Security News

New Research: 6% of Employees Paste Sensitive Data into GenAI tools as ChatGPT
2023-06-15 11:58

The revolutionary technology of GenAI tools, such as ChatGPT, has brought significant risks to organizations' sensitive data. The report titled "Revealing the True GenAI Data Exposure Risk" provides crucial insights for data protection stakeholders and empowers them to take proactive measures.

CISOs focus more on business strategy than threat research
2023-06-06 03:30

CISOs and ITDMs continue to be most occupied with business, IT and security program strategy, but they are spending less time on threat research, awareness and hunting compared to 2022, according to Nuspire. The ever-evolving cybersecurity landscape and end-user error and education remain the biggest challenges for CISOs/ITDMs, with end-users accounting for much of their worries, specifically malware/ ransomware, phishing and cloud security breaches.

Friday Squid Blogging: More Squid Camouflage Research
2023-04-28 21:07

"Rather than focusing on core cybercrimes like network intrusion and computing system interference, the draft treaty's emphasis on =>content-related crimes could likely result in overly broad and easily abused laws that stifle free expression and association rights of people around the world." This is despite the right to free expression-including the right to insult and offend-being protected under the Universal Declaration of Human Rights and Article 19 of the International Covenant on Civil and Political Rights-of which the U.N. Member States negotiating the new treaty are parties to.

Student requested access to research data. And waited. And waited. And then hacked to get root
2023-04-17 07:29

This week meet a reader we'll Regomize as "Wesley", who 25 years ago was about to embark on a thesis in mechanical engineering, continuing the work done by a more senior student who was working towards his doctorate. The senior student readily agreed, but the days passed, and Wesley still didn't have the data he needed.

Research on AI in Adversarial Settings
2023-04-06 10:59

As progress in AI continues to advance, it is important to know how advanced systems will make choices and in what ways they may fail. Machines can already outsmart humans in some domains, and understanding how to safely build ones which may have capabilities at or above the human level is of particular concern.

How to Build a Research Lab for Reverse Engineering — 4 Ways
2023-03-29 11:43

In this article, we'll look at 4 ways to create a reverse engineering lab, discuss how to save time, and, potentially, improve the detection rate using a cloud service, and a recommended list of tools for a comprehensive setup. In essence, a malware analysis lab provides a safe, isolated space for examining malware.

New Hacking Cluster 'Clasiopa' Targeting Materials Research Organizations in Asia
2023-02-23 12:07

Materials research organizations in Asia have been targeted by a previously unknown threat actor using a distinct set of tools. Symantec, by Broadcom Software, is tracking the cluster under the moniker Clasiopa.

Hydrochasma hackers target medical research labs, shipping firms
2023-02-22 15:47

A previously unknown threat actor named Hydrochasma has been targeting shipping and medical laboratories involved in COVID-19 vaccine development and treatments. A characteristic of Hydrochasma attacks is that they rely only on open-source tools and "Living off the land" tactics, leaving no traces that could lead to attribution.

North Korean hackers stole research data in two-month-long breach
2023-02-02 17:56

A new cyber espionage campaign dubbed 'No Pineapple!' has been attributed to the North Korean Lazarus hacking group, allowing the threat actors to stealthily steal 100GB of data from the victim without causing any destruction. The campaign is named after the '' error seen transmitted by a remote access malware when uploading stolen data to the threat actor's servers.

Zacks Investment Research data breach affects 820,000 clients
2023-01-25 18:45

Hackers breached Zacks Investment Research company last year and gained access to personal and sensitive information belonging to 820,000 customers. Founded in 1978, the company helps investors with stock buying decisions by using advanced financial data analytics algorithms.