InfoSec News Nuggets 6/25/2024

CDK suffered another data breach as it was attempting to recover Car dealer software provider CDK has allegedly suffered a second cyberattack - as it was trying to recuperate from the first one. As a result of this follow-up attack, the company was forced to turn most of its services back offline and now says it doesn’t know how long it will take for it to restore the system. In the meantime, many major car…
Read More

InfoSec News Nuggets 5/7/2024

RSA Conference 2024: What to expect Artificial intelligence will dominate this week’s RSA Conference 2024 with nearly a dozen keynotes and even more technical sessions dedicated to how the technology is reshaping the industry and fueling innovation. Keynote headliners, such as Secretary of State Antony J. Blinken, are expected to broaden the discussion to include the U.S. government’s efforts to infuse cybersecurity innovation into emerging technologies such as AI, quantum computing and biotechnology. This year’s…
Read More

InfoSec News Nuggets 2/27/2024

Lockbit cybercrime gang says it is back online following global police bust Lockbit, the cybercrime gang that was knocked offline by a comprehensive international police operation earlier this month, says it has restored its servers and is back in business. The group, notorious on the internet's criminal underground for using malicious software called ransomware to digitally extort its victims, was the target of an unprecedented international law enforcement operation last week which saw its members arrested and indicted. Lockbit's…
Read More

InfoSec News Nuggets 2/20/2024

Using AI in a cyberattack? DOJ’s Monaco says criminals will face stiffer sentences The Justice Department’s No. 2 official directed federal prosecutors to impose stiffer penalties on cybercriminals who use AI in their crimes. “We have to put AI at the top of [our] enforcement priorities list,” Lisa Monaco told an audience Friday at the Munich Cyber Security Conference. “We’re looking quite hard at how AI can enhance quite literally the danger associated with crimes.…
Read More

InfoSec News Nuggets 12/06/2023

  Meta and IBM launch ‘AI Alliance’ to promote open-source AI development  Facebook’s parent company, Meta, and IBM on Tuesday launched a new group called the AI Alliance advocating for an “open-science” approach to AI development that puts them at odds with rivals Google, Microsoft and ChatGPT-maker OpenAI. These two diverging camps – the open and the closed – disagree about whether to build AI in a way that makes the underlying technology widely accessible. Safety is…
Read More

InfoSec News Nuggets 08/28/2023

FTX, BlockFi's Customer Data Compromised in Kroll Hack Customer data of bankrupt crypto exchange FTX and lender BlockFi have been compromised due to a hack of Kroll, a third party agent that manages creditor claims on behalf of bankrupt companies. Crypto account passwords and other sensitive data weren’t affected, but customers were warned to be on the lookout for scammers impersonating parties in the bankruptcy. An “unauthorized third party gained access to certain BlockFi client…
Read More

InfoSec News Nuggets 06/30/2023

Does the world need an arms control treaty for AI?  At the dawn of the atomic age, the nuclear scientists who invented the atomic bomb realized that the weapons of mass destruction they had created desperately needed to be controlled. Physicists such as Niels Bohr and J. Robert Oppenheimer believed that as knowledge of nuclear science spread so, too, would bombs. That realization marked the beginning of the post-war arms control era. Today, there’s a similar…
Read More

InfoSec News Nuggets 08/29/2022

A Massive Hacking Campaign Stole 10,000 Login Credentials From 130 Different Organizations Researchers say that a mysterious “threat actor” (a fancy term for a hacker or hacker group) has managed to steal nearly 10,000 login credentials from the employees of 130 organizations, in the latest far-reaching supply chain attack on corporate America. Many of the victims are prominent software companies, including firms like Twilio, MailChimp, and Cloudflare, among many others. The news comes from research conducted by…
Read More

InfoSec News Nuggets 06/28/2022

LGBTQ+ community warned of extortionists abusing dating apps The U.S. Federal Trade Commission (FTC) has warned this week of extortion scammers targeting the LGBTQ+ community by abusing online dating apps like Grindr and Feeld. According to the FTC, the criminals pose as potential romantic partners on LGBTQ+ dating apps, sending explicit photos to their targets and asking them to reciprocate. If they fall for it, the victims get blackmailed into paying a ransom, usually in…
Read More