 Your new post is loading...
Your new post is loading...
|
Scooped by
Gust MEES
|
It's also quite sobering, as there are already countless examples of how it changes the game for black hats of all stripes. In one of the first proofs-of-concept, NYU professor Brendan Dolan-Gavitt used ChatGPT to exploit a buffer overflow vulnerability. Other examples include writing malware with lightning speed and crafting convincing, grammatically correct phishing emails.
The weaponization of AI within cybersecurity is not new, but what excites me the most about ChatGPT is its potential for closing information security's biggest gap: the lack of sufficient talent, in both breadth and depth of cybersecurity skills (i.e., specializations). To illustrate this further, here are three ways ChatGPT will change infosec in 2023.
|
|
Scooped by
Gust MEES
|
We know that the popular ChatGPT AI bot can be used to message Tinder matches. It can also turn into a swankier version of Siri or get basic facts completely wrong, depending on how you use it. Now, someone has used it to make malware.
In a new report by the security company CyberArk(Opens in a new window) (and reported by InfoSecurity Magazine(Opens in a new window)), researchers found that you can trick ChatGPT into creating malware code for you. What’s worse is that said malware can be difficult for cybersecurity systems to deal with.
|
|
Scooped by
Gust MEES
|
The metaverse has drawn hype in recent months, with companies like Meta and Ralph Lauren rushing to get their foot in its virtual door.
But cybercrime in the real world is already becoming more rampant. Check Point, a cybersecurity firm, reported a 50% increase in overall attacks per week on corporate networks last year compared with 2020.
As businesses rush to plant their flag in the metaverse, not all may realize the full dangers of this new world, says Prabhu Ram, head of the industry intelligence group at CyberMedia Research.
Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=Metaverse
|
|
Scooped by
Gust MEES
|
The NATO Cyber Security Centre (NCSC) has completed its test run of secure communication flows that could withstand attackers using quantum computing.
Konrad Wrona, principal scientist at the NCSC, told ZDNet that it is becoming increasingly important to create protection schemes against current and future threats.
"Securing NATO's communications for the quantum era is paramount to our ability to operate effectively without fear of interception," Wrona said.
"The trial started in March 2021. The trial was completed in early 2022. Quantum computing is becoming more and more affordable, scalable and practical. The threat of 'harvest now, decrypt later' is one all organizations, including NATO, are preparing to respond to. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=Quantum-Computing
|
|
Scooped by
Gust MEES
|
The amount of scams and fraud in the NFT space is overwhelming," the internal letter, which over 400 employees have signed, reads. "We implore you to reconsider."
Indeed, the NFT space is rife with shady dealings and theft. In January, OpenSea, which bills itself as "world's first and largest NFT marketplace," admitted that "over 80%" of NFTs minted using its free minting tool "were plagiarized works, fake collections, and spam.
Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=NFT
|
|
Scooped by
Gust MEES
|
Microsoft is acquiring CloudKnox Security to help build out its cloud security and Zero Trust strategy for an undisclosed amount, officials announced on July 21. Officials said they will provide more information on what they'll be doing with CloudKnox's technology as they integrate it with Microsoft's existing identity, security, and compliance services, including Microsoft 365 Defender, Azure Defender, and Azure Sentinel.
CloudKnox Security is based in Sunnyvale, CA. Its security platform supports the monitoring and management of identities, actions, and resources in hybrid and multi-cloud environments, according to its web site. CloudKnow has been a big AWS partner. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=Acquisitions
|
|
Scooped by
Gust MEES
|
|
|
Scooped by
Gust MEES
|
F-Secure has announced the acquisition of Digital Assurance to add security consultancy services to its portfolio.
With a legacy of offering assessment services to governments and companies in the financial, petrochemical, retail, communication and defense industries, UK-headquartered Digital Assurance will allow F-Secure to offer a wider range of products and services, and add an established team of cybersecurity specialists which will help F-Secure bring its advanced technology and security expertise to a greater number of organizations in the UK.
Digital Assurance develops a range of security testing, information assurance and security training products and services to reduce the cost and complexity of mandatory and regulatory compliance.
