News

@BnkInfoSecurity
bankinfosecurity.com > ismg-editors-ai-phishing-kits-go-mainstream-a-32259

ISMG Editors: AI Phishing Kits Go Mainstream

2+ hour, 57+ min ago  (177+ words) 3rd Party Risk Management, Agentic AI, AI-Based Attacks In this week's panel, four ISMG editors discussed the rise of artificial intelligence-powered phishing toolkits, potential fallout from the U.S. government's decision to delay a major overhaul of the HIPAA Security Rule and what…...

@BnkInfoSecurity
bankinfosecurity.com > lessons-learned-us-cybersecurity-agency-leaked-secrets-a-32257

Lessons Learned: US Cybersecurity Agency Leaked Secrets

5+ hour, 14+ min ago  (598+ words) Lock down public code repositories, monitor those repos for secrets, and if they get exposed, have a well-tested incident response playbook at the ready. See Also: Beat the Breach: Outsmart Attackers and Secure the Cloud Those are among the "lessons…...

@BnkInfoSecurity
bankinfosecurity.com > breaches-from-lost-or-stolen-devices-hit-all-time-low-a-32232

Breaches From Lost or Stolen Devices Hit All-Time Low

22+ hour, 57+ min ago  (1238+ words) Artificial Intelligence & Machine Learning, Cloud Security, Data Privacy Good news about progress in cybersecurity in healthcare is rare, but this year reports of breaches lost or stolen unencrypted laptops, desktop computers, servers or other computing devices may hit an all-time…...

@BnkInfoSecurity
bankinfosecurity.com > an-ai-harness-may-matter-more-than-latest-model-a-32231

Why an AI Harness May Matter More Than the Latest Model

21+ hour, 56+ min ago  (180+ words) See Also: Beat the Breach: Outsmart Attackers and Secure the Cloud Schneier said security leaders should look beyond model brands and focus on the software harness surrounding each system. Harnesses manage prompts, outputs, context, guardrails and coordination among multiple models....

@BnkInfoSecurity
bankinfosecurity.com > hhs-wants-input-on-cyber-ai-for-regulations-on-clinical-labs-a-32246

HHS Wants Input on Cyber, AI for Regulations on Clinical Labs

23+ hour, 25+ min ago  (512+ words) The Department of Health and Human Services is asking for public feedback on cybersecurity practices and the use of artificial intelligence for a possible update to decades-old rules-of-the-road regulations for U.S. clinical laboratories. See Also: Beat the Breach: Outsmart Attackers and…...

Google News
bankinfosecurity.com > breach-roundup-extortionists-annoyed-by-waning-ransomware-a-32250

Breach Roundup: Extortionists Annoyed by Waning Ransomware

1+ day, 7+ min ago  (1564+ words) Cybercrime, Fraud Management & Cybercrime, Incident & Breach Response See Also: Know Thy Enemy: Threats to Cyber Resilience Ransomware victims are shelling out less to cybercriminals, leading attackers to seek new strategies reshape the extortion industry. Perhaps not coincidentally, The Gentlemen for…...

@BnkInfoSecurity
bankinfosecurity.com > ai-in-healthcare-demands-stronger-data-oversight-a-32237

Why AI in Healthcare Demands Stronger Data Oversight

1+ day, 23+ hour ago  (230+ words) As healthcare organizations and their vendors develop and implement agentic artificial intelligence and other AI technology, they should conduct a thorough data inventory and have a solid understanding of what data can and cannot be used under HIPAA and other…...

@BnkInfoSecurity
bankinfosecurity.com > ai-adds-human-oversight-tax-to-cybersecurity-a-32226

AI Adds a Human Oversight Tax to Cybersecurity

2+ day, 23+ hour ago  (794+ words) Artificial intelligence is reshaping cybersecurity work, but not necessarily reducing it, as professionals spend more time determining whether AI-generated recommendations can be trusted, according to new ISC2 research. See Also: AI Is Transforming the Chief Data Officer Role The findings suggest…...

@BnkInfoSecurity
bankinfosecurity.com > us-government-launches-ai-vulnerability-clearinghouse-a-32228

US Government Launches AI Vulnerability Clearinghouse

2+ day, 22+ hour ago  (388+ words) The U.S. government launched an clearinghouse on July 2 to coordinate artificial intelligence-assisted vulnerability discovery, the White House said Tuesday. See Also: Edge Transformation: Top 5 SASE Predictions and Trends The information sharing effort, called Gold Eagle, is built by the Departments of…...

@BnkInfoSecurity
bankinfosecurity.com > microsoft-signed-legacy-shims-undermine-secure-boot-a-32224

Microsoft-Signed Legacy Shims Undermine Secure Boot

2+ day, 23+ hour ago  (556+ words) Governance & Risk Management, Patch Management, Vulnerability Assessment & Penetration Testing (VA/PT) Some Microsoft-signed first-stage bootloaders have grown vulnerable with age. Their entire job to establish trust can be exploited to bypass Secure Boot protections, researchers found. See Also: OnDemand I…...