Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history

 Features

by Rohan Vaidya, Regional Director, India, and SAARC, CyberArk With a population surpassing 1.4 billion and a rapidly expanding economy, India’s digital footprint has made it an alluring target for cybercriminals seeking to exploit vulnerabilities. Drawing insights from our experience, here are our predictions   show more ...

for the key cybersecurity trends in India: Data breaches expected to skyrocket In 2023, India experienced a surge in these cyberattacks, leaving a trail of compromised personal information, disrupted operations, and eroded public trust. In 2024, we expect a sharp uptick in data breaches as the digital landscape expands, primarily because of the scale and diversity of attacks, which have impacted almost every sector, from government to healthcare to startups. Continued acceleration in ransomware activities Ransomware attacks are expected to surge, surpassing the alarming 91% reported in 2022. As India’s digital landscape expands and digital dependencies increase, we believe that organizations will pay significantly more to enable recovery. Organizations should gear up for an intensified wave, implementing robust backup and recovery strategies, and enhancing threat detection capabilities. Rise in cloud adoption could lead to a surge of identity-based attacks The overall India public cloud services market is expected to gallop to $17.8 billion by 2027, exhibiting a formidable CAGR of 23.4% for the period spanning 2022-2027 (IDC). However, as organizations migrate their data, applications, and workloads to the cloud, the attack surface widens, providing a broader canvas for threat actors to exploit. Cloud environments, which are inherently dynamic and distributed, introduce identity and access management complexities. Organizations may also have less visibility and control over cloud resource access than in on-premises environments. This can make it difficult to detect and prevent unauthorized access. Cloud environments often rely on shared credentials, such as passwords or API keys, to access resources. This can be a security risk if these credentials are compromised. Prepare for new AI-based attacks An equally potent threat emerges for every positive stride made in the realm of AI. The dark side of AI can manifest in sophisticated cyber threats and malicious activities fuelled by the same technologies that are designed to enhance efficiency, automation, and decision-making. As AI becomes more pervasive, adversaries will quickly capitalize on its capabilities, crafting new attack vectors that exploit vulnerabilities in novel ways. Deepfakes, a looming threat to India’s cybersecurity in 2024 As the sophistication of deepfake technology continues to advance, India is anticipated to witness a surge in deepfake-related cyberattacks in 2024. These attacks will target individuals, businesses, and even government institutions, aiming to spread misinformation, manipulate public opinion, and disrupt critical infrastructure. The financial repercussions of these attacks could be severe, potentially leading to reputational damage, loss of investor confidence, and even economic instability. To combat this growing threat, Indian organizations must invest in deepfake detection and mitigation technologies, raise awareness among their employees about the dangers of deepfakes, and develop robust cybersecurity strategies that can withstand these sophisticated attacks. In India’s vast and dynamic digital landscape, the stakes for cybersecurity have never been higher. As we gaze into the future, the trajectory appears promising and perilous. The surge in data breaches, a continued acceleration in ransomware activities, the rise in cloud adoption, and the ominous specter of AI-based attacks and deepfakes collectively paint a complex canvas. CISOs will find themselves not merely as guardians of technical fortresses but as stewards of personal and professional accountability, navigating the delicate balance between protocols and reputation in an unforgiving digital realm. These predictions for 2024 underline the urgency for organizations to invest in cutting-edge technologies, raise awareness, and craft robust strategies that can withstand the onslaught of evolving cyber threats. The future demands a proactive, adaptive, and comprehensive approach to cybersecurity. This can help us safeguard the digital future of a nation on the rise. Disclaimer: The views and opinions expressed in this guest post are solely those of the author(s) and do not necessarily reflect the official policy or position of The Cyber Express. Any content provided by the author is of their opinion and is not intended to malign any religion, ethnic group, club, organization, company, individual, or anyone or anything. 

