Categories
Featured

Underestimating the dangers within: mitigating the insider cyber threat

[ad_1]

The cybersecurity risks that businesses are often most concerned about come from external attacks. But at the same time, threats – both by accident or with malicious intent – by their own employees are overlooked, despite accounting for 58% of cybersecurity breaches in recent years.

As a result, a large proportion of businesses may lack any strategy to address insider risks, leaving them vulnerable to financial, operational and reputational harm.

Understanding the risk

[ad_2]

Source Article Link

Categories
Featured

Competition under threat as cloud giants selectively invest in startups, watchdog says

[ad_1]

In a recent address at the 72nd Antitrust Law Spring Meeting in Washington DC, UK Competition and Markets Authority (CMA) CEO Sarah Cardell delved into the potential impact of the current AI landscape on competition and consumer protection.

Emphasizing AI’s transformative benefits, Cardell implied that tech giants like Amazon, Google, and Microsoft have been selectively investing in specific startups.

[ad_2]

Source Article Link

Categories
Featured

Hospital helpdesks targeted by hackers — US Health Department warns health services are under threat

[ad_1]

The US Department of Health and Human Services (HHS) has issued a warning that hackers are attempting to target the helpdesks of hospitals in order to gain access to critical hospital systems.

The hackers have been observed contacting hospital IT help desks using local area code phone numbers and then pretending to be a hospital employee, providing the helpdesk with stolen identification.

[ad_2]

Source Article Link

Categories
Featured

Linux servers targeted by dangerous espionage malware as Windows threat makes the jump

[ad_1]

A dangerous espionage malware, previously only used against Windows devices, is increasingly being observed on Linux machines, too, experts have warned.

Following earlier reports by ESET and Trend Micro, Kaspersky is now warning of the Dinodas Remote Access Trojan (RAT), signaling the rising popularity of the malware. 

[ad_2]

Source Article Link

Categories
Life Style

Bird-flu threat disrupts Antarctic penguin studies

[ad_1]

Brown Skua, Stercorarius antarcticus, calling in front of a King Penguin colony.

Avian flu has been detected sub-Antarctic king penguins.Credit: Education Images/Universal Images Group via Getty

A deadly strain of bird flu circulating worldwide is disrupting research in Antarctica and could lead to the cancellation of some projects to study penguins, seals and other animals next year.

“This is the first time I remember such reduced access to animal colonies since I started my Antarctic career in 1996,” says microbiologist Antonio Quesada del Corral, who manages the Spanish Antarctic research programme and is based in Madrid.

“Several projects were cancelled this year, because we wanted to reduce the risk of having an infection of people or being the vector that spreads sickness between different animal colonies,” he says. “We had scheduled for next year more new projects on animal colonies — some of these are now likely not going to take place.”

Researchers first detected avian influenza, caused by the circulating H5N1 subtype of the virus, in the wider Antarctic region in October 2023. They found the virus in dead birds, including skuas and gulls, in the sub-Antarctic territory of South Georgia and the South Sandwich Islands.

This sparked fears among scientists that bird flu would soon reach Antarctica itself. “We were very afraid,” says Quesada del Corral. As a result, he says, the Spanish Antarctic research programme was revised for the summer season, which runs from around October to late March. Since then, only researchers specializing in infectious diseases and viruses have been allowed access to animal colonies, he adds. In the sub-Antarctic, the virus is known to have spread to elephant and fur seals, albatrosses, terns, gentoo penguins and king penguins, suggesting that these animals are also at risk in Antarctica.

Data disruption

Researchers involved in about half a dozen projects have been unable to collect data from sensors that are located in animal colonies and gather information year-round, says Quesada del Corral. “We had several projects that needed to download information from some sensors [located] in colonies of penguins, sea lions, elephant seals, leopard seals — and they were not able to go in there.”

Some of these long-term projects aim to monitor animal behaviour — for example, to determine when penguins hatch, moult and move to or from a rookery. Others aim to track the impacts of the animals on the environment, or to sample bacteria in aerosols produced by the colonies.

In theory, data collected by sensors could still be retrievable next year. “The memory of the sensors is normally about two years,” says Quesada del Corral. “We usually change the battery every year. Hopefully next year they will have at least partial data collected.”

But there is a chance that the batteries will fail, or that restrictions could tighten. “I really am afraid that next year the season is going to be worse than this,” he adds.

The activities of Argentine researchers have also been disrupted by bird flu, says Martín Ansaldo, an ecologist at the Argentine Antarctic Institute in Buenos Aires. “We suspended all activities that had direct contact with animals, wherever we observed animals with unusual behaviour or an unusual increase in the number of dead,” he says. This affected scientists studying the reproduction, behaviour and physiology of birds and mammals.

