Akamai CTO Robert Blumofe, ET CISO Generative artificial intelligence is a superweapon in the hands of cyber threat actors and it is critical for enterprises to integrate safeguards into their LLM-driven chatbots, a leading cybersecurity expert has warned. Over the past decade or so, the cyber threat landscape has moved from attacks by relatively unsophisticated hacktivists who wished to make ...

Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms https://firewall.firm.in/wp-content/uploads/2024/09/hacking.png Sep 19, 2024Ravie LakshmananCyber Attack / Hacking Threat actors have been observed targeting the construction sector by infiltrating the FOUNDATION Accounting Software, according to new findings from Huntress. “Attackers have been observed brute-forcing the software at scale, and gaining access simply by using the product’s default credentials,” the ...

Meta and Spotify blast EU decisions on AI – ET CISO https://etimg.etb2bimg.com/thumb/msid-113480108,imgsize-71884,width-1200,height=765,overlay-etciso/grc/meta-and-spotify-blast-eu-decisions-on-ai.jpg Paris: A group of companies including Meta and Spotify blasted the European Union Thursday for its “fragmented and inconsistent” decision-making on data privacy and artificial intelligence (AI). The firms along with several researchers and industry bodies signed an open letter claiming that Europe was already becoming less competitive ...

UN advisory body makes seven recommendations for governing AI, ET CISO An artificial-intelligence advisory body at the United Nations on Thursday released its final report proposing seven recommendations to address AI-related risks and gaps in governance. The U.N. last year created a 39-member advisory body to address issues in the international governance of AI. The recommendations will be discussed during ...

Dozens of websites offering targeted marketing leads – ET CISO https://etimg.etb2bimg.com/thumb/msid-113247284,imgsize-213250,width-1200,height=765,overlay-etciso/data-breaches/dozens-of-websites-offering-targeted-marketing-leads.jpg The flight you took recently, the broadband connection you requested, the car insurance that is expiring soon, the apartment you sold, or even the mutual fund you invested in, are all turning into a fair game for data collectors. Such information can be exchanged for as little as Rs ...

GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions https://firewall.firm.in/wp-content/uploads/2024/09/git.png Sep 19, 2024Ravie LakshmananEnterprise Security / DevOps GitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result in an authentication bypass. The vulnerability is rooted in the ruby-saml library (CVE-2024-45409, CVSS score: 10.0), which could allow an ...

No merger scrutiny of Microsoft’s hiring of Inflection staff, EU says – ET CISO https://etimg.etb2bimg.com/thumb/msid-113480139,imgsize-148464,width-1200,height=765,overlay-etciso/corporate/no-merger-scrutiny-of-microsofts-hiring-of-inflection-staff-eu-says.jpg Microsoft’s hiring of artificial intelligence startup Inflection’s staff including its co-founders will not be scrutinised under European Union merger rules, EU antitrust regulators said on Wednesday. The European Commission said seven EU countries had dropped their requests asking it to examine the deal. The move ...

OpenAI CEO Sam Altman quits safety committee after mounting criticism, ET CISO OpenAI CEO Sam Altman has stepped down from the company’s internal Safety and Security Committee, following increased scrutiny from US lawmakers and criticism from former employees over the company’s approach to AI safety and regulation. The committee, established in May to oversee critical safety decisions, will now become ...

23andMe settles data breach lawsuit for $30 million – ET CISO https://etimg.etb2bimg.com/thumb/msid-113347692,imgsize-84402,width-1200,height=765,overlay-etciso/data-breaches/23andme-settles-data-breach-lawsuit-for-30-million.jpg 23andMe will pay $30 million and provide three years of security monitoring to settle a lawsuit accusing the genetics testing company of failing to protect the privacy of 6.9 million customers whose personal information was exposed in a data breach last year. The accord also resolves accusations that ...

Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability https://firewall.firm.in/wp-content/uploads/2024/09/it-admin.png Sep 14, 2024Ravie LakshmananEnterprise Security / Threat Intelligence Ivanti has revealed that a newly patched security flaw in its Cloud Service Appliance (CSA) has come under active exploitation in the wild. The high-severity vulnerability in question is CVE-2024-8190 (CVSS score: 7.2), which allows remote code execution under certain ...