Friend or Foe? AI’s Complicated Role in Cybersecurity
The mad dash to the cloud a few years back left many organizations scrambling to understand the true implications of this technological shift. Fueled by promises of scalability and cost savings, many companies jumped on board without fully comprehending key details. For example, many were asking how secure their data was in the cloud, who…
Groups Ask HHS for Guidance on Massive Change Breach Reports
Two weeks ago, Change Healthcare began notifying thousands of medical practices about a massive data breach affecting millions of patients. The healthcare software firm says it will handle breach notifications, but industry groups want to guarantee the government will go along with that plan. If not, the groups fear that small medical practices, hospitals and…
Bogus: LockBit’s Claimed Federal Reserve Ransomware Hit
More reasons to beware breathless reporting about a ransomware group’s latest supposed victim: LockBit’s claim to have breached the U.S. Federal Reserve Bank. The Fed, based in Washington, is America’s central bank. It works with 12 regional Fed banks. If any aspect of that system fell victim to ransomware-wielding groups – or had data exfiltrated,…
European Union Sanctions Russian State Hackers
The European Union sanctioned four Russian domestic intelligence agency hackers including two military officers who participated in what researchers have described as “hack and leak” operations against Western governments. The two officers are part of a Federal Security Service hacking group known as Callisto Group and Coldriver and formerly tracked by Microsoft as Seaborgium. The…
Biden Administration Bans Kaspersky Antivirus Software
The U.S. federal government is banning Russian cybersecurity firm Kaspersky Labs from selling antivirus software in the United States, officials announced Thursday, citing significant national security risks. Department of Commerce officials urged current Kaspersky customers to “immediately find alternatives” after an investigation determined that Russian state hackers could turn the cybersecurity software against their users….
Popular Chatbots Spout Russian Misinformation, Finds Study
Popular artificial intelligence chatbots are rife with Russian disinformation, warns NewsGuard, the rating system for news and information websites. Researchers at NewsGuard entered prompts into 10 chatbots, including OpenAI’s ChatGPT-4, Elon Musk’s Grok and Mistral and found that about one-third of the responses contained disinformation culled from a network of fake local news sites and…
Blackbaud Fined $6.75M After 2020 Ransomware Attack
Blackbaud, a South Carolina-based software company, has been ordered by the California Attorney General’s Office to pay $6.75 million to settle a ransomware attack that took place in May 2020. The attack occurred due to poor security practices, the AG’s office said. After Blackbaud revealed that the threat actors compromised unencrypted Social Security numbers, bank…
NHS Ransomware Hack: 1,500 Medical Appointments Rescheduled
The ransomware attack on a key U.K. National Health Service IT vendor has forced two London hospitals to reschedule around 1,500 medical appointments including critical cancer treatments and organ transplant surgeries. The June 3 attack is disrupting operations at NHS King’s College and Guy’s and St. Thomas’ in London. Attackers compromised servers of Synovia, the…
Visual Studio Code Has a Malicious Extension Problem
Cybersecurity researchers said an experiment in developing a fake, malicious extension for the world’s most popular integrated development environment succeeded beyond their wildest expectations. Researchers Amit Assaraf, Itay Kruk, and Idan Dardikman uploaded an extension to Microsoft source code editing platform Visual Studio Code masquerading as “Dracula Official,” a color theme that records nearly 7.2…
Criminals, too, see productivity gains from AI
Cyber criminals are beginning to use artificial intelligence to make their operations more effective — and their use goes way beyond creating better bait for phishing. Just as in legitimate business, discussions about AI among criminals have accelerated this year compared to 2023, researchers from cybersecurity group Intel 471 reported in a new study published…
