Security News
Security in brief It's been a week of bad cyber security revelations for OpenAI, after news emerged that the startup failed to report a 2023 breach of its systems to anybody outside the organization, and that its ChatGPT app for macOS was coded without any regard for user privacy. According to an exclusive report from the New York Times, citing a pair of anonymous OpenAI insiders, someone managed to breach a private forum used by OpenAI employees to discuss projects early last year.
Improved cyber hygiene among businesses has led to a reduction in cyber insurance premiums by 15% worldwide over the last two years, a new report from Howden Insurance Brokers has found. "Sarah Neild, head of cyber retail U.K. at Howden, explained why the cost of cyber insurance has declined. She told TechRepublic in an email,"Increased risk awareness off the back of persistent and high-profile attacks is one reason.
More than half of open-source projects contain code written in a memory-unsafe language, a report from the U.S.'s Cybersecurity and Infrastructure Security Agency has found. "Hence, we determine that most critical open source projects analysed, even those written in memory-safe languages, potentially contain memory safety vulnerabilities," wrote the authors.
A scathing report by Australia's Information Commissioner details how misconfigurations and missed alerts allowed a hacker to breach Medibank and steal data from over 9 million people. In October 2022, Australian health insurance provider Medibank disclosed that it had suffered a cyberattack that disrupted the company's operations.
Seventy percent of enterprises are prioritizing investment in SaaS security by establishing dedicated teams to secure SaaS applications, as part of a growing trend of maturity in this field of...
A new report from Mandiant, part of Google Cloud, reveals that a financially motivated threat actor named UNC5537 collected and exfiltrated data from about 165 organizations' Snowflake customer instances. Snowflake is a cloud data platform used for storing and analyzing large volumes of data.
The number of cybersecurity incidents reported by US federal agencies rose 9.9 percent year-on-year in 2023 to a total of 32,211, per a new White House report, which also spilled the details on the most serious incidents suffered across the government. Brute force attacks on networks and services were the only other vector to register more than 1,000 cases - but took the price for the biggest YoY percentage increase in incidents, up from just 197 the year before.
The U.K. is by no means a reflection of Europe as a whole when it comes to technical proficiency. "We must strive for greater collaboration between higher education institutions, government and the technology industry to meet the rapidly evolving skill requirements of the digital economy. Without this collaboration and the right level of investment, we will continue to fall behind in technical skills proficiency."
Unplanned downtime is costing the world's largest companies $400 billion a year, or roughly 9% of their profits, a new report has found. The Hidden Costs of Downtime report surveyed 2,000 executives, including CFOs, CMOs, engineers, and IT and security professionals, from Global 2000 companies in 53 countries and a range of industries.
Progress Software has rolled out updates to address a critical security flaw impacting the Telerik Report Server that could be potentially exploited by a remote attacker to bypass authentication...