 Features

by Puneet Gupta, VP & MD, NetApp India/SAARC In the current landscape of technological prowess, businesses are rapidly moving to the cloud. NetApp’s latest Data Complexity Report reveals that 98% of global organizations are on this journey. Interestingly, three out of four still depend on on-premises data   show more ...

storage, emphasizing the ongoing importance of in-house infrastructure. This data emphasizes the need for a unified data storage approach in 2024 and beyond. Such an approach seamlessly combines on-premises all-flash storage with public cloud solutions, ensuring top-notch performance and accessibility. Factors that Will Drive Unified Data Storage in 2024 As the industry continues to move towards widespread adoption of AI at scale, 2024 is poised to see unified data storage solutions take center stage, and here’s why: Cloud Adoption Businesses today have a unique opportunity to strategically align their IT infrastructure with the evolving needs of an increasingly digital and interconnected world. In the near future, this alignment will enable agility and scalability for future growth and innovation. However, it’s important to note that cloud migration is not a linear process. Among tech executives planning to migrate workloads to the cloud, three out of four still retain the majority of their workloads on-premises. More precisely, 84% of the organizations are either in the mid-journey or in the mature phase. Integrating AI into this dynamic landscape further enhances the potential for transformative innovation and efficiency gains. The Rise of AI India’s swift adoption of AI prioritises GenAI, the leading use case for AI in the country. It emphasises boosting performance, and cost efficiency and highlights the crucial role of flash innovation in supporting AI and ML workloads. The pivotal force propelling cloud migration is the widespread embrace of AI, as evidenced by our findings, where a substantial 74% of respondents leverage public cloud services for AI and analytics. Tech executives across the globe resoundingly articulate the essentiality of Flash innovation in optimizing AI performance, cost, and efficiency, with a notable 39% acknowledging its crucial role. Enterprises are progressively integrating AI into their frameworks, with a significant emphasis on harnessing generative AI and tapping into public cloud AI and analytics services. As AI becomes more ingrained in infrastructure, IT leaders advocate for augmented funding, with 63% of AI budgets stemming from new funding sources. The anticipation is palpable, with leaders expecting to forge alliances with new vendors to navigate the expanding influence of AI within their organizational framework. Data Security & Protection In the era of AI, security threats are a major concern for C-level executives and IT decision-makers in India. A majority of Indian IT leaders see data security as the primary challenge for realizing AI’s potential, with security threats ranking as the leading cause of complexity in storage infrastructure. NetApp’s report underscores the critical role of AI in safeguarding against cyber threats. Moreover, executives consider ransomware attack mitigation as a top priority, emphasizing the indispensable nature of AI in addressing these challenges. Notably, companies anticipate it would take days or weeks to recover from cyberattacks, underscoring the significant risk posed to their business and reinforcing the crucial role of AI in fortifying cybersecurity measures. Sustainability A growing number of Indian organizations now view mitigating environmental impact not only as an option but as an essential aspect of their sustainability efforts. This commitment extends to flash storage innovation, where prioritizing energy and carbon footprint metrics is deemed crucial for future sustainability. The Data Complexity Report underlines the significance of sustainability as a critical factor in choosing storage vendors, with a notable percentage recognizing the reduction of energy and carbon footprint as integral to responsible AI practices. Moreover, a substantial majority agrees that reducing their company’s carbon footprint is a vital aspect of broader sustainability initiatives. This underscores the imperative for forward-thinking organizations to align AI advancement with environmental responsibility in navigating the rapidly evolving technological landscape. The Cloud-Driven Flash Storage Revolution Looking ahead, cloud-enabled flash storage will reshape technological innovation and business operations. As organizations tackle data complexity, integrating this technology will be crucial for agility, scalability, and efficiency in handling AI-driven workloads. Leveraging this transformative tech will help businesses adapt to digital demands, fostering streamlined operations, better performance, and accelerated innovation for success in the global market. Disclaimer: The views and opinions expressed in this guest post are solely those of the author(s) and do not necessarily reflect the official policy or position of The Cyber Express. Any content provided by the author is of their opinion and is not intended to malign any religion, ethnic group, club, organization, company, individual, or anyone or anything. 

 Firewall Daily

Ever since its emergence, ChatGPT has been a game changer in the field of AI technology innovation. The US holds the largest share of ChatGPT users across the world, which is 15%. Usage of ChatGPT in businesses is like a magic wand in the hands of business owners across the US, transforming industries at a fast pace.   show more ...

