The Cybersecurity and Infrastructure Security Agency (CISA) conducted the federal government's inaugural tabletop exercise with the private sector to improve responses to Artificial Intelligence (AI) security incidents. The exercise, led by the Joint Cyber Defense Collaborative (JCDC), simulated a cybersecurity incident involving an AI-enabled system. It required operational collaboration and information sharing across the represented organizations. This exercise helps develop an AI Security Incident Collaboration Playbook.

According to the insurance broker Marsh, cyber insurance claims reached all-time highs in 2023, with over 1,800 claims coming from the US and Canada. The growth in sophisticated cyberattacks, privacy claims, and organizations buying cyber insurance, as well as the MOVEit file transfer supply chain breach contributed to this rise. Healthcare led claims with 17 percent, followed by communications (16 percent), education (9 percent), retail/wholesale (8 percent), and financial institutions (8 percent). In 2023, 282 clients reported cyber extortion, up from 172 in 2022.

Microsoft has a new plan to emphasize cybersecurity. For high-level execs, their cybersecurity work will make up a third of their performance. And other employees will also be evaluated on their cybersecurity efforts in their six-month reviews. Performance will impact company bonuses and other compensation. The major move comes in light of shortfalls in how Microsoft has responded to major security issues as outlined in a Homeland Security report about China’s breach of government email accounts. Brad Smith, Microsoft vice chair and president, testified on Thursday at the U.S.

A hybrid biometric access system from the Chinese manufacturer ZKTeco has two dozen security vulnerabilities that attackers could use to bypass authentication, steal biometric data, and install malicious backdoors. A malicious actor can bypass verification and gain access by adding random user data to the database or using a fake QR code. Attackers can steal biometric data, remotely manipulate devices, and install backdoors. This article continues to discuss findings regarding the critical security flaws impacting the ZKTeco biometric system.

Researchers at ESET discovered five cyber espionage campaigns targeting Android users in Egypt and Palestine with trojanized apps. The campaigns have been attributed to the "Arid Viper" hacking group with medium confidence. ESET researchers named the spyware used to infect target Android apps "AridSpy." The malicious apps impersonate NortirChat, LapizaChat, ReblyChat, PariberyChat, and RenatChat. This article continues to discuss cyber espionage campaigns targeting Android users in Egypt and Palestine with trojanized apps.

In a recent Bitdefender survey, 96 percent of participating cybersecurity professionals agreed that generative Artificial Intelligence (AI) technology threatens overall cybersecurity. More than 36 percent said its use for manipulating or creating deceptive content, such as deepfakes, is a significant threat. This article continues to discuss key findings from Bitdefender's 2024 Cybersecurity Assessment Report.

Help Net Security reports "GenAI Keeps Cybersecurity Pros on High Alert"

In summer 2023, Microsoft President Brad Smith admitted that security failings enabled Chinese state hackers to access US government officials' emails. Microsoft was blamed for a "cascade of security failures" that allowed the Chinese threat actor "Storm-0558" to access 25 organizations' email accounts, including those belonging to US government officials, according to an April 2024 Cyber Safety Review Board (CSRB) report.

The US Cybersecurity and Infrastructure Security Agency (CISA) warns federal agencies of the ongoing exploitation of a patched authentication bypass vulnerability in Progress Software's Telerik Report Server. The vulnerability exists because the current installation setup was not properly validated in version 2024 Q1 (10.0.24.305) and earlier iterations. The flaw enables an attacker to supply specific parameters and create a new administrator user. They can then log in to the server.

Cisco Talos and Volexity warn that Pakistan-based threat actors have targeted Indian government entities in two espionage campaigns. Since 2018, "Operation Celestial Force" has targeted Indian defense, government, and technology employees with Android and Windows malware.

Edge devices, services, and network infrastructure devices often start mass exploitation attacks. There has been a rise of mass exploitation compromises and criminal targeting of edge and infrastructure devices. Nation-states such as Russia and China and criminal groups like FIN11 use edge devices, often compromised by zero-day vulnerabilities, according to Mandiant's M-Trends 2024 report. According to Forescout's Riskiest Devices 2024 report, endpoints were the riskiest in 2023 but are now network infrastructure.