I’m finding it quite fascinating to watch the current spate of ShinyHunters breaches and dumps. There’s the obvious criminality of it all, but then there’s also the response from organisations (or lack thereof, as it relates to disclosure to victims), the appearance and disappearance of victims on their dark web site, the speculation around payments…
Tag: finding
AI, Global Security News
New AI DDoS Attacks Are Smarter. Learn How to Fight Back in This Webinar
Every single day, hackers are finding new ways to crash websites and steal data. But right now, something has changed. Hackers are no longer working alone. They are now using powerful Artificial Intelligence (AI) tools to make their attacks faster, stronger, and much harder to stop. According to recent updates from The Hacker News, bad…
AI, Cybersecurity, Global Security News
The Patching Race Was Already Lost. AI Just Made It Obvious.
AI just rewrote the offensive economics of finding and weaponizing vulnerabilities. Most peers I’m talking to, and most vendor write-ups I’m reading, already get that patching alone isn’t enough. Yet patching still tends to land near the top of most response lists, and from what I’ve seen in the past 30 years, it’s the part…
AI, Global Security News
How CISOs Should Prep for Agentic-Ready AI BOMs
Finding ways to document both component and execution attributes for AI bill of materials (AI BOM).
AI, Exploits, Global Security News, malware
With AI’s help, North Korean hackers stumbled into a near-undetectable attack
For many years, state-sponsored hacking was defined by human expertise in finding security holes, writing malware and exploits, pulling off social engineering and phishing attacks, and much more. Since the advent of LLM-powered AI assistants and tools, less skilled attackers have been able to carry out attacks and compromises that might otherwise have been out…
AI, Apps, Global Security News
AI Memory Shortage Disrupts MSP Pricing and Channel Deals
The global memory shortage is no longer just about finding chips; it’s about finding partners you can trust. What began as a straightforward supply-and-demand crunch has morphed into something messier for managed service providers and IT resellers. Vendors are rewriting the rules of engagement mid-game, eliminating long-standing partner protections and reserving the right to change…
AI, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, Network Security, Risk Management
Anthropic’s Project Glasswing Signals Potential AI-Driven Shift in Cybersecurity
Anthropic’s Project Glasswing highlights how advanced AI models may rival top human experts in finding and exploiting software vulnerabilities. Early claims from the company suggest these models, like Claude Mythos Preview, can operate at large scale and find vulnerabilities faster. However, security leaders share mixed views on the claims. “Mythos appears to materially change the…
AI, Exploits, Global Security News
Anthropic’s new AI model finds and exploits zero-days across every major OS and browser
Automated vulnerability discovery tools have existed for decades, and the gap between finding a bug and building a working exploit has always slowed attackers. That gap is now substantially narrower. Anthropic’s Claude Mythos Preview, a new general-purpose language model being made available only to a limited group of critical industry partners and open source developers,…
AI, Data Breaches, Global Security News
Weekly Update 497
Day by day, I find we’re eeking more goodness out of OpenClaw and finding the sweet spot between what the humans do well and the agent can run off and do on its own. Significantly, we’re shifting more and more of the workload to the latter as all 3 of us at HIBP HQ get…
AI, Global Security News
How to check your co-workers’ schedules in Outlook and Teams
Finding the right time for everybody to meet is a big challenge in work life. Simply throwing out a suggested meeting time in email — “Is everyone free on Thursday at 11am EST?” — often leads to multiple rounds of “I can’t make it then. How about Wednesday at 2pm?” follow-ups. There’s a better way.…
AI, APAC, Cybersecurity, Europe, Global Security News, Russia
Water utilities strengthen cybersecurity through cooperation
Water utilities are finding that letting information flow can flush out cybersecurity problems. The water industry has a security issue: Many utilities operate with ageing systems and minimal IT or cybersecurity personnel. But by coordinating responses to cyber-attacks, participants in a pilot program run by the Cyber Readiness Institute (CRI) and the Center on Cyber…
Cybersecurity, Global Security News
Hot Tips for Finding the Best Stock Photography Sites (20 Platforms to Explore)
In this post, I will give you hot tips for finding the best stock photography sites. Stock photography is one of the most valuable tools for writers, marketers, and designers creating digital content. The right image can instantly make an article more engaging, improve social media performance, and help illustrate complex topics. With hundreds of…
AI, Global Security News, privacy
Reddit fined $19.5 million for failing to protect children’s personal data
The UK’s Information Commissioner’s Office (ICO) has fined Reddit $19.5 million after finding that the company failed to use children’s personal information lawfully, exposing them to inappropriate and harmful content. The investigation found that Reddit did not apply an age assurance mechanism and therefore did not have a lawful basis for processing the personal information…
AI, Apps, Europe, Global Security News, Government & Policy, Network Security
In India, Nvidia eyes a different approach to sovereign AI
Nvidia has been talking about sovereign AI for years, but is finding that India’s cultural and economic diversity calls for a different approach. Unlike in the US, truckloads of GPUs won’t drive the chipmaker’s expansion in India. Instead, the company plans to focus on software first, and deal with computing power later. It’s betting on…
AI, Global Security News
Lessons From AI Hacking: Every Model, Every Layer Is Risky
After two years of finding flaws in AI infrastructure, two Wiz researchers advise security pros to worry less about prompt injection and more about vulnerabilities.
Data Breaches, Europe, Global Security News, Security
European Commission discloses breach that exposed staff data
The European Commission is investigating a breach after finding evidence that its mobile device management platform was hacked. […]
Data Breaches, Europe, Global Security News, Security
European Commission discloses breach that exposed staff data
The European Commission is investigating a breach after finding evidence that its mobile device management platform was hacked. […]