Security News

Recognition of the importance of hardware security-upon which all software security is built-is also growing. To fight increasingly sophisticated security threats, more advanced security safeguards are expected to emerge at the hardware level.

After stealing the data, he decided to blackmail the clinic for €450,000; when that didn't work he stooped yet lower and tried blackmailing the patients for €200 each, with a warning that the "Fee" would increase to €500 after 24 hours. Patients who didn't pay up after a further 48 hours, the blackmailer said, would be doxxed, a jargon term meaning to have your personal data exposed publicly on purpose.

To improve security, the cybersecurity industry needs to follow the aviation industry's shift from a blame culture to a "Just" culture, according to director of the Information Systems Audit and Control Association Serge Christiaans. While acknowledging that improved technology, more mature processes and improved leadership all helped to improve aviation safety, the former pilot and field CISO at tech consultancy Sopra Steria said the biggest improvements came from a change to a "Just culture" that accepts people will make mistakes and by doing so makes it more likely errors will be reported.

OpenAI, the company behind the massively popular ChatGPT AI chatbot, has launched a bug bounty program in an attempt to ensure its systems are "Safe and secure." Other prohibited categories are denial-of-service attacks, brute-forcing OpenAI APIs, and demonstrations that aim to destroy data or gain unauthorized access to sensitive information.

Syncro has launched a new agreement with Proofpoint to enable Syncro's MSP partners to offer their customers access to Proofpoint's email security and security awareness training solutions. "This reseller agreement not only allows our MSPs to give their customers superior security in a world where safeguarding users is critical, it also provides an opportunity to increase revenue with existing and prospective customers," said Emily Glass, CEO at Syncro.

The CEO of VoIP software provider 3CX has teased the imminent release of a security-focused upgrade to the company's progressive web application client. "Following our Security Incident we've decided to make an update focusing entirely on security," CEO Nick Galea wrote on Monday.

Proactive threat hunting helps organizations save money by preventing security breaches and reducing the impact of attacks. To better understand the perspective of threat hunters who are in the trenches defending their organizations every day, Team Cymru surveyed 218 experienced security analysts to learn what works and what doesn't in their threat hunting program, how they measure success, and the biggest challenges they face.

Enterprise software vendor SAP has released its April 2023 security updates for several of its products, which includes fixes for two critical-severity vulnerabilities that impact the SAP Diagnostics Agent and the SAP BusinessObjects Business Intelligence Platform. In total, SAP has released 24 notes, 19 of which concern new issues of varying importance, and five are updates to previous bulletins.

"The most popular application categories to hide malware and unwanted software include cryptocurrency trackers, financial apps, QR-code scanners, and even dating apps," Kaspersky said in a new report based on messages posted on online forums between 2019 and 2023. Dropper apps are the primary means for threat actors looking to sneak malware via the Google Play Store.

In Brief More than 40 percent of surveyed IT security professionals say they've been told to keep network breaches under wraps despite laws and common decency requiring disclosure. To further complicate matters, 40 percent of IT infosec folk polled said they were told to not report security incidents, and that climbs to 70.7 percent in the US, far higher than any other country.