Cybercrooks are exploring ways to develop custom, malicious large language models after existing tools such as WormGPT failed to cater to their demands for advanced intrusion capabilities, security researchers say. Undergrounds forums teem with hackers' discussions about how to exploit guardrails.
A phishing-as-a-service platform that allows cybercriminals to impersonate more than 1,100 domains has over the past half year become one of the most widespread adversary-in-the-middle platforms. Attackers are meeting the rise of multifactor authentication by using tools such as Tycoon 2FA.
The Change Healthcare attack - the most disruptive cyber incident to ever hit the U.S. healthcare ecosystem - spotlights the risks that come from relying on a handful of major suppliers, said leaders of the Health Information Sharing and Analysis Center.
The U.S. Cybersecurity and Infrastructure Security Agency posted to the Federal Register its proposed rule-making aimed at implementing a 72-hour reporting requirement for covered critical infrastructure entities as required under the Cyber Incident Reporting for Critical Infrastructure Act of 2022.
The widespread advent of artificial intelligence is opening a fraud detection capability gap between large and small financial institutions, the U.S. Department of the Treasury warns, suggesting that it may use its own historical data to narrow the divide.
The U.S. National Telecommunications and Information Administration released a report Wednesday calling for improved transparency into high-risk artificial intelligence systems, as well as independent audits that can help hold AI developers accountable.
Chinese hacking contractor iSoon supported three separate cyberespionage operations on behalf of Beijing, say security researchers who analyzed a leaked data trove belonging to the firm. Details of the inside workings of the previously obscure Chinese hacking-for-hire firm emerged in February.
Palo Alto Networks Senior Vice President Anand Oswal details how Talon's browser technology secures unmanaged devices, enhances SASE capabilities and facilitates hybrid work. The platform security behemoth bought Tel Aviv, Israel-based based Talon in December for $458.6 million.
Proposed federal sticks and carrots to incentivize the health sector to implement stronger cybersecurity standards are already meeting opposition from some industry groups that say financial help is welcome but payment penalties for perceived laggards likely will do more harm than good.
Calling all high-risk individuals: Ensure you're taking adequate steps to secure your personal devices and accounts, as criminals and nation-state hackers increasingly target them instead of grappling with corporate defenses, warned the U.K.'s National Cyber Security Center.
The European Commission will scrutinize Meta's pivot to a subscription model in response to a string of rulings from data protection boards limiting the social media giant's ability to legally collect user data. Europe announced a slew of investigations into American big-tech companies.
The move to cloud has uncovered a range of risks that enterprises might inadvertently overlook. Transition often highlights cloud concentration risk, which encompasses vendor, availability, business continuity and regulatory risks, said Abid Adam, group chief risk and compliance officer at Axiata.
As thousands of hospitals, clinics and doctor practices potentially have to notify millions of patients about the Change Healthcare breach, the American Hospital Association said the IT services firm and parent company, UnitedHealth Group, should be the sole sender of notifications.
After suffering a data breach, organizations that work closely with regulators and cybersecurity officials will be treated with greater leniency if their case results in penalties and a fine, says new guidance on data protection fines published by the U.K. Information Commissioner's Office.
The Foundation for Defense of Democracies on Monday released a white paper that urges Congress to establish a seventh military branch to serve as an independent armed cyber service amid growing threats in cyberspace from foreign adversaries such as Russia and China.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing paymentsecurity.io, you agree to our use of cookies.