  Right now, companies are figuring out how to use AI, especially generative AI. A lot of businesses are excited about the transformation that will come with the emergence of dynamic tools like ChatGPT. But along with the excitement and exhilaration, some US businesses are also whispering their concerns about the risks associated with the usage of this technological marvel.  This article uncovers the US’ vibrant innovative tapestry in the development of AI-powered chatbots like the ChatGPT. So, let’s buckle up to discover what is in the pockets of the future of the reigning superstar ChatGPT, which is both thrilling as well as touched up with a tinge of caution and worries.  A recent survey conducted by AIPRM talks about what businesses in the US think about using ChatGPT. Last month, AIPRM reached out to professionals from 3,000 companies to understand the use of ChatGPT in businesses.   Understanding the Pulse of US Businesses Healthcare companies are a bit hesitant about the usage of ChatGPT in business. According to AIPRM’s report, around 24% of healthcare companies are playing with caution and find ChatGPT not trustworthy in terms of data security.   Venturing into the corporate sector, there were other industries following healthcare in terms of the uncertainty of data security. About 14% of respondents associated with the construction industry, followed by manufacturing, administrative and support services, and professional, scientific and technical services with 8% each were skeptical about the usage of ChatGPT in business.  But, on the other hand, the companies dealing in scientific, and technical services are embracing ChatGPT and its capabilities. Around 33% of them are using ChatGPT frequently, followed by retail trade at 30%, and lastly with accommodation and food Services at 24%, adding to the ChatGPT fan club. These variations in theories have made the usage of ChatGPT in businesses a rollercoaster ride of favoritism and distrust.  The Top Concerns of Using ChatGPT in Businesses According to AIPRM research, multiple businesses voiced an array of issues connected to the usage of ChatGPT in business. Here’s what the report says:   Security Risks  In terms of concerns linked to the usage of ChatGPT in business, respondents were concerned about multiple aspects of ChatGPT usage and its integration into business. But the biggest matter of worry is potential security risks. The report says that about 22% of the participants were unsure about the security aspects related to the usage of AI tools.   In the theater performance of ChatGPT, several industries sit as viewers with their eyes wide open in anticipation observing what the future has to unfold and what plot-twists could possibly emerge while using ChatGPT in business. Christopher C Cemper, the CEO of AIPRM stated in a press release that the security risk is one of the first concerns while using ChatGPT in business. “The first priority concern many users may have is the potential security risks, and whilst generative AI could be misused by malicious perpetrators who wish to access data and cause damage, using antivirus software and secure file-sharing, your workplace computer system will be protected”, says Cemper.  Moreover, proper usage of antivirus software and secure file-sharing platforms can help in tackling security concerns. Industries and businesses should also check if the AI tool they are using is legitimate and doesn’t cause legal problems later. In some cases, generative AI can act as the man of the hour, saving time and money while protecting against misinformation.  Talking about the advancements in AI, Cemper said, “A key factor is ensuring that you are consistently up to date with the latest advancements in the technology sector. This will help improve the understanding of the capabilities, limitations and risks that AI holds.”  Cemper debunked the top concerns of businesses about ChatGPT usage and shared insights on how to use AI properly to boost performance. He agreed that certain industries may be fearful of the unpredictable outcomes of using AI in the workplace, especially the concerns over cyber security risks when it comes to a new technology.  Talking about the unpredictable security outcomes and risks associated with using ChatGPT in businesses, Cemper stated, “AI itself isn’t the risk, instead, it has been found to boost business performance as long as there is good control over the tool.”  Legal and Compliance Issues  While charting concerns, AIPRM says that 15% of the respondents were caught in the clouds of uncertainty when it came to legal and compliance issues that the usage of ChatGPT in business. Using ChatGPT in business operations was considered a digital ropewalk by the 15% participants where little misbalance could unintentionally create the risk of copyright infringement.  Using content created by AI poses the risk of unknowingly violating intellectual property laws, which could result in copyright or infringement lawsuits. Furthermore, companies should be able to confirm the source of training data and if their AI provider has the legal authority to handle data to avoid any legal issues or GDPR penalties.  Sharing his views on AI-generated content, Camper stated, “Using AI-generated content can lead to accidentally infringing existing intellectual property, which in turn, may lead to copyright or infringement claims. Moreover, to prevent any such claims or GDPR fines, businesses should be able to verify how training data is obtained and verify that their AI supplier has a lawful legal basis to process data.”  Improper Understanding of Prompts  Additionally, research reports says that around 21% of the participants were concerned about queries and prompts being misunderstood. A simple solution for this issue could be being more prompt ready for ChatGPT and understanding how generative AI models work.   Users can be specific in providing queries and avoid ambiguity to prevent misunderstandings. Complex queries can be broken down into smaller components for the chatbot to understand them properly. Reviewing and editing the queries before sending can also further enhance the experience of using ChatGPT in businesses while also providing feedback for constant improvement.  False/Misleading Information Lastly, 15% of respondents also feared the risk of producing false information while using ChatGPT for businesses. The possibility of disinformation spreading is one of the biggest worries that consumers frequently face, considering the large amount of data being fed to ChatGPT daily.   To sum up, generative AI is a double-edged sword it does help in enhancing productivity and multitasking, but it also fails at providing the correct information or sometimes creates false information for the user. A good example of this would be asking ChatGPT to link a research report to a story because ChatGPT can add false reports without verifying their origin. Additionally, ChatGPT can also assist individuals who intentionally try to mislead others with false information.   However, by cross-referencing the content with reliable sources to discover any inaccuracies or misleading information, cutting-edge technology of AI can also assist in identifying false narratives and information. The AIPRM report sheds light on this dual nature of generative AI and its use in the American business sectors.  Note: This article is based on research conducted by an external source. and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

