"Cybercriminals Implemented Artificial Intelligence (AI) for Invoice Fraud"

Resecurity has discovered "GXC Team," a cybercriminal group specializing in developing tools for online banking theft, ecommerce deception, and Internet scams. On the dark web, the group's leader recently announced significant price cuts for their products. The posts made by the leader introduced a new tool that applies Artificial Intelligence (AI) to generate fraudulent invoices for use in wire fraud and Business Email Compromise (BEC). According to an FBI report, successful BEC scams led to an average loss of more than $120,000 per incident, costing organizations more than $2.4 billion.

Submitted by grigby1 CPVI on Fri, 01/05/2024 - 15:26

"A Ransomware Payments Ban Risks Criminalizing Victims"

According to industry experts, government bans on ransomware payments risk criminalizing victims. Dominic Trott, director of strategy and alliances at Orange Cyberdefense, points out that a blanket ban on ransomware payments could "shift the focus of criminality" from perpetrators to victims. The warning is prompted by an advisory from the cybersecurity company Emsisoft, which suggested stricter government action against companies that make ransomware payments. These payments would result in ransomware groups being able to scale operations and expand attacks.

Submitted by grigby1 CPVI on Fri, 01/05/2024 - 15:26

37th IEEE Computer Security Foundations Symposium

Read more about 37th IEEE Computer Security Foundations Symposium

"The Computer Security Foundations Symposium (CSF) is an annual conference for researchers in computer security, to examine current theories of security, the formal models that provide a context for those theories, and techniques for verifying security."

11th IEEE Swiss Conference on Data Science (SDS)

Read more about 11th IEEE Swiss Conference on Data Science (SDS)

"The conference addresses all aspects of the data science pipeline, including data storage, data processing, modeling and knowledge attraction, but also the usage of data for innovative products and services, data-based value creation and the ethical challenges around data acquisition, storage and analytics. It is a platform for researchers as well as developers, business strategists and implementation practitioners from companies and other organizations."

Topics of interest include, but are not limited to cybersecurity in relation to data science.

San Diego Cyber Security Summit

Read more about San Diego Cyber Security Summit

"The Fourth Annual San Diego Cyber Security Summit connects C-Suite & Senior Executives responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. Admission gives you access to all Interactive Panels, Discussions, Catered Breakfast, Lunch & Cocktail Reception."

"Ivanti Warns Critical EPM Bug Lets Hackers Hijack Enrolled Devices"

A critical Remote Code Execution (RCE) vulnerability in Ivanti's Endpoint Management (EPM) software could have enabled unauthenticated attackers to take control of enrolled devices or the core server. Ivanti EPM helps manage client devices running various platforms. The now-fixed security vulnerability, tracked as CVE-2023-39336, could have allowed an attacker with access to a target's internal network to launch low-complexity attacks that do not require privileges or user interaction. This article continues to discuss the potential exploitation and impact of the critical EPM flaw.

Submitted by grigby1 CPVI on Fri, 01/05/2024 - 14:51

Seattle/Bellevue Cyber Security Summit

Read more about Seattle/Bellevue Cyber Security Summit

"The Eighth Annual Seattle/Bellevue Cyber Security Summit connects C-Suite & Senior Executives responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. Admission gives you access to all Interactive Panels, Discussions, Catered Breakfast, Lunch & Cocktail Reception."

Detroit Cybersecurity Conference

Read more about Detroit Cybersecurity Conference

"FutureCon Events brings high-level Cyber Security Training discovering cutting-edge security approaches, managing risk in the ever-changing threat of the cybersecurity workforce. Join us as we talk with a panel of C-level executives who have effectively mitigated the risk of Cyber Attacks. Educating C-suite executives and CISOs (chief information security officers) on the global cybercrime epidemic, and how to build Cyber Resilient organizations.

Silicon Valley Cyber Security Summit

Read more about Silicon Valley Cyber Security Summit

"The Seventh Annual Silicon Valley Cyber Security Summit connects C-Suite & Senior Executives responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. Admission gives you access to all Interactive Panels, Discussions, Catered Breakfast, Lunch & Cocktail Reception."

"Machine Learning Helps Fuzzing Find Hardware Bugs"

A new study titled "MABFuzz: Multi-Armed Bandit Algorithms for Fuzzing Processors" delves into the fuzzing technique that introduces commands and prompts to a chip in order to cause the system to behave erratically and unpredictably. The irregular responses to "fuzzed" commands can then point researchers to potential vulnerabilities in the system. If the system does something unusual, researchers examine it to see if there is a security flaw that hackers could exploit. Researchers used reinforcement learning to select inputs for fuzz testing in this study.

Submitted by grigby1 CPVI on Fri, 01/05/2024 - 13:25

Subscribe to