Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! Ouch! Now this is an incredible revelation and I ‘doff my hat to them: Using the word ‘hallucinations’ is so funny, yeah, I’ve seen some really weird things AI comes up with that I question what has the machine been taking.

Recently, Sysdig published a blog post about the ways businesses can harden their LLM-based AI applications using the OWASP Top 10 for Large Language Models. So why are we writing about MITRE ATLAS, and how is this any different from the OWASP Top 10 for LLMs?

Choosing the right solution to protect endpoints is more important than ever in an environment where corporate cybersecurity attacks are more pervasive, sophisticated, and evasive than ever. Over the past decade, endpoint security has evolved from specific products to multi-functional platforms that not only prevent attacks, but also offer response and recovery capabilities.

The U.S. government, along with global partners, is calling for immediate action to strengthen the security and resilience of undersea cable infrastructure. These cables, vital to the global economy and communications, transmit vast amounts of data, making them critical to the world’s digital infrastructure.

In a significant blow to its reputation and data security practices, Meta has been fined €91 million ($101.56 million) by the Irish Data Protection Commission (DPC) for a major security lapse dating back to March 2019. The investigation revealed that millions of Facebook and Instagram users' passwords were stored in plaintext, an alarming oversight for a company of Meta's scale and influence.

In an increasingly connected world, the lines between digital security and physical safety are rapidly blurring. The automotive industry, now more reliant on connectivity than ever before, faces a new wave of cybersecurity threats. Millions of Kia vehicles, ranging from the 2013 model year to 2025, were recently found to be vulnerable to remote hacking via license plate information.

Decision 2024 – the ultimate election year – is in full swing, with more than 60 countries holding national elections this cycle. In the United States, where presidential candidates are polling neck and neck and stakes are high, this “first true AI election” has brought election security to the forefront of the conversation.

Artificial intelligence (AI) is transforming industries across Asia, driving innovation, economic growth, and societal advancements. However, AI’s profound impact also brings significant governance challenges. As with any transformative technology, robust regulatory frameworks are essential to mitigate risks, ensure ethical use, and protect public interests. Reflecting on the evolution of cybersecurity regulation may provide insight into how AI regulation might develop.

Read also: the US charges money launderers linked to Rescator and Joker’s Stash, a police op dismantles a cybercrime ring in West Africa, and more.

CrowdStrike is excited to announce we are named a Major Player in the IDC MarketScape: Worldwide SIEM for Enterprise 2024 Vendor Assessment.1 This marks our first appearance in a SIEM-focused analyst report since bringing CrowdStrike Falcon Next-Gen SIEM to market less than a year ago. We believe this milestone speaks volumes about our commitment to revolutionizing security operations.