News

Threat actors have been offering access to energy sector organizations, including industrial control systems (ICS) and other operational technology (OT) systems, according to a new report from Searchlight Cyber. The UK-based threat intelligence company has conducted an analysis of posts published between February 2022 and February 2023 on cybercrime forums, dark web sites, and marketplaces, and found many offers for initial access into the environments of energy sector organizations, including oil and gas and renewable…

Read More

The head of the artificial intelligence company that makes ChatGPT told Congress on Tuesday that government intervention “will be critical to mitigate the risks of increasingly powerful” AI systems. “As this technology advances, we understand that people are anxious about how it could change the way we live. We are too,” OpenAI CEO Sam Altman testified at a Senate hearing Tuesday. Altman proposed the formation of a U.S. or global agency that would license the…

Read More

A former executive fired from TikTok’s parent company ByteDance made a raft of accusations against the tech giant Friday, including that it stole content from competitors like Instagram and Snapchat, and served as a “propaganda tool” for the Chinese government by suppressing or promoting content favorable to the country’s interests. The allegations were made in a complaint Friday by Yintao Yu, the head of engineering for ByteDance’s U.S. operations from August 2017 to November 2018,…

Read More

A vulnerability discovered in the official website of luxury sports car maker Ferrari could have exposed potentially sensitive information, according to a cybersecurity firm. The issue was discovered in March by researchers at Char49, a company that provides penetration testing, auditing and training services. Ferrari addressed the weakness within a week. The researchers noticed that the ‘media.ferrari.com’ domain is powered by WordPress and it was running a very old version of W3 Total Cache, a…

Read More

Organizations are reinventing how they build and maintain their network infrastructures, primarily driven by developments like digital transformation, Work from Anywhere (WFA), and the adoption of cloud computing and Operational Technology (OT) devices. While these changes provide businesses of all sizes and industries with the flexibility and adaptability today’s digital marketplace requires, IT and security professionals are now responsible for protecting their enterprise’s people, data, and devices across a highly distributed—and constantly expanding—environment. At the…

Read More

Gmail users in the US can now run scans to find out whether their Gmail ID appears on the dark web, Google announced today at Google I/O, its annual developer conference. The feature was initially announced in March, when the internet giant released it for Google One users only. It allows users to run scans and receive a report informing them whether their information, including name, address, email address, phone number, and Social Security number,…

Read More

Microsoft on Tuesday announced patches for 40 newly documented vulnerabilities in its products, including two zero-day flaws. One of the zero-days, CVE-2023-29336, is described as an elevation of privilege bug in the Win32k driver. Successful exploitation could allow an attacker to gain System privileges. Microsoft has shared no information on the attacks exploiting this vulnerability, but such issues are typically combined with code execution flaws to spread malware, according to Trend Micro’s Zero Day Initiative…

Read More

Google last week announced the general availability of ‘rules_oci’, an open source Bazel plugin for building container images. Bazel improves supply chain trust by using dependencies’ integrity hashes. Google uses this build and test tool for creating Distroless base images for Docker. Distroless images too are meant to improve supply chain security, as they are minimal base images that include only what is necessary for applications to run. “Using minimal base images reduces the burden…

Read More