March 8, 2024 at 03:07PM QNAP has warned of vulnerabilities in its NAS software, including QTS, QuTS hero, QuTScloud, and myQNAPcloud, which could grant unauthorized access to devices. The flaws include an authentication bypass, command injection, and SQL injection, affecting various operating systems. Users are advised to upgrade to specific versions to address the vulnerabilities … Read more
March 8, 2024 at 12:57PM Change Healthcare, a subsidiary of United Health Group, is recovering from a BlackCat ransomware attack causing widespread disruptions to the US healthcare system. Electronic prescription systems are now back online, and payment transmission is available. However, the system’s full restoration is still in progress, with an interim solution managing 90% … Read more
March 7, 2024 at 05:33AM The U.S. Department of Justice indicted a Chinese national and California resident for stealing Google’s proprietary info and passing it to Chinese tech firms. Linwei Ding, a former Google engineer, siphoned over 500 confidential files on AI trade secrets. He concealed theft and faced a maximum 10-year prison sentence if … Read more
March 7, 2024 at 01:35AM Group-IB’s annual High Tech Crime Trends report revealed 225,000 stolen ChatGPT stealer logs were found for sale on the dark web between January and October 2023, with a 36% increase in the number of logs from June to October. This poses significant security risks for businesses, as compromised logins expose … Read more
March 6, 2024 at 10:39AM Sygnia’s prompt intervention prevented a potentially devastating ransomware attack on a company’s network by disconnecting it from the internet. The attackers, BlackCat, had penetrated the system through a compromised vendor. While some data was exfiltrated, encryption was thwarted, and the victim’s decisive action and Sygnia’s expertise proved pivotal in mitigating … Read more
March 6, 2024 at 05:15AM Material Security has launched Data Protection for Google Drive, enabling Google Workspace administrators to efficiently safeguard sensitive information and manage sharing permissions. With a powerful data platform, Material Security offers advanced scanning, access control, and automated remediation to address security risks without hindering productivity. Schedule a personal demo to see … Read more
March 5, 2024 at 02:31PM Nearly 30,000 Fidelity Investments Life Insurance customers’ personal and financial information was likely stolen by hackers who infiltrated Infosys’ IT systems. The breach may have compromised names, Social Security numbers, bank account details, and more, leaving individuals vulnerable to financial fraud and identity theft. The incident also affected Bank of … Read more
March 5, 2024 at 10:02AM Summary: Biometrics, though dating back to 1901, has significantly evolved with widespread use in public and private sectors. However, there are security risks, as shown by gaps in the US DoD’s biometrics data management. Enterprises also face data theft and privacy concerns, emphasizing the need for robust security policies and … Read more
March 4, 2024 at 08:41PM Cloudflare introduces “Firewall for AI,” offering Advanced Rate Limiting to prevent DDoS attacks and Sensitive Data Detection to protect against data leaks. The feature also allows customization of information disclosure, with plans to include prompt validation and offensive topic blocking. It applies to both public and private language models proxied … Read more
March 4, 2024 at 06:02PM A worm known as “Morris II” exploits generative AI (GenAI) apps to propagate malware, stealing information, spreading spam, and more. Israeli researchers demonstrated how adversarial self-replicating prompts can manipulate AI, infecting systems via email and images. This presents a new threat to AI security, similar to injection attacks in computing’s … Read more