Security News > 2023 > November

New data reveals artificial intelligence is challenging organizations in significant ways, with only 15% of global tech leaders reporting they are prepared for the demands of generative AI and 88% saying stronger regulation of AI is essential, according to Harvey Nash. Concerns around the effective application of AI are significant, with almost 9 in 10 global leaders saying stronger regulation of AI is critical, yet 61% say it won't be effective, compared to 54% in the US who say the same.

Signal is now testing public usernames that allow users to conceal the phone numbers linked to their accounts while communicating with others. "Think of The Staging Environment as a parallel Signal universe: you'll need to install and run a new build, and register for a new account with a phone number," O'Leary said.

Windows 11 will no longer add SMB1 Windows Defender Firewall rules when creating new SMB shares starting with today's Canary Channel Insider Preview Build 25992 build. Before this change and since Windows XP SP2, creating SMB shares set up firewall rules automatically within the "File and Printer Sharing" group for the specified firewall profiles.

For its part, Microsoft announced a five-step election protection strategy it'll roll out in the coming months "In the United States and other countries where critical elections will take place in 2024," Microsoft president Brad Smith and VP technology for fundamental rights Teresa Hutson said in a blog post. Microsoft's first initiative is the Content Credentials service, where Redmond will roll out digital watermarking metadata for images and videos as designed by the Coalition for Content Provenance and Authenticity, of which Microsoft is a member.

Security and data analytics company Sumo Logic disclosed a security breach after discovering that its AWS account was compromised last week.The company detected evidence of the breach on Friday, November 3, after discovering that an attacker used stolen credentials to gain access to a Sumo Logic AWS account.

Russian financial organization Sberbank states in a press release that two weeks ago it faced the most powerful distributed denial of service attack in recent history. Russian outlet Interfax reports that the attack reached one million requests per second, which the organization said was roughly four times the size of the most powerful DDoS Sberbank had experienced up until then.

The Federal Bureau of Investigation is warning that ransomware threat actors are targeting casino servers and use legitimate system management tools to increase their permissions on the network. [...]

A new malware is bypassing an Android 13 security measure that restricts permissions to apps downloaded out of the legitimate Google Play Store. A new report from ThreatFabric, a fraud protection company, exposes SecuriDropper malware, which is capable of bypassing Android 13 restricted settings.

Update November 8, 11:05 EST: OpenAI says impacted services are back online. OpenAI's AI-powered ChatGPT large language model-based chatbot is down because of a major ongoing outage that also took down the company's Application Programming Interface.

OpenAI's AI-powered ChatGPT large language model-based chatbot is down because of a major ongoing outage that also took down the company's Application Programming Interface. Today's issues follow another partial outage on Tuesday that also impacted the company's API and ChatGPT, both hit by periodic outages for several hours.