Security News

President Biden has empowered the US Coast Guard to get a tighter grip on cybersecurity at American ports - including authorizing yet another incident reporting rule. Port Captains, USCG officers responsible for laying down the law in US ports, can now declare "Security zones," inside of which they'll have broad authority to prevent "Access of persons, articles, or things, including any data, information, network, program, system, or other digital infrastructure, to vessels, or waterfront facilities."

On Thanksgiving Day 2023, while many Americans were celebrating, hospitals across the U.S. were doing quite the opposite. Systems were failing. Ambulances were diverted. Care was impaired....

State and county officials have been urged to use paper ballots wherever possible over electronic ones, and ensure all election offices have procedures in place to handle potentially lethal substances, specifically fentanyl, anthrax, and ricin. On election threats, "We anticipate AI being leveraged for deception campaigns," said Michelle Alvarez, strategic threat analysis manager for IBM X-Force.

Considering that 2024 is a historic year for elections - with an estimated half of the world's population taking part in democratic votes - this high threat of cyber interference has significant implications for global free society, threatening to undermine confidence in voting processes or - at worst - even alter electoral outcomes, according to Tidal Cyber. A concerning 27% of countries with 2024 national elections face the highest threat levels, facing multiple priority adversary groups and many state-backed groups associated with priority adversary countries.

Google is currently tracking more than 40 CSVs, most of which are highly technical with the ability to develop spyware and zero-day exploits to compromise their targets, particularly on Android and iOS devices. Read details about what CSVs target, how spyware is used, CSVs' harmful impact on individuals and society and how businesses can mitigate these cybersecurity threats.

Microsoft and OpenAI have identified attempts by various state-affiliated threat actors to use large language models to enhance their cyber operations. Just as defenders do, threat actors are leveraging AI to boost their efficiency and continue to explore all the possibilities these technologies can offer.

Initial access brokers are increasingly targeting entities within NATO member states, indicating a persistent and geographically diverse cyberthreat landscape, according to Flare. Flare analyzed hundreds of IAB posts on the Russian-language hacking forums, and discovered recent activity in 21 out of the 31 NATO countries - confirming the extensive reach and consistent potential threat IABs pose to national security and economic stability.

According to a report from Abnormal Security, generative AI is likely behind the significant uptick in the volume and sophistication of email attacks on organizations, with 80% of security leaders stating that their organizations have already fallen victims to AI-generated email attacks. Even though humans are still better at crafting effective phishing emails, AI is still immensely helpful to cyber crooks: even less-skilled hackers can use it to easily craft credible and customized emails, with no grammar and spelling mistakes, nonsensical requests, etc.

Basically, DLP systems are aimed at prevention of data leaks, and in real-life mode they monitor and block transmitting of confidential data. That's why SearchInform offers the next-gen platform for internal threat mitigation - Risk Monitor.

2024 is expected to witness a surge in cyberattacks driven by global events and the widespread accessibility of advanced technologies. In this Help Net Security round-up, we present segments from previously recorded videos where cybersecurity experts discuss predictions for 2024, providing a comprehensive perspective on the challenges and opportunities awaiting organizations.