By Fox News Staff Fox News Published December 18, 2024 11:59am EST close 'Real issue' with drone sightings is the greater need for government 'transparency': tech CEO, Dem strategist Raj Goyle, CEO of intelligence firm Bodhala and former Democratic Kansas state representative, told Fox News Digital it is encouraging to see members of both parties come together to try and determine the source of these drones. Welcome to Fox News Artificial Intelligence newsletter with the latest AI technology advancements.IN TODAYS NEWSLETTER:- OpenAI hits back at Elon Musk lawsuit, says he suggested for-profit entity- OpenAI CEO Sam Altman to donate $1 million to Trump's inaugural fund- House AI task force says 'unreasonable' to expect immediate congressional action on AI in 250-page report SpaceX and Tesla founder Elon Musk speaks during an America PAC town hall on October 26, 2024, in Lancaster, Pennsylvania. (Samuel Corum/Getty Images)AI WARS: OpenAI is pushing back against Elon Musk's latest attempt to rework his lawsuit against theartificial intelligence giant that seeks to prevent the company from moving to a for-profit structure, noting in a blog post and legal filing that Musk had argued for it to do so years ago.AGE OF AI : OpenAI CEO Sam Altman is joining the list of U.S. tech titans donating to President-elect Trump's inaugural fund, a spokesperson exclusively told Fox News Digital. (The House task force on AI released a 253-page report. (Getty Images))ARTIFICIAL INTELLIGENCE: The House task force on artificial intelligence is urging the U.S. government to aim for "a flexible sectoral regulatory framework" for the technology in a nearly 300-page report released Tuesday morning.MAC MALWARE MESS: Artificial intelligence is making life easier not just for us but also for cybercriminals. It is enabling them to create elaborate campaigns to deceive people, efforts that would otherwise take months. Security researchers have discovered a new info stealer malware that masquerades as video-calling software. Hackers have built a whole website and set up companies using AI to make the malware appear harmless. Cybercriminals are using AI to deceive internet users. (Kurt "CyberGuy" Knutsson)FOLLOW FOX NEWS ON SOCIAL MEDIASIGN UP FOR OUR OTHER NEWSLETTERSDOWNLOAD OUR APPSWATCH FOX NEWS ONLINEFox News GoSTREAM FOX NATIONFox NationStay up to date on the latest AI technology advancements and learn about the challenges and opportunities AI presents now and for the future with Fox Newshere. This article was written by Fox News staff.

Tech From CAPTCHA to catastrophe: How fake verification pages are spreading malware Learn how you can protect yourself from fake verification pages Published December 18, 2024 10:00am EST close From CAPTCHA to catastrophe: How fake verification pages are spreading malware Hackers are using CAPTCHAs to infect your PC with malware. When you visit a webpage, you might see a CAPTCHA to make sure youre a real person and not a bot. These usually involve jumbled words, some recognizable images or just a box that says, "I am not a robot."CAPTCHAs are harmless, but hackers are now using them to infect your PC with malware.Security researchers have found a huge fake CAPTCHA campaign spreading the dangerous Lumma info-stealer malware, which can bypass security measures like Safe Browsing.This campaign shows how malvertising works, with more than a million ad impressions every day and thousands of victims losing their accounts and money through a network of more than 3,000 sites. Ill break down how this scam works, whos responsible and how you can protect yourself. Illustration of a scammer (Kurt "CyberGuy" Knutsson)How does the scam work?As reportedby Guardio, the fake CAPTCHA scam is a sophisticated malvertising campaign that lures you into unknowingly installing malware under the guise of routine CAPTCHA verification. The cyberattack starts when youre browsing websites, often those offering free streaming, downloads or pirated content. These sites are used by hackers to present you with what appears to be a legitimate CAPTCHA verification page.WHAT IS ARTIFICIAL INTELLIGENCE (AI)?The page mimics a real CAPTCHA, asking you to confirm you are human. However, the instructions are designed to trick you into initiating harmful actions, like triggering the Windows "Run" dialog. Users unknowingly paste and execute a crafted PowerShell command, which silently installs the Lumma info-stealer malware onto their system.The malware targets sensitive data, including social media accounts, banking credentials, saved passwords and personal files, potentially leading to financial and identity theft. Illustration of fake CAPTCHA (Guardio)Whos to blame for this?The fake CAPTCHA scam shows how messy the internets ad system has become, with everyone involved passing the buck. Guardio Labs points to ad networks like Monetag as a big part of the problem. They distribute malicious ads that are disguised during moderation using tricks like cloaking. Publishers, especially those offering free or pirated content, add to the issue by running these shady ads on their sites, often without checking what theyre actually showing users.Then there are services like BeMob, which lets scammers hide their bad links behind harmless-looking URLs. These companies call themselves analytics tools, but theyre helping the scams stay hidden. Hosting providers dont escape blame either. Theyre where these fake CAPTCHA pages live, and they often dont bother to check whats being hosted.Of course, the scammers themselves are the ones pulling the strings. But because they spread their operations across so many platforms, theyre almost impossible to track down. Guardios research shows how all these moving parts work together, creating a system where no one takes responsibility, and the scams keep running.GET FOX BUSINESS ON THE GO BY CLICKING HERE Illustration of a scammer at work (Kurt "CyberGuy" Knutsson)6 ways to stay safe from fake CAPTCHAs1. Use reliable security software:Keeping your antivirus and anti-malware software up to date is one of the most effective ways to protect yourself from fake CAPTCHA scams. A strong antivirus software will detect and block malware like the Lumma info-stealer before it can infect your device.Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android and iOS devices.2. Enable browser protection features:Modern browsers offer built-in security features, such as Safe Browsing and phishing protection, which warn you about potentially dangerous sites. Make sure these features are enabled in your browser settings. These tools can alert you to malicious links or fake CAPTCHAs trying to trick you into downloading malware.3. Be cautious with "free" content:Theres a saying that goes, "If something is free, youre what they are selling." Websites that offer free downloads, streaming services or pirated content are often associated with malvertising campaigns. Fake CAPTCHA scams are commonly spread through these types of sites, where users are tricked into clicking on malicious ads or links. Even if a site seems tempting, its important to be cautious. Avoid clicking on suspicious links or using "free" services, as they could be traps designed to infect your device with malware.4. Avoid clicking on suspicious ads:Always be wary of ads that appear out of nowhere or seem too good to be true. Fake CAPTCHA scams often disguise themselves as legitimate ads, asking you to click to verify you're human. Never interact with pop-up ads or unfamiliar banners, especially those that claim to give you something for free, as they may lead to malicious pages or trigger malware downloads.Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android and iOS devices.5. Check for HTTPS and look for signs of a legitimate site:Before entering any personal information or interacting with a CAPTCHA, ensure that the website is secure. Look for "https://" in the websites URL, which indicates the connection is encrypted. Legitimate websites also tend to have a professional appearance, so if something feels off or the design looks poor, trust your instincts and leave the site.6. Enable two-factor authentication:Two-factor authentication adds an extra layer of security, making it harder for attackers to access your accounts.Kurts key takeawayTheres no question that fake CAPTCHA scams are a growing threat, putting millions of us at risk of malware infections and financial loss. Whats even more concerning is that ad networks, publishers and hosting services continue to allow malicious campaigns to spread through their platforms despite the widespread awareness of the problem. The companies involved must take immediate action to improve content moderation, tighten security measures and prevent these scams from thriving. We are seeing a dangerous loophole in the digital advertising ecosystem that could have serious consequences for internet users.CLICK HERE TO GET THE FOX NEWS APPDo you think ad networks and publishers should be held accountable for the spread of malware through their platforms? Let us know by writing us at Cyberguy.com/Contact.For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.Follow Kurt on his social channels:Answers to the most asked CyberGuy questions:New from Kurt:Copyright 2024 CyberGuy.com.All rights reserved. Kurt "CyberGuy" Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on "FOX & Friends." Got a tech question? Get Kurts free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

Tech Half a million patients' personal info stolen in massive health care data breach Learn how to protect yourself from risks associated with this data breach Published December 18, 2024 6:00am EST close 'CyberGuy': This years most devastating data breaches Kurt Knutsson: Data breaches in 2024 exposed info of millions, stressing the need for better cybersecurity. Data breaches happen all the time, and while no data breach should be ignored, those involving health care institutions require special attention.These breaches can be very damaging and haunt people for life. Recently, hackers leaked the personal data of around 500,000 Americans.They breached the databases of the Center for Vein Restoration (CVR), which claims to be "Americas largest physician-led vein center," stealing not just personal data but also medical records. A doctor filling out a form (Kurt "CyberGuy" Knutsson)What you need to knowCVR, a clinic headquartered in Maryland, experienced a massive data breach where hackers stole highly sensitive personal information, including lab results and health insurance details, as reported byCybernews. The breach occurred in early October, with the clinic detecting "unusual activity" in its systems on Oct. 6.CVR has more than 110 branches across the country, from Alabama to Alaska. This breach has affected hundreds of thousands of individuals. According to anotice filed by CVR with the U.S. Department of Health and Human Services Office for Civil Rights, more than 445,000 people had their personal