Lifeboat Foundation

This post is also available in: עברית (Hebrew)

Microsoft Outlook was reportedly targeted over 10,000 times this summer by a single threat actor, which is believed to be aligned with Russia.

Cybersecurity company Proofpoint recently unveiled its research announcing that a group they call TA422 (or Forest Blizzard, Pawn Storm, Fancy Bear, and BlueDelta) was seen attempting daily hacking into the same accounts. It seems that this is a continuation of an earlier campaign by TA422 against various organizations in Europe and North America. US intelligence links the group to its Russian counterpart, the GRU.

The new spam detector was tested internally for a year.

Gmail is using a new text vectorizer, called RETVec, to significantly improve spam detection while reducing false positives and latency.

Cyber security is the practice of protecting computer systems, networks, and programs from digital attacks, unauthorized access, damage, or theft of data. The goal of cybersecurity is to ensure the confidentiality, integrity, and availability of information and computing resources.
#cybersecurity.
#informationsecurity.
#cyberthreats.
#cyberattack.
#datasecurity.
#privacy.
#riskmanagement.
#vulnerabilitymanagement.
#incidentresponse.
#cybercrime.
#cyberworld

The hack, which provided unauthorized access to ‘files containing profile information about other users’ ancestry,’ impacted 0.1% of 23andMe’s users worldwide.

Researchers are claiming a breakthrough in quantum communications, thanks to a new diamond-stretching technique they say greatly increases the temperatures at which qubits remain entangled, while also making them microwave-controllable.

Quantum networking is an emerging field that uses weird quantum phenomena to send and receive information. These networks will be impossible to hack, and will use quantum entanglement to cover large distances, creating pairs of qubits which mirror each other’s quantum state without any physical connection.

Diamond-based qubits are capable of maintaining their state of entanglement for a decent length of time – but only provided they’re kept incredibly cold – just a hair above absolute zero. That limits their usefulness, because it’d mean you’d need a giant, energy-intensive cooling apparatus at every node of your quantum network.

The explosive growth of generative AI over the last year has been truly phenomenal. Kick-started by the public release of ChatGPT (was it really only a year ago?), it’s now everywhere. Keen to ride the wave, every app from Office to eBay has been adding generative capabilities, and growing numbers of us are finding uses for it in our everyday and professional lives.

Given its nature, it’s not surprising that content creators, in particular, have found it a powerful addition to their toolset. Marketing agencies, advertising creatives, news organizations and social media influencers have been among the most enthusiastic early adopters.

While it brings great opportunities for improving efficiency and automating manual, repetitive elements of creative work, it also throws up significant challenges. Issues around copyright, spam content, hallucination, the formulaic nature of algorithmic creation and bias all need to be considered by professionals planning on adopting it into their workflow.

Eighteen countries have signed an agreement on AI safety, based on the principle that it should be secure by design.

The Guidelines for Secure AI System Development, led by the U.K.’s National Cyber Security Centre and developed with the U.S.’ Cybersecurity and Infrastructure Security Agency, are touted as the first global agreement of their kind.

They’re aimed mainly at providers of AI systems that are using models hosted by an organization, or that are using external application programming interfaces. The aim is to help developers make sure that cybersecurity is baked in as an essential pre-condition of AI system safety and integral to the development process, from the start and throughout.

NASHVILLE, Tenn. (AP) — A ransomware attack has prompted a healthcare chain that operates 30 hospitals in six states to divert patients from at least some of its emergency rooms to other hospitals, while putting certain elective procedures on pause, the company announced.

In a statement Monday, Ardent Health Services said the attack occurred Nov. 23 and the company took its network offline, suspending user access to its information technology applications, including the software used to document patient care.

The Nashville, Tennessee-based company said it cannot yet confirm the extent of any patient health or financial information that has been compromised. Ardent says it reported the issue to law enforcement and retained third-party forensic and threat intelligence advisors, while working with cybersecurity specialists to restore IT functions as quickly as possible. There’s no timeline yet on when the problems will be resolved.

A new Mirai-based malware botnet named ‘InfectedSlurs’ has been exploiting two zero-day remote code execution (RCE) vulnerabilities to infect routers and video recorder (NVR) devices.

The malware hijacks the devices to make them part of its DDoS (distributed denial of service) swarm, presumably rented for profit.

The discovery of ‘InfectedSlurs’ comes from Akamai, who first spotted it on its honeypots in late October 2023. However, the botnet’s initial activity dates back to late 2022.