Research carried out under the US Antarctic Program has not yet been disrupted by bird flu, according to the National Science Foundation (NSF), which funds the programme. Nonetheless, “it is possible that any future outbreak detected could impact research”, an NSF spokesperson told Nature. “Decisions will be made on a case-by-case basis.”

Tip of the iceberg

Researchers’ fears were confirmed in February, when H5N1 was detected on the Antarctic mainland for the first time. The virus was found in dead skuas near Argentina’s Primavera research station, located on the Antarctic Peninsula, which stretches north towards South America. “With this confirmation, we know that the infection can reach any colony in a few days,” says Quesada del Corral.

Scientists have just started a new expedition to sample for bird flu on the Antarctic Peninsula, says Antonio Alcamí, a virologist based at the Severo Ochoa Centre for Molecular Biology in Madrid, who was among those who first detected H5N1 on the mainland.

Monitoring the spread of the virus will help to protect researchers on Antarctica. “The confirmation of H5N1 [on the mainland] generated an early warning to take extreme care of the people working in Antarctica, both logistical and scientific,” says Ansaldo. “We must be prepared to protect both the Antarctic fauna and the human beings working there.”

[ad_2]

Source Article Link

Categories
News

Cyber attack trends for 2024 from the X-Force Threat Report

X-Force Threat Intelligence Index Report 2024

In the dynamic arena of cybersecurity, the stakes are high and the adversaries are relentless. The latest insights from IBM’s X-Force Threat Intelligence Index Report for 2024 provide a crucial glimpse into the cyber threats that dominated the previous year. For anyone with a stake in the digital world, these findings are not just informative; they are essential for the protection of your digital assets.

The report highlights a significant rise in the exploitation of legitimate user credentials, which saw a 71% increase in 2023, making it as prevalent as phishing in terms of methods used for initial access by cybercriminals. This alarming trend underscores the critical need for robust Identity and Access Management (IAM) protocols. Without strong IAM measures, your digital presence is at risk, as cybercriminals continue to refine their tactics to gain unauthorized access to systems and data.

Phishing attacks, a long-standing threat, remain a formidable challenge, with cybercriminals constantly updating their strategies to install malware or steal credentials. The malware that is particularly concerning is the kind that hijacks user accounts, potentially leading to significant data breaches. It is more important than ever to remain vigilant and to be able to recognize and respond to these deceptive tactics.

Cyber Attack Trends 2024

Here are some other articles you may find of interest on the subject of  artificial intelligence

Data security has become increasingly important, with incidents of data theft and leakage now accounting for 32% of the major impacts on organizations. This represents a significant increase from the 19% reported in 2022. The rise of info stealers has contributed to this trend, emphasizing the need to protect your data from theft and unauthorized disclosure.

Application security is another area that demands continuous attention. The most common vulnerabilities are due to misconfigurations, failures in identity and authentication, and issues with access control. These vulnerabilities are often linked to poor password practices and the use of default settings. Addressing these issues through rigorous security measures is essential to safeguard your applications from potential breaches.

The report also touches on the emergence of Generative AI, including advanced chatbots, which has been a hot topic in 2023. While the use of this technology in attacks has been minimal so far, the interest shown in dark web forums suggests that it could pose future threats. Keeping up with the developments in generative AI is therefore an important aspect of your cybersecurity strategy.

X-Force Threat Intelligence Index Report for 2024

A review of 2023 identifying major threat trends in cybersecurity, drawing on data from IBM’s global team across 17 countries, including ethical hackers, incident responders, researchers, and analysts.

  • Identity and Access Management:
    • Initial access factors highlighted, with valid accounts or improper use of a valid account and phishing tied for the top method at approximately 30%.
    • A significant increase in valid account misuse, up by 71% over the previous year.
  • Phishing Details:
    • Split into two main types: those involving attachments and those involving links, aiming to plant malware or steal credentials.
    • A considerable portion of malware is intended to steal credentials.
  • Data Security:
    • Data theft and leakage were the top impact on organizations, constituting 32%, up from 19% in 2022.
    • The rise of info stealers, malware designed to exfiltrate sensitive information and credentials, saw an increase of 266%.
  • Application Security:
    • Misconfiguration was the most frequent application security vulnerability, according to the OWASP Top 10 list.
    • Identity and authentication failures, along with related access control issues, were significant, collectively accounting for 36% of the vulnerabilities.
  • Zero-Day Attacks:
    • A significant decrease in 2023 compared to 2022, down by 72%, possibly due to easier attack methods being available.
  • Ransomware:
    • A slight decrease in real-world cases, down by 12%.
    • Early signs of better defense against ransomware attacks and a growing trend of organizations not paying the ransom.
  • Generative AI:
    • 2023 marked a significant year for the adoption and discussion of generative AI technologies.
    • Over 800,000 mentions of AI and generative AI in dark web forums, indicating both interest and experimentation by malicious actors.
    • Concerns raised about the potential misuse of generative AI in cyber attacks, with some alternative chatbots lacking restrictions on generating malicious content.
  • Preventive Measures and Recommendations:
    • Emphasis on the effectiveness of industry best practices in preventing 84% of attacks on critical infrastructure.
    • Recommendations include multi-factor authentication, use of passkeys, data encryption, immutable backups, patching applications, system hardening, and staying informed about generative AI developments.