information compromised.As the name suggests, CVR specializes in vein restoration, a very specialized procedure aimed at improving the health and function of veins. This means the clinic keeps a very elaborate record of its patients health, and now all that is in the hands of hackers, along with copious amounts of personal information.The full list of exposed data includes addresses, dates of birth, Social Security numbers, drivers license numbers, medical record numbers, diagnoses, lab results, medications, treatment information, health insurance information, provider names, dates of treatment and financial information. The inside of a health care center (Kurt "CyberGuy" Knutsson)The risks associated with the CVR data breachThe risks of data breaches depend on the type of company affected. For instance, breaches involving companies like Ticketmaster are generally more manageable because they often expose information like contact details, addresses and, in some cases, identification documents. Even if financial data is leaked, it can typically be mitigated by replacing or blocking compromised accounts.Health care data breaches, however, are far more severe. When companies like CVR are targeted, hackers gain access to sensitive medical records that cannot be altered. Your medical history is permanent and highly sought after on the dark web. Cybercriminals can use this information to commit identity fraud, such as obtaining prescription drugs through false insurance claims. Plus, detailed knowledge of medical treatments, lab results and medications allows attackers to create highly targeted phishing scams, exploiting victims vulnerabilities with alarming precision.We reached out to CVR for a comment but did not hear back before our deadline.WHAT IS ARTIFICIAL INTELLIGENCE (AI)? An emergency room sign (Kurt "CyberGuy" Knutsson)7 ways to keep yourself safe from such data breaches1. Regularly monitor your financial and medical accounts:Periodically review your medical records and health insurance statements for any unusual or unauthorized activity. This can help you quickly identify and address any discrepancies or fraudulent activities.Use patient portals provided by health care providers to access your medical records online. These portals often have features that allow you to track your medical history and appointments.2. Use strong passwords and two-factor authentication: Create strong, unique passwords for your online accounts, including health care portals. Avoid using easily guessable information like birthdays or common words. Consider using apassword manager to generate and store complex passwords.3. Enabletwo-factor authentication (2FA) wherever possible:2FA adds an extra layer of security by requiring a second form of verification, such as a text message code or authentication app, in addition to your password.GET FOX BUSINESS ON THE GO BY CLICKING HERE4. Dont fall for phishing scams; use strong antivirus software: Be mindful of the information you share online and with whom you share it. Avoid providing sensitive personal information, such as Social Security numbers or medical details, unless absolutely necessary. Verify the legitimacy of any requests for personal information. Scammers often pose as health care providers or insurance companies to trick you into revealing sensitive data by asking you to click on links in emails or messages.The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android and iOS devices.5. Use identity theft protection services: Consider enrolling in identity theft protection services that monitor your personal information and alert you to potential threats. These services can help you detect and respond to identity theft more quickly. Some identity theft protection services also offer insurance and assistance with recovering from identity theft, providing additional peace of mind.See my tips and best picks on how to protect yourself from identity theft.6. Freeze your credit:A credit freeze prevents anyone from opening new credit accounts in your name without your authorization, reducing the risk of identity theft. Contact the major credit bureaus (Experian, Equifax and TransUnion) to request a credit freeze. This is often free and can be temporarily lifted when you need to apply for credit.7. Remove your personal data from the internet: After being part of a data breach, it's crucial to minimize your online presence to reduce the risk of future scams. Consider using a personal data removal service that can help you delete your information from various websites and data brokers. This can greatly diminish the chances of your data being used maliciously.Check out my top picks for data removal services here.Kurts key takeawayThe CVR data breach is deeply troubling, affecting nearly half a million individuals and exposing highly sensitive medical and personal information. What makes this breach particularly concerning is the lasting impact health care data leaks can have on victims, from identity theft to targeted phishing scams. Whether or not youve been directly affected, its a stark reminder to take proactive steps, such as monitoring your accounts, enabling multifactor authentication and staying alert to phishing attempts.CLICK HERE TO GET THE FOX NEWS APPDo you think companies are doing enough to protect sensitive data, especially in health care? Let us know by writing us at Cyberguy.com/Contact.For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.Follow Kurt on his social channels:Answers to the most asked CyberGuy questions:New from Kurt:Copyright 2024 CyberGuy.com.All rights reserved. Kurt "CyberGuy" Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on "FOX & Friends." Got a tech question? Get Kurts free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

