-
U.S. Sanctions Chinese Cybersecurity Firm for State-Backed Hacking Campaigns
U.S. sanctions Integrity Technology Group for aiding Flax Typhoon’s state-sponsored hacks, targeting U.S. systems since 2021. Read more Go to Source
-
Data Sheet: Nvidia’s $700 million open source surprise
Plus: Bytedance’s $7 billion loophole, AI-enabled robo-surgeons, the U.S. Treasury hack, and an IBM antitrust probe—in the latest edition of Fortune’s flagship tech newsletter. Read more Go to Source
-
Massive healthcare breaches prompt US cybersecurity rules overhaul
The U.S. Department of Health and Human Services (HHS) has proposed updates to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to secure patients’ health data following a surge in massive healthcare data leaks. These stricter cybersecurity rules, proposed by the HHS’ Office for Civil Rights (OCR) and expected to be published as…
-
Texas awards $170 million contract for cybersecurity assistance
At the end of a year when Texas employees were among those targeted by hackers, the state has awarded a multi-million-dollar contract to a company that works with entities to increase technological efficiency and offer cybersecurity protection. Science Applications International Corporation (SAIC) announced Dec. 18 that it was awarded a $170.9 million contract from the…
-
How to Steal an AI Model Without Actually Hacking Anything
Researchers developed a technique that senses a model’s electromagnetic ‘signature’ and compares it to other models run on the same kind of chip. Read more Go to Source
-
Bug in macOS, Gatekeeper’s security can be bypassed by malware.
The macOS operating system was recently patched for a security vulnerability that could be exploited by a threat actor to bypass “myriad foundational macOS security mechanisms” and run arbitrary code. Patrick Wardle described the discovery in a series of tweets on Thursday. According to CVE-2021-30853 (CVSS 5.5), the issue involves a scenario where a rogue…
-
Azure App Service Exposed Hundreds of Source Code Repositories after four years.
A security flaw has been discovered in Microsoft’s Azure App Service that exposed source code for customer applications written in Java, Node, PHP, Python, and Ruby for at least four years since September 2017. According to Wiz researchers, the vulnerability, codenamed “Not Legit,” was first reported to the tech giant on October 7, 2021, and…
-
ON Log4j Vulnerability CISA, FBI, and NSA publish a joint advisory.
The Australian, Canadian, New Zealand, U.S., and U.K. cyber security agencies released a joint advisory on Wednesday in response to the widespread exploitation of multiple vulnerabilities in Apache’s Log4j software library by malicious actors. “These vulnerabilities, especially Log4Shell, are severe,” the intelligence agencies stated in the new guidance. Cyber threat actors are actively scanning networks…