A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Shame those mostly likely to be impacted won’t upgrade if they are still on ancient WordPress installs…
Imagine a nightmare where you are in a dark tunnel and every minute without reaching the light costs a fortune. You try everything to find the exit, but there is nothing you can do. The incarnation of these nightmares is called “Major Incidents” in the cyber security field. These nightmares are likely to become a reality for managers of many organizations today, where companies manage almost all their business processes with digital solutions.
Third-party breaches have become a common phenomenon in the modern cyber threat landscape. In 2021, the Ponemon Insitute estimated that 51% of organizations were impacted by third-party breaches. The 2022 report found that data breach damage costs associated with third-party vulnerabilities rose from US$ 4.33 million in 2021 to US$ 4.55 million in 2022.
Let’s face it, information technology experts are usually not enthusiastic writers. So when it comes to creating an executive report, cybersecurity staff aren’t exactly pushing each other over to get this exciting writing task complete. Instead, it keeps getting delayed, day by day, until the night before its submission. Many get stuck on the executive summary section, obsessing over its perfection.
For the newest instalment in our series of interviews asking leading technology specialists about their achievements in their field, we’ve welcomed Kurt Rohloff, Co-founder and Chief Scientist, of Duality. Prof. Rohloff is the founding architect of the PALISADE open-source homomorphic encryption library and co-founder of the HomomorphicEncryption.org industry consortium.
Amidst the havoc that has been data breaches, another one bites the dust! Microsoft on Wednesday disclosed that they had found a high-severity flaw in the Android version of the TikTok app that gives the hackers a free way to hijack a user's accounts with One SINGLE click. The issue had apparently been reported to Tiktok back in February and was quickly fixed before it could be exploited.
Contrary to what you might have read on the Internet, machine learning (ML) is not magic pixie dust. It’s a broad collection of statistical techniques that allows us to train a computer to estimate an answer to a question even when we haven’t explicitly coded the correct answer into the program.
Data leaks occur when organizations fail to implement proper cybersecurity measures, causing sensitive data and other personally identifiable information (PII) to be exposed to the public. In most cases, data leaks occur due to internal human errors, an oversight by the IT committee, or a lack of strong security practices.
