1.The White House established the Artificial Intelligence Security Alliance
The White House is recruiting more than 200 AI companies, stakeholders, and numerous organizations from public society to form the nation's first coalition dedicated to AI security. According to an announcement issued by the U.S. Department of Commerce on February 8, the AI Security Institute Consortium will develop guidelines for red teams, security assessments, and other security measures. The new consortium is part of the Institute for AI Security at the U.S. Institute of Technology and aims to serve as a liaison between AI developers and federal agencies. It will also work on developing collaborative research and safety guidelines for advanced AI models. Cybersecurity experts, legislators, and legal scholars have previously been concerned about the lack of comprehensive regulations, standards, or even a set of best practices to follow for AI developers when developing advanced models that could pose significant risks to *** and public health.
Facts**:2.CISA Releases Joint Cyber Defense Collaboration (JCDC) 2024 Priorities
The U.S. Cybersecurity and Infrastructure Security Agency on Monday (Feb. 12) released the 2024 priorities for the Joint Cyber Defense Collaborative, an action-focused ** and private partnership that has recently faced criticism. The announcement of the three priorities will mark the alignment of "resources and strategic directions". In the coming year, the JCDC will focus on: Defending against Advanced Persistent Threat (APT) actions, improving baseline protection for critical infrastructure owners and operators, and emerging technologies and risks.
Facts**:3.Leading tech companies develop "technology protocols" to combat AI deep fakes
In the so-called "technology deal," major tech companies have shown their willingness to work together to combat artificial intelligence (AI)-generated content that could threaten this year's global democratic elections. The draft agreement will be unveiled at the Munich Security Conference starting on the 16th, and companies such as Meta, Microsoft, Google, TikTok and OpenAI will announce the details. The agreement comes at a time when 64 countries and the European Union will hold a national meeting this year. According to Time magazine, 2 billion eligible voters around the world will go to the polls, or about 49% of the world's population. "In a pivotal year for global elections, tech companies are working on a protocol to combat AI-powered deception against voters," Big Tech said in a joint statement. Adobe, Google, Meta, Microsoft, OpenAI, TikTok, and others are working together to achieve this common goal.
Facts**:4.Smart helmet flaws put millions of people at risk of hacking and surveillance
According to cybersecurity firm Pen Test Partners, Livall's smart helmet has inherent flaws that could lead to the leakage of critical, sensitive user information, including location data. The advent of smart skiing technologies such as Oakley Recon goggles and smart ski helmet speakers has made skiing or cycling more fun, but the dangers posed by internet-connected devices cannot be ignored either. Research conducted by Pen Test Partners (PTP) highlights the latest security and privacy concerns for smart helmets and other connected devices. According to PTP, Livall's smart helmet has inherent security vulnerabilities that could lead to the leakage of critical, sensitive user data.
Facts**:5.Islamic charities in Saudi Arabia are subject to sophisticated cyberattacks
An Islamic charitable nonprofit based in Saudi Arabia has been the target of long-term cyberespionage campaigns. The campaign, which began in May 2023, involved sophisticated tactics employed by unidentified threat actors. According to a new report from cybersecurity firm Talos, attackers use malware called "zardoor" to establish persistence in the targeted organization's network, the initial access vector of which remains undisclosed. To evade detection, they make extensive use of open-source reverse tools such as Fast Reverse (FRP), SSOCKS, and Venom.
Facts**:6.Eighteen hospitals in Romania have been paralyzed by cyberattacks
In Romania, at least 18 hospitals are facing serious operational problems due to a large-scale ransomware attack that has brought down the local healthcare management system. The Hippocrates Information System (HIS), which Romanian hospitals use to manage medical activities and patient data, was attacked over the weekend. As a result, the system database is encrypted, making his inaccessible. The Romanian Ministry of Health reported the incident on the night of 11-12 February. As a result of an attack on the production server running the HIS information system, the system was completely paralyzed and files and databases were encrypted. The incident is being investigated by IT experts, including those from Romania's National Cyber Security Agency (DNSC).
