The news from the war in Ukraine tends to focus on physical battles, but there’s another front in the conflict that gets less attention: the tubes of the internet. Russia’s overall strategy involves a vast disinformation campaign, but over the last year, an army of shitposters has started fighting back. It’s a loosely…
Monday’s €1.2 billion fine for Meta – by far the biggest fine issued under the GDPR since it took effect five years ago – has been taken by many as a sign that the Regulation is at last beginning to be enforced with sufficient vigour. However, the Meta decision illustrates the ongoing difficult of applying a consistent approach to GDPR enforcement, particularly when it comes to cross-border and international data transfers. In particular, the Irish DPC (Data Protection Commission), which is the supervisory authority for numerous US tech giants whose EU headquarters are in Ireland, continues to attract criticism for
The post Changing Attitudes Towards GDPR Enforcement and Compliance: 2018 – 2023 appeared first on IT Governance UK Blog.
North Korea-linked APT group Lazarus actor has been targeting vulnerable Microsoft IIS servers to deploy malware. AhnLab Security Emergency response Center (ASEC) researchers reported that the Lazarus APT Group is targeting vulnerable versions of Microsoft IIS servers in a recent wave of malware-based attacks. Once discovered a vulnerable ISS server, the attackers leverage the DLL side-loading […]
The post North Korea-linked Lazarus APT targets Microsoft IIS servers to deploy malware appeared first on Security Affairs.
Interesting essay on the poisoning of LLMs—ChatGPT in particular: Given that we’ve known about model poisoning for years, and given
Ein kürzlich erschienener Artikel des Global Security Magazine
[https://www.globalsecuritymag.com/Playing-with-Fire-Fraud-s-Threat-to-the-Booming-G
Der 38-jährige Chirag Patel aus Norfolk, Virginia, wurde wegen Computerbetrugs
zu 51 Monaten Gefängnis und einer anschließenden Bewährungsstrafe von drei
Jahren verurteilt.
Laut einer Pressemitteilung
[https://www.justice.gov/usao-az/pr/hac
Earlier this year, ESG published a research report focused on how enterprise organizations use threat intelligence as part of their overall cybersecurity strategy. The research project included a survey of 380 cybersecurity professionals working at enterprise organizations (i.e., more than 1,000 employees).
Survey respondents were asked questions about their organization’s cyber-threat intelligence (CTI) program – how it was staffed, what types of skills were most important, its challenges and strategies, spending plans, etc. I’ve written three previous blogs detailing the research. The first one gave an overview of enterprise threat intelligence programs. The second examined challenges with the threat intelligence lifecycle, and the third looked at the intersection between CTI and digital risk protection (DRP).
The rapid emergence of Open AI’s ChatGPT has been one of the biggest stories of the year, with the potential impact of generative AI chatbots and large language models (LLMs) on cybersecurity a key area of discussion. There’s been a lot of chatter about the security risks these new technologies could introduce — from concerns about sharing sensitive business information with advanced self-learning algorithms to malicious actors using them to significantly enhance attacks.