However, it’s not all grim news. The report notes a significant 72% decline in zero-day attacks and a 12% reduction in ransomware incidents, indicating that cybersecurity efforts are making a difference. These positive trends highlight the effectiveness of proactive prevention measures and the benefits of staying ahead of cybercriminals.

Prevention is, and always has been, the best defense. The report suggests that adhering to industry best practices could have prevented 84% of the attacks on critical infrastructure that occurred. Among the recommended practices are the use of multi-factor authentication, passkeys, data encryption, immutable backups, regular patching, system hardening, and staying informed about the latest developments in generative AI.

The X-Force Threat Intelligence Index Report for 2024 is a wake-up call to learn from the previous year’s cybersecurity challenges and to strengthen our defenses. It is imperative that you review the full report for a comprehensive analysis and adopt the suggested security practices. By doing so, you can enhance the security of your digital ecosystem and be better prepared to face the emerging threats that lie ahead.

Filed Under: Technology News, Top News





Latest timeswonderful Deals

Disclosure: Some of our articles include affiliate links. If you buy something through one of these links, timeswonderful may earn an affiliate commission. Learn about our Disclosure Policy.

Categories
News

Here’s why AI prejudice may not be a threat.

The News God
Here’s why AI prejudice may not be a threat.

Amazon and Google ruled their respective markets, but there will probably be a lot of AI systems.
OpenAI, which made the ChatGPT language model, is the best-funded and biggest AI platform company, with over $10 billion in funding and a value of nearly $30 billion. Microsoft uses OpenAI, but Google, Meta, Apple, and Amazon all have their own AI systems, and Silicon Valley is home to hundreds of other AI startups. Will the forces of the market make one of these a monopoly?

When Google started its search business, there were already a dozen other search engines like Yahoo, AltaVista, Excite, and InfoSeek. Many people asked why we need yet another search engine like Google. But Google became a monopoly online because it worked so well and had so many connections.

Networking effects are very strong, and Amazon, which has a share of nearly 60% of the online shopping market, is a great example. Buyers go there to find the most products from the most sellers, and sellers go there to reach the most people. Even if another site did better than Amazon, these networking effects would still make it hard to beat.
Google put out a new way to rank pages that users instantly saw was better than what had come before. Users went to Google because its list of online sites was growing quickly and its search results were more accurate. Advertisers also flocked to Google to reach this huge number of users.
The first search tools didn’t last long. As people left platforms like Friendster and MySpace to join Facebook, it became a monopoly with the same networking effects. It also became the largest platform where people could find their online friends more quickly.

AI platforms don’t seem to have the same effects on networking as search and social media platforms. AI platforms are more like online producers like the New York Times or Fox News. They gather information that is already out there and use that information and intelligence to make new content.
Instead of just sharing third-party content, these platforms get that content and study it so they can post new content and work like other companies like the New York Times and Fox News.

Training data is the information that AI platforms use as sources. It comes from online news sites and social media platforms like Twitter. If an AI platform only uses right-leaning news sites as training data, then the AI content it makes will have a right-leaning bias. In the same way, if an AI platform depends mostly on leftist news sources, the material it creates will have a tilt toward the left.

AI platforms only cause censorship problems if they hide the biases in the data they use to train their algorithms or if they put strict limits on the content their algorithms create. For example, they could allow certain types of content for leaders of one political party but not for leaders of the other political party.

Some science fiction movies like “The Matrix” and “Bladerunner” show how AI content could be used to only reflect the current consensus or government narrative. This is why it is so important for AI platforms to be required to be transparent by publishing the specific sources/sites of their training data.

There is no reason for the New York Times, Fox News, and other news sites to form a monopoly around one main news source. It looks like the many AI platforms will work as producers and are not likely to be taken over by one big company in the future.

If the AI companies work as authors instead of “computer services providers” as the Section 230 law calls them, they don’t get the liability rights that come with being a “computer services provider.”

Here’s why AI prejudice may not be a threat.
Alfred Abaah
The News God – Home of Current and Trending News Stories