Cyber Security News

ℹ️ New Course Offers In-Depth Training on Latest PCI DSS v4.0 Standard The "PCI DSS - Foundation to Mastery" course is now updated to include the latest PCI DSS v4.0, the standard for protecting cardholder data. It is designed for both beginners and experienced professionals who want to learn more about this important security measure. The course is taught by an expert who has spent over ten years implementing PCI DSS around the world. The updated course material covers everything from basic principles to advanced implementation techniques and includes the latest changes and requirements. With data breaches on the rise, understanding and applying PCI DSS is crucial for any organization. This course helps prepare participants to meet these challenges and stay ahead in the field of cybersecurity. Click here to learn more about the material. ----- @Cyber_Security_Channel

What is 'Hackbot as a Service' and are Malicious LLMs a Risk? Hackers have already been using LLMs to refine social engineering attacks, matching the tone and style of an executive for phishing or using deepfake attacks to circumvent identity systems. Cyber_Security_Channel

10 Hot New Cybersecurity Tools Announced At RSAC 2024 Threat intelligence firm Recorded Future is among the cybersecurity vendors that debuted new GenAI-powered product capabilities Monday in connection with RSAC. “I think RSA continues to be one of the best events to showcase the innovation and the impact that we have with our customers,” said Colin Mahony, president of Recorded Future, in an interview with CRN. Cyber_Security_Channel

Human Errors Still a Leading Cause of Cyber Incidents, Says Kaspersky This trend can be attributed to the commoditization of attacks through the widespread adoption of existing tools, originally designed for conducting targeted campaigns which, due to deliberate or accidental leaks, have become common. Cyber_Security_Channel

State’s Cyber Squad Investigating Byron Council Data Breach Speaking to The Echo on Monday, Mr Baker said it was a member of the public who first notified the council of the data leak, five days after the upgrade. The internal documents were reportedly removed on 29 April. Cyber_Security_Channel

Hackers Compromised Dropbox eSignature Service Even users who only received or signed a document through Sign without creating an account had names and email addresses compromised. However, there is no indication that payment information or customers’ files (signed documents and agreements) were accessed. Cyber_Security_Channel

Why Remote Desktop Tools are Facing an Onslaught of Cyber Threats Over 99% of the attack attempts leveraging VNC were aimed at HTTP ports, and the other 1% targeted the transfer control protocol (TCP). Tanner suggested this is probably due to the fact that HTTP does not require specific authentication, unlike TCP. Cyber_Security_Channel

Why Your VPN May Not Be As Secure As It Claims VPNs work by creating a virtual network interface that serves as an encrypted tunnel for communications. But researchers at Leviathan Security say they’ve discovered it’s possible to abuse an obscure feature built into the DHCP standard so that other users on the local network are forced to connect to a rogue DHCP server. Cyber_Security_Channel

City of Wichita Shuts Down Network Following Ransomware Attack It is unclear whether personal information was compromised in the attack, but Wichita said details on the matter will be provided as the investigation into the incident advances. Cyber_Security_Channel

Don't Have a Modern Antivirus? Learn Why You Shouldn't Be Taking This Risk! If the modern-day threats bother you and make you worried about safeguarding yourself against online threats then You need not! Quick Heal Total Security offers a robust defense against modern threats. Cyber_Security_Channel

Mastercard Takes AI-Driven Fraud Defense to Next Level Mastercard is launching Scam Protect with a two-pronged product approach. Mastercard Identity verifies an individual’s authenticity from the moment an account-to-account or card-based payment is initiated. Cyber_Security_Channel

Prompt Hacking, Private GPTs, Zero-Day Exploits and Deepfakes: Report Reveals the Impact of AI on Cyber Security Landscape Pascal Geenens, Radware’s director of threat intelligence and the report’s editor, told TechRepublic in an email, “The most severe impact of AI on the threat landscape will be the significant increase in sophisticated threats. AI will not be behind the most sophisticated attack this year, but it will drive up the number of sophisticated threats. Cyber_Security_Channel

AI Ethics Officer and Cybersecurity Analyst Lead Job Market An AI Ethics Officer is a professional attending to the issues of ethical undercurrents in the process of developing, applying, and utilizing artificial intelligence (AI) technologies in the organization as a whole. The role primarily dabbles with promoting responsible AI practices, identifying and rectifying ethical risks and biases, and establishing transparency, fairness, answerability, and inclusivity in AI systems and procedures. Their role would be to train and oversee the AI work, which will be used as a powerful impetus for social and economic development. The job market in both the fields of AI ethics officer and cybersecurity analyst reflects the growing demand for ethical governance and cybersecurity. Both the tech roles offer promising career opportunities. Cyber_Security_Channel

Mastercard Takes AI-Driven Fraud Defense to Next Level Mastercard is launching Scam Protect with a two-pronged product approach. Mastercard Identity verifies an individual’s authenticity from the moment an account-to-account or card-based payment is initiated. Mastercard is also collaborating with organizations in other verticals to “tackle scams, mitigate their impact, and educate consumers. It will collaborate with Verizon on new solutions to protect consumers from scams across multichannel attack vectors. Cyber_Security_Channel

25 Cybersecurity AI Stats You Should Know This is what the key points look like: 1. Security pros are cautiously optimistic about AI. 2. AI abuse and misinformation campaigns threaten financial institutions. 3. Enterprises increasingly block AI transactions over security concerns. 4. Scammers exploit tax season anxiety with AI tools. 5. Advanced AI, analytics, and automation are vital to tackle tech stack complexity. 6. Today’s biggest AI security challenges. 7. AI tools put companies at risk of data exfiltration. Read further in the following article — find the remainder of the list here. Cyber_Security_Channel

5 Hard Truths About the State of Cloud Security 2024 The problem is that while hyperscale cloud providers may be very good at protecting infrastructure, the control and responsibility they have over their customers' security posture is very limited. Cyber_Security_Channel

A Thorn in Attackers’ Sides: How Darktrace Uncovered a CACTUS Ransomware Infection In November 2023, Darktrace observed malicious actors leveraging the aforementioned method of exploiting Qlik to gain access to the network of a customer in the US, more than a week before the vulnerability was reported by external researchers. Cyber_Security_Channel

Zero Trust Takes Over: 63% of Orgs Implementing Globally These practices potentially can make the transition to zero trust more successful and beneficial to organizations. While 35% of organizations reported failures that interrupted their implementation of zero-trust strategies, Watts added that "organizations should have a zero-trust strategic plan outlining operational metrics and measure the effectiveness of zero-trust policies in order to minimize delays." Cyber_Security_Channel

Where Hackers Find Your Weak Spots So how do attackers gather data about their targets? There are five sources of intelligence cybercriminals can use to gather and analyze information about their targets. Read about them in the above article. Cyber_Security_Channel