AI has become a major talking point for cybersecurity vendors since the release of ChatGPT a year ago. But AI and ML are nothing new, and the power behind using them to detect cyberthreats comes from the richness of datasets, said Debasish Mukherjee, VP of sales for the APJ region at SonicWall.
North Korean hackers are spreading malware through known vulnerabilities in legitimate software. In a new campaign spotted by Kaspersky researchers, the Lazarus group is targeting a version of an unnamed software product for which vulnerabilities have been reported and patches are available.
In the latest weekly update, ISMG editors discuss how cybersecurity businesses are building resilience during the Israel-Hamas war, the latest on the hacks of Cisco IOS XE devices, and recommendations for businesses in Indonesia looking to improve their cybersecurity practices.
South Korean national intelligence has sounded alarms about North Korean hackers targeting the country's shipbuilding industry to steal naval military secrets. The agency said the hacks are part of North Korean leader Kim Jong Un's strategy to build larger, more advanced warships.
The United States and South Korea reaffirmed a commitment to mitigate the risks in technologies including AI, 5G networks and cloud computing, while developing an "inclusive approach" to govern their use. The two countries said governance must support the development of trustworthy AI.
China hasn't ordered any restrictions on the use of Apple iPhones by government agencies, according to a Chinese government spokesperson, but the official cited recent security flaws in the iPhone and warned that foreign mobile device manufacturers must abide by domestic information security laws.
Cybersecurity researchers at Symantec said a cybercriminal entity with possible ties to the Chinese government used the ShadowPad Trojan to target an Asian country's national power grid earlier this year. The Redfly APT group focused on stealing credentials and compromising multiple computers.
The BlackCat group on Monday claimed responsibility for a ransomware attack on Japanese watchmaker Seiko, publishing samples of stolen data files as proof of its exploit. Seiko Group Corp. announced earlier this month that it had detected unauthorized users accessing of some of its servers.
President Xi Jinping directed state agencies to strengthen the government’s control over the internet and information technology sector, potentially discouraging investment in the country. Among the obstacles is a new Counter-Espionage Law focused on investigating foreign companies.
A security researcher discovered a Bangladesh government web portal that exposed the personal information of about 50 million citizens, including their birth registration records, phone numbers and national identity numbers. His efforts to notify the government of the security flaw went unanswered.
The personal information of nearly 35 million Indonesian passport holders is up for sale on the dark web for $10,000 by notorious hacktivist Bjorka, who routinely criticizes the Indonesian government, publishing damaging information about lawmakers on social media. The government is investigating.
A Chinese nation-state group is hacking foreign affairs ministries and embassies across Europe, employing a sophisticated HTML-smuggling technique to deliver the insidious PlugX remote access Trojan to compromised systems. The technique raises concern about the security of diplomatic institutions.
The world's top chip manufacturer has dismissed the LockBit 3.0 ransomware gang's hack claim and $70 million ransom. TSMC said the data leak took place at a third-party supplier and contains only certain initial configuration files. It said customer information and operations were not affected.
Researchers at AhnLab Security Emergency Response Center observed APT37 target South Korean individuals with spear-phishing emails to inject wiretapping malware. The state-backed cybercrime group primarily employs spear-phishing to compromise the devices of victims.
Suspected Chinese APT groups exploited a 17-year-old Microsoft Office vulnerability in May to launch malware attacks against foreign government officials who attended a G7 summit in Hiroshima, Japan. Threat actors targeted officials from France, the United Kingdom, India, Singapore and Australia.