Artificial Intelligence & Machine Learning, Governance & Risk Management, Next-Generation Technologies & Secure Development New Vulnerability Tool Uncovers Flaws in OpenAI and Nvidia APIs Used in GitHub Projects Akshaya Asokan (@asokan_akshaya) • October 21, 2024 Protect AI utilizes Anthropic’s Claude LLM to operate the vulnerability detection tool. (Image: Shutterstock) In…
The Crown Prosecution Service (CPS) of the UK has come under scrutiny after it lost DVDs containing sensitive interviews with child sex abuse victims during a postal transfer. This incident highlights ongoing vulnerabilities in data handling practices among organizations entrusted with sensitive information. The organization has been fined £325,000 for…
In a recent incident highlighting the fragility of sensitive data security in major corporations, Disney has become the latest victim of a significant data breach. The attack was executed by a hacktivist group named NullBulge, which managed to infiltrate Disney’s internal communications within its Slack messaging platform, extracting over 1.2…
Legislation & Litigation , Standards, Regulations & Compliance 2023 Cybersecurity Breach Impacted 1.9 Million Patients and Employees Marianne Kolbasuk McGee (HealthInfoSec) • October 21, 2024 Great Expressions Dental Centers (Image: Shutterstock) In a significant data breach, Great Expressions Dental Centers, a Michigan-based dental organization operating 250 offices across nine states,…
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has imposed sanctions on six individuals affiliated with the Iranian intelligence agency, attributed to cyberattacks targeting critical infrastructure in the United States and globally. This action underscores rising concerns related to cyber threats posed by state-sponsored actors. The individuals sanctioned…
Internet Archive Faces Repeated Cybersecurity Challenges Amid Major Breaches In October 2024, the Internet Archive, a non-profit organization founded by Brewster Kahle to safeguard the digital history of the internet, encountered significant security setbacks resulting in multiple data breaches. The first incident, occurring on October 9, involved both a data…
Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development Attack Method Exploits RAG-based Technology to Manipulate AI System Outputs Rashmi Ramesh (rashmiramesh_) • October 21, 2024 Malicious insiders could mislead the retrieval-augmented generation backend of well-known AI tools. (Image: Shutterstock) Recent research unveiled a method to manipulate responses from…
In a significant development in the realm of cybersecurity, a former employee of Equifax has been charged with insider trading, a situation that follows the company’s disclosure of a significant data breach last year. The U.S. Securities and Exchange Commission (SEC) along with federal authorities in Atlanta disclosed their charges…
In a concerning development in cybersecurity, researchers have reported an uptick in QR code phishing campaigns, also known as “quishing.” These attacks utilize Microsoft Sway, a legitimate cloud-based platform, to host counterfeit web pages, underscoring how reputable services can be exploited for malicious activities. Jan Michael Alcantara from Netskope Threat…