 Feed

Two British teens part of the LAPSUS$ cyber crime and extortion gang have been sentenced for their roles in orchestrating a string of high-profile attacks against a number of companies. Arion Kurtaj, an 18-year-old from Oxford, has been sentenced to an indefinite hospital order due to his intent to get back to cybercrime "as soon as possible," BBC reported. Kurtaj, who is autistic, was

 Cyber Security News

Source: www.schneier.com – Author: Bruce Schneier HomeBlog Comments &ers • December 22, 2023 5:30 PM @ALL Common sense won. hxxps://news.err.ee/1609202272/interior-abandons-plan-to-ban-non-personalized-prepaid-sim-cards How is this at your side? Mandatory? Clive, SLF, etc? vas pup • December 22, 2023   show more ...

6:54 PM Israel’s StemRad inks $4.5m contract to shield US troops from gamma radiation https://www.timesofisrael.com/israels-stemrad-inks-4-5m-contract-to-shield-us-troops-from-gamma-radiation/ “Israeli-American company has developed […] La entrada Friday Squid Blogging: Squid Parts into Fertilizer – Source: www.schneier.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini LockBit ransomware gang claims to have breached accountancy firm Xeinadin Pierluigi Paganini December 23, 2023 The LockBit ransomware claims to have hacked accountancy firm Xeinadin threatens to leak the alleged stolen data. The LockBit ransomware claims   show more ...

responsibility for hacking the Xeinadin accountancy firm and threatens to disclose the alleged […] La entrada LockBit ransomware gang claims to have breached accountancy firm Xeinadin – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini Mobile virtual network operator Mint Mobile discloses a data breach Pierluigi Paganini December 23, 2023 Mobile virtual network operator Mint Mobile suffered a new data breach, threat actors had access to customers’ personal information. Mint Mobile   show more ...

experienced a recent data breach, exposing customers’ personal information to unauthorized access by […] La entrada Mobile virtual network operator Mint Mobile discloses a data breach – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Team Register Infosec in brief Iranian cyberspies are targeting defense industrial base organizations with a new backdoor called FalseFont, according to Microsoft. In a series of Xeets posted Thursday, Redmond’s threat intel team said it spotted a nation-state backed   show more ...

gang it calls Peach Sandstrom attempting to deliver the (presumably Windows) malware […] La entrada Iranian cyberspies target US defense orgs with a brand new backdoor – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: David Harley Having found myself roped into assisting as co-administrator a couple of Facebook groups with security/privacy issues, I thought I should, perhaps, share what little I know about defending your group against scam and spam posts and comments by tightening up   show more ...

group settings. Caveat: I’ve never really wanted to spend […] La entrada Group Therapy – security and privacy in Facebook groups – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Michael Toback Imagine standing at the entrance to a vault where your most valuable possessions are stored. The door doesn’t open with just one key; you need several to unlock it. That’s the essence of multi-factor authentication (MFA) in a nutshell. Instead of a   show more ...

single password, MFA requires multiple proofs of […] La entrada Best Practices in Multi-Factor Authentication for Enhanced Security – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Marc Handelman Full Presenter List: Sophie Stephenson, Majed Almansoori, Pardis Emami-Naeini, Rahul Chatterjee Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access.   show more ...

Originating from the conference’s events situated at the Anaheim Marriott; and via the organizations YouTube channel. Permalink […] La entrada USENIX Security ’23 – ‘“It’s The Equivalent of Feeling Like You’re In Jail”: Lessons From Firsthand & Secondhand Accounts Of IoT-Enabled Intimate Partner Abuse’ – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Apache Struts2

Source: securityboulevard.com – Author: Riddika Grover Recent attacks have demonstrated a significant growth in Zero Days and Remote Code Execution. Kratikal has observed that threat actors have placed a special focus on Web Apps, IoT, and Open-Source tools. In this blog, we will discuss a recently found Remote   show more ...

Code Execution attack in Apache Struts2. Apache Struts […] La entrada Impact of Apache Struts2 Code Execution Vulnerability – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Axio Insights

Source: securityboulevard.com – Author: Axio Cloud Security, Governance and Skills in 2024 Step 1 of 6 16% Who in your organization is responsible for cloud security? (Select one) No one specifically Someone on our general security team A dedicated person/team that handles cloud security Cloud architects and   show more ...

developers Original Post URL: https://securityboulevard.com/2023/12/kansas-city-hospital-ransomware-attack-consequences/ Category & Tags: […] La entrada Kansas City Hospital Ransomware Attack Consequences – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Cavelo Blog And the real-life challenges midsized enterprises are juggling as they scale to achieve them The practice of data discovery and classification varies widely depending on a company’s size, the industry it operates in and the kind of information it needs to   show more ...

track based on individual industry requirements. Classification methods […] La entrada Establish Security Outcomes With Data Discovery and Classification – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 British

Source: thehackernews.com – Author: . Dec 24, 2023NewsroomCyber Crime / Data Breach Two British teens part of the LAPSUS$ cyber crime and extortion gang have been sentenced for their roles in orchestrating a string of high-profile attacks against a number of companies. Arion Kurtaj, an 18-year-old from   show more ...

Oxford, has been sentenced to an indefinite hospital […] La entrada British LAPSUS$ Teen Members Sentenced for High-Profile Attacks – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.cyberdefensemagazine.com – Author: News team By Dilpreet Singh Bajwa, Senior Consultant, Cyfirma Executive Summary At Cyfirma, we are dedicated to providing you with up-to-date information on the most prevalent threats and tactics used by malicious actors to target both organizations and individuals.   show more ...

In this comprehensive analysis, we delve into an ongoing campaign orchestrated by […] La entrada The Persistent Danger of Remcos RAT – Source: www.cyberdefensemagazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.cyberdefensemagazine.com – Author: News team By David Monnier, Chief Evangelist, Team Cymru Fellow What would be your ideal approach to protecting your organization? Knowing exactly what threats are targeting your organization, well before those adversaries take action, so that you can shore up your   show more ...

defenses so that threat never even impacts your systems. However, […] La entrada How to Overcome the Most Common Challenges with Threat Intelligence – Source: www.cyberdefensemagazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.cyberdefensemagazine.com – Author: News team By Amol Bhagwat, VP, Solutions and Field Engineering at Gurucul As the threat landscape continues to get more complex, security analytics are becoming essential for identifying, preventing and responding to threats. As a result, recent research suggests   show more ...

that the security analytics market will grow by more than 16% (to […] La entrada How to Unify Multiple Analytics Systems to Determine Security Posture and Overall Risk – Source: www.cyberdefensemagazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.cyberdefensemagazine.com – Author: News team www.cyberdefensemagazine.com is using a security service for protection against online attacks. This process is automatic. You will be redirected once the validation is complete. Reference ID IP Address Date and Time 3dc7dfbd7081283bcc5956880acf9126 68.   show more ...

178.221.220 12/24/2023 07:46 PM UTC Protected by StackPath Original Post URL: https://www.cyberdefensemagazine.com/stronger-together-attack-surface-management-and-security-validation-2/ Category & Tags: Cyber Security […] La entrada Stronger Together: Attack Surface Management and Security Validation – Source: www.cyberdefensemagazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

2023-12
Aggregator history
Sunday, December 24
FRI
SAT
SUN
MON
TUE
WED
THU
DecemberJanuaryFebruary