Facts**:7.Willis Lease Finance, the largest aircraft engine manufacturer, has been hit by a cyberattack
Willis Lease Finance Corporation, a jet engine leasing company, was the victim of a cyberattack during which classified data ended up in the hands of the Black Basta group. This is known from a Form 8-K filing with the U.S. Securities and Exchange Commission (SEC) on Feb. 9. The company spotted signs of unauthorized access on Jan. 31 and immediately began remediating the incident. The document states that leading experts in the field of cybersecurity have been hired to investigate the incident and put it to rest. Nonetheless, the company acknowledges that due to certain system outages, temporary solutions have had to be developed in order to continue operating and serving customers.
Facts**:8.Southern Water UK notifies customers and employees of a data breach
Southern Water confirmed that the personal data of customers and employees was accessed in a recent ransomware attack. UK water suppliers** have revealed that they plan to notify 5-10% of their customer base that their personal information has been affected. The company serves around 4.6 million customers in the south of England, which could equate to between 230,000 and 460,000 people. In addition, the company said in a post on February 13, 2024, that all current employees and some former employees will be notified that their personal data may have been accessed. These notices will provide advice and guidance on the potential risks to those affected, as well as preventive measures on how to mitigate the risks.
Facts**:9.The "Storm" hacker group attacked the US Fifth Fleet and leaked the secrets of the US military base in Bahrain
TASS reported that on February 11, a hacker group called "Storm" from Bahrain successfully carried out a cyberattack on the shipboard systems of the US Fifth Fleet ships. TASS with reference to the Fars news agency. The hackers said they had access to classified U.S. documents, including the U.S. military base in Bahrain and detailed plans. They also distributed some stolen documents warning them that they had more important information. It will fall into the hands of those who support the "axis of resistance" against the United States. The Axis of Resistance unites various Muslim militant groups, mainly Shiites, including Allah, Hamas, Ansar Allah and Iraqi Islamic resistance.
Facts**:10.The spyware thetruthspy was hacked: the data of tens of thousands of users in the public domain was affected
According to the latest data from TechCrunch journalists, the Android spyware called ThetruthSpy is available to everyone**, and the software has a number of vulnerabilities, so that information from tens of thousands of malware-infected devices will not only be obtained by unfortunate stalkers who decide to use illegal applications, but also in general for any hobbyist with sufficient technical knowledge. Recently, two groups of hackers independently discovered and exploited a vulnerability that allowed them to access victims' stolen mobile device data on a large scale directly from TheTruthSpy servers.
Facts**:11.A cyberattack on a German battery producer disrupted production lines
German battery manufacturer Varta AG announced that its IT systems were subjected to a cyberattack on the night of February 12. According to the company's press release, the attack affected five production plants and their administrations. As a result, the company's IT systems and its assembly lines have been temporarily shut down and disconnected from the internet. The scope and impact of the attack are still being determined, so it's unclear what type of attack the battery company is dealing with, whether it's ransomware or something else. Varta AG also noted that it has taken precautions to prevent further attacks and has set up a working group to help restore operations if possible with cybersecurity experts. Varta AG has not provided any additional information about when production will resume or when its IT systems will be connected to the internet again.
Facts**:12.The 2023 ICS Vulnerability Report highlights the current state and trends of CVE
The ICS Consulting Project (ICS[AP]) and Industrial Data Works released their first annual ICS vulnerability report on Wednesday (Feb. 14), which showed a slight decrease in the total number of CISA (Cybersecurity and Infrastructure Security Agency) ICS consultations in the United States in 2023 compared to the previous year. The second half of 2023 also saw this trend of decreasing consultations. Specifically, the number of CISA ICS consultations in the first half of 2023 decreased by 1 compared to the first half of 20226%。There has been an increase in the total number of CVEs reported in the 2023 CISA ICS bulletin. Since 2022, there has been an overall increase in the number of CVEs in CISA ICS bulletins. This helps identify and assess important trends in common vulnerabilities and exposures (CVEs), providing insights to operational technology (OT) and ICS asset owners. In 2023, the manufacturing and energy sectors were most impacted by CISA ICS recommendations, accounting for 44% and 20% of the total reported CVEs, respectively.
Facts**:13.CISA and Fortenet warn of new Fortios zero-day vulnerabilities
Cybersecurity vendor Fornetet released security updates to address remote execution vulnerabilities in Fortios (CVE-2024-21762, CVE-2024-23313). These vulnerabilities could be exploited by cyber threat actors to take control of the affected systems. Fornetet notes that CVE-2024-21762 could be exploited in the wild. On February 9, 2024, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) updated its Known Exploited Vulnerabilities (KEV) Catalog to include CVE-2024-21762, following Fortinet's recommendations. CISA confirms that the vulnerability affects multiple versions and is being actively exploited.