Through the acquisition, Digital Assurance will become part of F-Secure’s Cyber Security Services business unit. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=Acquisitions
|
|
Scooped by
Gust MEES
|
Cutting-edge research from Massachusetts Institute of Technology makes bold claims about RFID technology.
Now, the researchers claim their cutting-edge findings would mean that security concerns regarding RFID systems become a thing of the past. According to Chiraag Juvekar, an electrical engineering graduate at MIT and a co-author of the research, the new chip has been designed to curb so-called 'side-channel attacks' that can be used to steal the encryption keys contained in RFID technology.
|
|
Scooped by
Gust MEES
|
|
|
Scooped by
Gust MEES
|
|
|
Scooped by
Gust MEES
|
|
|
Scooped by
Gust MEES
|
Over the past few years, the personal data theft landscape has changed as online behaviors and activities evolve. To better understand this crime, it helps to understand what personal data is worth to an identity thief. The average identity thief doesn’t steal data to use for him or herself. In most cases, they take the personal information and sell it on the online black market. It can be surprising what an individual’s personal information is worth.
Based off of what we’ve seen at CSID, a credit card number, name and date of birth can sell for $13. A Social Security Number can go for $20. A bank account with a balance of $10,000 goes for an average cost of $625. Even the value of a person’s social media account has worth. According to RSA, 10,000 followers on Twitter sell for $15. 1,000 likes on Facebook sell for $15.
|
|
|
Scooped by
Gust MEES
|
|
|
Scooped by
Gust MEES
|
THE TROUBLE WITH THE METAVERSE
Innovators are diving into a new and immersive virtual space, but with new technology comes new threats. We bring forward possible problematic issues that metaverse pioneers should be wary of.
What is the metaverse?
Download Metaverse or Metaworse? Cybersecurity Threats Against the Internet of Experiences
Right now, there is no definitive answer. There are plenty of differing opinions about what the metaverse is and how it fits into the bigger picture of the internet. But the metaverse is still in the early days of development, and many companies are creating new technologies to carve out their nook in this immersive virtual landscape.
For now, we can define the metaverse as a cloud distributed, multi-vendor, immersive-interactive operating environment that users can access through different categories of connected devices (both static and mobile). It uses Web 2.0 and Web 3.0 technologies to provide an interactive layer on top of the existing Internet. As proposed, it is an open platform for working and playing inside an extended reality environment, and it will also be a communications layer for smart city devices.
However, given the changing circumstances, we fully expect our definition to evolve as the metaverse concept evolves. Of course, this uncertainty makes securing the environment much more complicated.
Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=Metaverse
|
|
Scooped by
Gust MEES
|
Google is buying cybersecurity company Mandiant in an all-cash transaction valued at approximately $5.4 billion.
Mandiant’s operations, which draw on the work of more than 600 security consultants and more than 300 intelligence analysts, will be folded into Google Cloud to create an “end-to-end security operations suite.” A range of services will be offered, from consulting on cybersecurity to detecting upcoming threats and testing company’s digital defenses. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=Acquisitions
|
|
Scooped by
Gust MEES
|
Les spéculations vont bon train sur les places de marché NFT. Pourtant, les risques de se faire avoir sont nombreux, et même de plus en plus. Voici quelques vérités qui font mal.
Le marché des NFT, ces objets de collection virtuels, est en pleine ébullition. On ne compte plus le nombre de punks, singes et autres gorilles dont on peut acheter la trombine, à des prix parfois très élevés. Cette frénésie spéculative incite de plus en plus d’internautes à sauter le pas et à investir leur bas de laine dans ces Ovnis informatiques. Pourtant, les risques de se faire avoir sont très nombreux. Non seulement ce marché est très faiblement régulé, mais son architecture technique est également intrinsèquement déficiente, comme le montre les hacks et arnaques qui sont révélés presque quotidiennement. Voici donc quelques points de réflexion qui devraient vous passer l’envie d'acquérir un NFT.
1) Acheter un NFT, c’est acheter... du vent !
Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=Metaverse https://www.scoop.it/t/securite-pc-et-internet/?&tag=crypto-currency https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=Coinbase https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=NFT
|
|
Scooped by
Gust MEES
|
Wenn alles miteinander vernetzt ist, kann auch alles gehackt werden“ – mit deutlichen Worten beschrieb Ursula von der Leyen die Herausforderungen und den Stand der IT-Sicherheit im Internet der Dinge. Im Angesicht der steigenden Cyberangriffe im Jahr 2021, ruft die Kommissionspräsidentin die Mitgliedstaaten zum gemeinsamen Handeln auf: von der Leyen kündigt den Entwurf eines neuen Gesetzes an, mit dem Ziel die Security-Lage zu verbessern und eine einheitliche Europäische Cybersicherheitspolitik zu formulieren.
Der für den Binnenmarkt zuständige EU-Kommissar Thierry Breton kommentierte die Ankündigung der Kommission und skizziert die Ziele des neuen Gesetzes. Laut Breton zielt das neue Gesetz auf vier Handlungsfelder: der Prävention durch verbesserte Schutzmechanismen und einheitlichen Cybersicherheitsstandards, Maßnahmen zur Früherkennung von Angriffen und Schwachstellen, eine einheitliche europäische Verteidigungspolitik gegen Cyberangriffe und eine Doktrin der Abschreckung. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/topic/securite-pc-et-internet
|
|
Scooped by
Gust MEES
|
PayPal said Monday that it's acquiring Curv, a startup based in Tel Aviv that provides security infrastructure for digital assets and blockchains. The deal is meant to support PayPal's recent foray into cryptocurrency, including the launch of the company's new business unit focused on blockchain, crypto and digital currencies.
On its website, Curv explains that its "secret sauce" is the use of multi-party computation (MPC) protocols that eliminate the use of private keys for crypto storage. According to Curv, private keys are the single point of failure in public key cryptography.
The company said its MPC protocols leverage independently generated shares of cryptographic material, mathematics and cloud computing to prevent unauthorized access to digital wallets and provide a distributed way to sign blockchain transactions and manage digital assets. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=Acquisitions
|
|
Scooped by
Gust MEES
|
|
|
Scooped by
Gust MEES
|
|
|
Scooped by
Gust MEES
|
CES 2016
Vergesst Passwörter: Everykey öffnet Nutzerkonten und Türen. Vorgestellt wurde die Sicherheits-Hardware von John McAfee.
John McAfee, der skandalträchtige Gründer des gleichnamigen Softwareunternehmens, ist zurück in der IT: Auf der Technik-Messe CES in Las Vegas zeigte er sein neues Projekt Everykey. Es soll das Eingeben von Passwörtern überflüssig machen.
Learn more / En savoir plus / Mehr erfahren:
http://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?tag=CES2016
|
|
Scooped by
Gust MEES
|
|
|
Scooped by
Gust MEES
|
Around 16 million mobile devices worldwide was hit by malware as at the end of 2014, while attacks on communications networks rose during the year, according to new research by Alcatel-Lucent. . Less than 1 percent of infections came from iPhone and Blackberry smartphones. Although, new vulnerabilities, such as the 'Find My iPhone' exploit discovered last year, have emerged in the past 12 months, showing that they are not immune from malware threats.
|
It's also quite sobering, as there are already countless examples of how it changes the game for black hats of all stripes. In one of the first proofs-of-concept, NYU professor Brendan Dolan-Gavitt used ChatGPT to exploit a buffer overflow vulnerability. Other examples include writing malware with lightning speed and crafting convincing, grammatically correct phishing emails.
The weaponization of AI within cybersecurity is not new, but what excites me the most about ChatGPT is its potential for closing information security's biggest gap: the lack of sufficient talent, in both breadth and depth of cybersecurity skills (i.e., specializations). To illustrate this further, here are three ways ChatGPT will change infosec in 2023.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=ChatGPT
https://www.scoop.it/t/21st-century-innovative-technologies-and-developments/?&tag=AI
https://www.scoop.it/topic/21st-century-innovative-technologies-and-developments/?&tag=Ethics