November 19, 2024 at 06:35AM A new defensive system, Mantis, has been developed to counter cyberattacks by large-language models (LLMs). It uses deceptive techniques to mislead attackers, embedding prompt-injection commands within responses. Mantis has shown a success rate exceeding 95% in redirecting and thwarting LLM-based exploits using active and passive defense strategies. ### Meeting Takeaways … Read more
June 24, 2024 at 05:39AM Japan’s space agency, JAXA, has faced cyberattacks since late last year. The attacks did not compromise sensitive information about rockets, satellites, or national security. The agency has taken preventive measures and is collaborating with the government’s cybersecurity team to enhance its defenses. The attacks have not affected the Defense Ministry … Read more
June 5, 2024 at 05:51PM Cyber attackers exploited a zero-day vulnerability in TikTok to compromise high-profile accounts, including CNN’s. The app maker has confirmed the cyberattack and is working to secure accounts. The attack involved a specially crafted direct message, bypassing the need for the target to open a link. TikTok has faced previous security … Read more
March 28, 2024 at 06:30AM NHS Scotland contained a ransomware attack to a regional branch, preventing its spread across the institution. The INC Ransom group claimed responsibility, leaking sensitive patient and staff data. The Scottish Government is collaborating with law enforcement to assess the breach’s impact. Healthcare is a prime target for cybercriminals due to … Read more
February 25, 2024 at 11:08AM PayPal has filed a patent for a method to detect stolen “super-cookies,” aiming to enhance cookie-based authentication and prevent account takeover attacks. It deals with the risk of hackers using stolen cookies for unauthorized logins. The patent outlines a system to calculate fraud risk scores and manage authentication requests, ensuring … Read more
February 15, 2024 at 11:51AM Learn about the security risks of AI adoption and how to manage them effectively in Cloudflare’s webinar on 22 February at 4pm GMT/11am ET/8am PT. Tim Phillips and John Engates will discuss how to secure your use of AI, minimize vulnerabilities, and safeguard your AI initiatives. Sign up now for … Read more
February 8, 2024 at 12:54PM Tabletop exercises are a cost-effective method to assess an organization’s ability to defend and respond to cyberattacks. Based on the meeting notes, the key takeaway is that tabletop exercises are an effective and affordable method for testing an organization’s defense and response capabilities to cyberattacks. Full Article
January 30, 2024 at 01:07AM Keenan & Associates, a California-based insurance brokerage and consulting firm under AssuredPartners NL, notified the Office of the Maine Attorney General of a data breach impacting 1.5 million customers. Hackers accessed personal information, including sensitive details like SSN and health information. The company is taking measures to enhance security and … Read more
January 9, 2024 at 10:05AM The text discusses the concept of security theater in cybersecurity, criticizing the superficial measures and controls implemented by organizations. It highlights the detrimental effects of security theater and provides recommendations to shift focus towards proactive risk mitigation, including conducting risk assessments, prioritizing security enhancements, and implementing cyberattack prevention strategies. Key … Read more
December 29, 2023 at 01:06AM Microsoft has disabled the ms-appinstaller protocol handler by default due to abuse by threat actors distributing malware. Malicious MSIX application packages are used to deliver ransomware via Microsoft Teams or fake advertisements. Multiple financially motivated hacking groups have exploited the App Installer service. This is not the first time Microsoft … Read more