Facts**:14.CISA has issued an ICS advisory regarding hardware vulnerabilities in Qolsys and HID devices
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an Industrial Control Systems (ICS) advisory last week, warning Johnson Controls subsidiary Qolsys and HID devices deployed in critical infrastructure around the world about hardware vulnerabilities. These advisories provide timely information about current security issues and vulnerabilities around ICS. In its advisory, CISA disclosed that Qolsys' IQ Panel 4 and IQ4 Hub devices contain vulnerabilities where sensitive information is exposed to unauthorized attackers.
Facts**:15.Microsoft confirms the vulnerability in which Windows system security features were bypassed
Microsoft rolled out a slew of security-themed software updates on Tuesday (Feb. 12) and called for urgent attention to at least three vulnerabilities that have been exploited in real-time malware attacks. The world's largest software manufacturer has logged 72 security vulnerabilities in the Windows ecosystem and warned users of the risk of remote** execution, security function bypass, information leakage, and privilege escalation attacks. Microsoft has flagged three vulnerabilities in the "Exploited" column and warned that cybercriminals are launching phishing and spoofing attacks that bypass the security protections of the operating system.
Facts**:16.Cyberattacks continue to hit critical infrastructure, exposing vulnerabilities in the oil, water, and healthcare industries
A recent cyberattack on critical infrastructure resulted in a serious data breach that affected the operations of a Canadian Petroleum Pipeline Company, a British water utility, and a hospital that had limited communication with patients after a cyberattack on its network. These incidents reveal how sophisticated cybercriminals exploit weaknesses in security systems to compromise services, steal sensitive information, or demand ransom. Removing these attacks can lead to immediate operational setbacks, potentially causing long-term damage to public trust and safety. Such incidents are a stark reminder of the urgency of protecting critical infrastructure from cyber threats, highlighting the need to strengthen cybersecurity defenses to ensure public safety and confidence.
Facts**:17.Researchers say a Keytrap DNS attack could bring down much of the internet
A team of researchers has revealed a new DNS-related vulnerability that could be used to disable much of the internet. The vulnerability, known as Keytrap and officially known as CVE-2023-50387, is described as a critical flaw in the design of the Domain Name System Security Extensions (DNSSEC), a DNS feature that authenticates domain name lookup responses. The goal of DNSSEC is to prevent attackers from manipulating or poisoning responses to DNS requests. However, researchers at the National Center for Applied Cyber Security Research in Athene, Germany, found that a design flaw could allow a malicious actor to cause severe internet outages with a single specially crafted DNS packet, resulting in CPU resource exhaustion.
Facts**:18.4 years of research on hacking psychology led by IARPA is supported
The IARPA office announced last week that the Director of National Intelligence Research Unit has begun studying the psychology of cyber attackers as part of the effort to bias hackers' intelligence and thwart hostile intrusion attempts. The intelligence advanced research project activity, titled "Reimagining Security with Cyber Psychology-Based Cyber Defense" (ReScind), will "exploit attackers' human limitations, such as innate decision-making biases and cognitive vulnerabilities, to undermine their attacks," ODNI said. "By combining traditional cybersecurity practices with the emerging field of cyberpsychology, IARPA will design a first-of-its-kind cyber technology that makes the attacker's job more difficult," the project announcement added. ”
Facts**:19.Bugcrowd, a well-known bug bounty platform provider, has announced a funding round of 1$0.2 billion
Bugcrowd, a bug bounty platform provider, announced on Monday (Feb. 12) that it has raised $1 from General Catalyst, Rally Ventures, and Costanoa Ventures$0.2 billion in strategic growth funding. The new investments will be used to accelerate growth, continue to enhance its crowdsourced security platform, and strategic M&A opportunities. Bugcrowd's last funding round was announced in 2020 when the company raised $30 million in a Series D funding round, bringing the total funding round to over $80 million. BugCrowd enables organizations to run bug bounties and vulnerability disclosure programs that help them find vulnerabilities in their products and systems with the help of hundreds of thousands of white hat hackers registered on their platform.
Facts**: