Security News

A "Female social network" called Giggle whose operators left its user database unsecured has triggered a wave of Twitter controversy after its founder threatened to sue a UK infosec firm who pointed out the vulnerability. Even for those who stay the hell away from Twitter there are potentially some lessons to be learnt from the Giggle debacle about responsible disclosure as well as operating an app that collects and stores users' data.

Accenture announced a new generation of its intelligent automation platform Accenture myWizard, to help organizations unleash the power of automation to improve business agility, customer experience and innovation. Accenture myWizard helps organizations create, implement and measure enterprise-wide automation strategies and reimagine their IT systems for efficiency and performance.

The company Edgenuity sells AI systems for grading tests. Turns out that they just search for keywords without doing any actual semantic analysis.

Global spending on AI is forecast to double over the next four years, growing from $50.1 billion in 2020 to more than $110 billion in 2024. Software and services will each account for a little more than one third of all AI spending this year with hardware delivering the remainder.

Researchers at Ben-Gurion University of the Negev have developed a new AI technique that will protect medical devices from malicious operating instructions in a cyberattack as well as other human and system errors. Complex medical devices such as CT, MRI and ultrasound machines are controlled by instructions sent from a host PC. Abnormal or anomalous instructions introduce many potentially harmful threats to patients, such as radiation overexposure, manipulation of device components or functional manipulation of medical images.

To help companies proactively address AI ethics and integrity, the Deloitte AI Institute announced its Trustworthy AI framework. "C-suite executives and boards must ask tough questions about ethical use of technology and provide active governance to safeguard their organization's reputation and preserve the trust of internal and external stakeholders," said Irfan Saif, AI co-leader, Deloitte & Touche LLP. "Organizations must demonstrate readiness to manage the new breed of risk that comes with human-machine collaboration. Our Trustworthy AI framework provides a common language to help organizations develop the appropriate safeguards and use AI in an ethical manner."

Computer scientists have developed a new artificial intelligence system that may be able to identify malicious codes that hijack supercomputers to mine for cryptocurrency such as Bitcoin and Monero. "Based on recent computer break-ins in Europe and elsewhere, this type of software watchdog will soon be crucial to prevent cryptocurrency miners from hacking into high-performance computing facilities and stealing precious computing resources," said Gopinath Chennupati, a researcher at Los Alamos National Laboratory and co-author of a new paper in the journal IEEE Access.

Amplo Global announced that its AI-powered platform is now available on the MicrosoftAppSource and Microsoft Azure Marketplace - their online stores providing applications and services for use on Azure. Brian Bell, Director at Microsoft's Commercial Marketplace, said, "On Microsoft Azure Marketplace and AppSource, customers around the world can easily find, buy, and deploy partner solutions they can trust, all certified and optimized to run on Azure. We're happy to welcome Amplo Global and their AmploFly4.0 solution to the growing Azure Marketplace ecosystem."

Business Email Compromise, is a form of targeted phishing where attackers disguise themselves as senior executives to dupe employees into doing something they absolutely shouldn't, like wire money. BEC emails can be difficult to detect using security solutions because no malware is involved.

The IBM Db2 is a family of hybrid data-management products containing artificial intelligence, which can be used to analyze and manage both structured and unstructured data within enterprises. The lack of explicit memory protections "Allows any local users read-and-write access to that memory area," Trustwave researchers said, in their PoC exploit writeup for the bug, issued on Thursday.