMe for ‘profoundly damaging’ breach exposing genetics data
The UK Information Commissioner's Office (ICO) has fined genetic testing provider 23andMe £2.31 million ($3.12 million) over 'serious security failings' that led to a 'profoundly damaging' data breach in 2023.
Sitecore CMS exploit chain starts with hardcoded 'b' password
A chain of Sitecore Experience Platform (XP) vulnerabilities allows attackers to perform remote code execution (RCE) without authentication to breach and hijack servers.
Russia detects first SuperCard malware attacks skimming bank data via NFC
Malware detected previously in Italy has popped up in Russia, researchers said. Attackers use it to access devices' near field communications (NFC) and steal payment card data.
Hacker steals 1 million Cock.li user records in webmail data breach
Email hosting provider Cock.li has confirmed it suffered a data breach after threat actors exploited flaws in its now-retired Roundcube webmail platform to steal over a million user records.
Why Do I Have to Fill Out a CAIQ Before STAR Level 2? | CSA
Completing the CAIQ self-assessment is a prerequisite for pursuing CSA STAR Level 2. This requirement strengthens the overall assurance of cloud providers.
How to automate IT ticket handling with AI and Tines
Tired of drowning in IT tickets? This AI-powered workflow built on Tines auto-triages common issues like known bugs & password resets—saving time for your team and speeding up resolution. Learn more about Tines and get a free account now.
Federal cyber insurance backstop should be tied to expiring terrorism insurance law, report recommends | CyberScoop
Congress should use renewal of an expiring terrorism insurance program to create a federal backstop for cybersecurity insurance, according to a report out Tuesday that tries to thread many difficult needles to bolster an industry that its author says isn’t developing fast enough. In an ideal world, cybersecurity insurance can be a valuable tool to […]