SecurityWeek

Disruptive digital attacks – many traced to Russia-backed groups – have doubled in the European Union in 2024 and are also targeting election-related services, according to the EU’s top cybersecurity official.

The two primary components to the solution are to encrypt company data at all times, and to decrypt only when the file is required for use.

First American will notify 44,000 individuals that their personal information may have been stolen in a December 2023 ransomware attack.

Netflix has paid out more than $1 million for vulnerabilities found in its products since the launch of its bug bounty program in 2016.

While reintegration of formerly incarcerated people into the workforce is important, the government should be cautious about what positions those with a criminal history are put into.

OpenAI is setting up a new safety and security committee and has begun training a new artificial intelligence model to supplant the GPT-4 system that underpins its ChatGPT chatbot.

ABN Amro discloses data breach after third-party services provider AddComm suffers a ransomware attack.

While Red Teams can expose and root out organization specific weaknesses, there is another growing class of vulnerability at an industry level.

Auction house Christie’s has confirmed suffering a data breach following a ransomware attack launched earlier this month.

Private equity company Hg has acquired audit, compliance and risk management firm AuditBoard for over $3 billion.

A threat actor is asking $50,000 for data allegedly stolen from Australian digital prescription services provider MediSecure.

Pharmacy prescription services provider Sav-Rx says the personal information of 2.8 million was stolen in a cyberattack.

Check Point is warning customers that threat actors are targeting insecure VPN instances for initial access to enterprise networks. 

Only one of seven bills aimed at preventing AI’s penchant to discriminate when making consequential decisions — including who gets hired, money for a home or medical care — has passed.

Backdoored JAVS courtroom recording and management software installer puts thousands at risk of complete takeover.

Averson secures seed funding to build technology that uses AI to identify cloud security weaknesses and counter cyberattacks.

Noteworthy stories that might have slipped under the radar: Chinese repair ships might be spying on undersea communications, spyware found at hotel check-ins, UK not ready for China threat.

Exploited in the wild, Chrome vulnerability CVE-2024-5274 is a high-severity flaw described as a type confusion in the V8 JavaScript and WebAssembly engine.

U.S. intelligence agencies are scrambling to embrace the AI revolution, believing they’ll be smothered by exponential data growth as sensor-generated surveillance tech further blankets the planet.

MITRE has shared information on how China-linked hackers abused VMware for persistence and detection evasion in the recent hack.