Here’s five ways to implement a cyber resilience plan well before a medical facility experiences a crisis.
Tag: Well
AI, Global Security News
Q&A: How video helps build robot brains for physical AI
Robots could well be the next trillion-dollar tech opportunity, in no small part thanks to AI. Not surprisingly, that’s led to race by a variety of robotics companies to build industrial and humanoid robots to help (or replace) humans. And to help orient those devices visually in the real world, robot brains are being fed Youtube…
AI, Global Security News
Weekly Update 505
Well, that didn’t last long! Recording this on Saturday morning my time, I observed ShinyHunters having gone quiet since the massive haul that would have been the Instructure ransom. It was two weeks almost to the hour since I’d first heard rumour of payment being made, and I posited that groups like this often go…
AI, Global Security News, malware
Cross-Platform NPM Stealer, (Fri, May 22nd)
I found a Node.js stealer that looked pretty well obfuscated. The file was not running out-of-the-box because it was uploaded on VT as “extracted-decoded.js” (and reformated). The SHA256 is 049300aa5dd774d6c984779a0570f59610399c71864b5d5c2605906db46ddeb9[1]. It did not run properly in a sandbox so only a static analysis was performed. The key point is that it is a cross-platform stealer…
Global Security News
Nvidia releases driver updates to fix 14 critical vulnerabilities
The vulnerabilities affect GeForce, RTX, Quadro, Tesla, and NVS product lines, as well as vGPU and Cloud Gaming software.
AI, Apps, china, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, Risk Management
The readiness paradox: Why a false sense of cyber confidence is becoming a liability
There’s this old proverb that’s stuck with me over the years: “Dig the well before you are thirsty.” It really means you should prepare for the crisis before it arrives. In cybersecurity, it’s a mentality that’s long underpinned investment, strategy and board-level conversations. And by many measures, organizations appear to have already ‘dug’ that well.…
Global Security News
When ransomware gets physical: cybercriminals turn to threats of violence
Pay up, or we’ll pay someone to pay you a visit. Cybercrime gangs are increasingly turning to real-world threats – and even hiring local muscle to deliver the message. Read more in my article on the Hot for Security blog.
AI, Global Security News, privacy, Risk Management
8 critical questions about the Googlebook, Android, and ChromeOS
Well, hell’s bells: It’s finally happening. After years of misguided rumors and off-base expectations — over a decade’s worth, even! — Google is actually now on the brink of combining Android and ChromeOS into a single superpowered platform for laptops and mobile devices alike. The company officially announced the advent of an entirely new type…
AI, Compliance, Global Security News
AI is ready to take over Python programming, but not much else
Tests of how well 19 large language models (LLMs) complete and perform complicated multi-step tasks has shown that they are both error-prone and, in many cases, unreliable. The findings are contained a preprint paper, LLMs Corrupt Your Documents When You Delegate, written by Microsoft researchers Philippe Laban, Tobias Schnabel and Jennifer Neville based on a…
AI, Apps, Cybersecurity, Endpoint, Exploits, Global Security News, Network Security, Risk Management
May Patch Tuesday roundup: Critical holes in Windows Netlogon, DNS, and SAP S/4HANA
Critical vulnerabilities in Windows Server’s networking and identity infrastructure, as well as a serious hole in Microsoft Dynamics 365 on-premises version, highlight Microsoft’s May Patch Tuesday fixes. They are among the 118 vulnerabilities identified this month by the company. Some in cloud-based services like Azure and Microsoft Teams have already been fixed, so no admin…
AI, Global Security News
Weekly Update 503
Well, it’s the day before the Instructure “pay or leak” deadline (at least by my Aussie watch), and the company remains removed from the ShinyHunters website. In its place sits a press statement that amounts to “we’re not making any statements”. So did they pay? And if so, what lofty figure would an incident of…
Global Security News
Small Defense Firms Lack Network Data to Stop Nation-State Hackers, Analyst Says
Team Cymru’s Stephen Campbell warned that small US defense contractors are not well prepared to face cyber intrusions through edge devices
AI, Data Breaches, Global Security News
The calm before the ransom: What you see is not all there is
A breach claims the systems as well as the confidence that was, in retrospect, a major vulnerability
AI, Cybersecurity, Global Security News
MSP Well Aims to Break Stigma, Support Mental Health in Channel
Cavelo CEO James Mignacca, alongside several channel leaders and others, has founded the MSP Well organization to address mental health stigma within the channel. We spoke with Mignacca about the non-profit and how he hopes to support channel professionals. MSP Well launches to address burnout and stress in MSP and MSSP community Mignacca told Channel…
AI, Global Security News, Network Security
Weekly Update 491
Well, the ESP32 Bluetooth bridge experiment was a complete failure. Not the radios themselves, they’re actually pretty cool, but there’s just no way I could get the Yale locks to be reliably operated by them. At a guess, BLE is a bit too passive to detect state changes, and unless it was awake and communicating,…
AI, Apps, Global Security News, malware, Network Security, Politics, Risk Management
OpenClaw: The AI agent that’s got humans taking orders from bots
Well, that escalated quickly. I’m talking, of course, about OpenClaw (a.k.a. Moltbot a.k.a. Clawdbot), which not only represents a headlong rush into unchecked agentic AI, but also an emerging ecosystem that reads like every dystopian cautionary cyberpunk novel ever written. As my colleague and friend Steven Vaughan-Nichols detailed earlier this week, it’s a “security nightmare.” …
AI, Apps, Global Security News, IT Management, metaverse, Virtual reality
HP’s ExtendXR Service Gets an Early Lead on a Looming Metaverse Problem
When it comes to technological breakthroughs, we’re often well into the deployment of the new technology before anyone figures out we need to manage all aspects of it. The metaverse will likely prove to be no exception. The metaverse uses existing servers and workstations, which already have a variety of management tools used to manage…
AI, Apps, Global Security News
HP’s ExtendXR Service Gets an Early Lead on a Looming Metaverse Problem
When it comes to technological breakthroughs, we’re often well into the deployment of the new technology before anyone figures out we need to manage all aspects of it. The metaverse will likely prove to be no exception. The metaverse uses existing servers and workstations, which already have a variety of management tools used to manage…