The first thing worth knowing about the first ever ransomware locker is that its use was apparently motivated by revenge rather than outright criminality. The second thing worth knowing is that there was not a Russian speaker in sight.In fact, its author, Joseph Popp, grew up in Ohio and was educated at Harvard University. He was an anthropologist and biologist and an expert on HIV/AIDS, who worked closely with the World Health Organisation (WHO) in Africa and was passed over for a job there, something that may have led to the apparent mental breakdown that resulted in the creation of the concept of ransomware.The AIDS Trojan that Popp unleashed on the world in December 1989 was a simple piece of software by any standard. Technically, it was really a denial of service (DOS) scrambler, which replaced the AUTOEXEC.bat file used to execute commands when the computer system started up.It then counted the number of boot cycles the system went through until it hit 90, at which point it hid directories and encrypted the names of the C drive files on the system. Victims, or targets, then saw a message informing them that their systems were infected by a virus.Remember, there is NO cure for AIDS, the message chillingly read.How were they infected? Popp posted 20,000 floppy disks to fellow attendees of a WHO AIDS conference, and created what we would now know as a phishing lure by labelling them AIDS Information Introductory Diskettes.Victims were told to send $189 (about $480, or 378 adjusted to 2024) to a PO Box number belonging to the PC Cyborg Corporation in Panama. The software also included an end user licence agreement (EULA) informing users that they would be liable for the cost of leasing it.Popp, who was arrested in the US and extradited to the UK, never stood trial after a British judge ruled him mentally unfit to do so he had developed a habit of wearing condoms on his nose, hair curlers in his beard, and cardboard boxes on his head, according to media reports at the time. Whether or not this was a deliberate ploy rather than an expression of insanity remains unclear. Back in the States, Popp went on to open an eponymously named butterfly sanctuary and tropical garden in upstate New York, and died in 2007.Reflecting on the weird story behind the AIDS Trojan, Martin Lee, technical lead for security research at Ciscos Talos intelligence and research unit, describes the malware as the creation of an insane criminal genius.It really was something completely new, a new dimension that hadnt been mentioned before, Lee tells Computer Weekly. If we think back to the year 1989, the internet was still basically a dozen computers in universities and the military. The internet, as we know it, had not taken off, the World Wide Web had not taken off. Most computers were not networked at all, even hard disk drives were very much a luxury optional extra.All of these things that we now take for granted distribution over a network, payment by cryptocurrency none of this existed. It was a fairly limited attackIt is not known, but it is not believed, that anybody paid the ransom.Moreover, the cyber security profession simply did not exist in its current form in 1989. It was nowhere near what it is today. It was a different world, says Lee, who characterises the IT of the day as prehistoric.The term cyber security didnt exist and the industry didnt exist. There were individuals we would recognise as practicing information security, but they tended to be in the types of environments that required security clearance, like the military or governments. It would have been a tight community where everyone knew each other.Certainly at the time, the first ransomware did not make a big splash in the news, he adds.That Popp was somewhat ahead of his time is clear in that the idea of ransomware didnt really rear its head again until the mid-90s, when academics and computer scientists first starting playing around with the idea of combining computer virus or malware functionality with cryptography.But even then, the world spent another decade in blissful ignorance before the first attempt was made at a criminal ransomware attack of the type we would recognise in the 2020s.Gpcode, as it was termed, first popped up in Russia in December 2004, 20 years ago, when reports started to emerge that individual peoples files were being encrypted by some strange new form of cyber attack.Ultimately, it turned out that an individual was, if I remember correctly, harvesting information from Russian job sites and emailing jobseekers saying, Hey, we would like you to apply for this job, says Lee.The lure document purported to be a job application form, but in fact it was ransomware which encrypted the files, and the ransom was to be paid by money transfer. This is really the first modern criminal ransomware where the objective to make money is clear.Gpcode was incredibly rudimentary as ransomware goes it used a 600-Bit RSA public key to encrypt its victims files, and Lee says that demanding the ransom be paid by money transfer (Bitcoin was still a few years off) was a dangerous gamble for the cyber criminals behind Gpcode, because it left them open to being tracked by law enforcement.Why Russia?The modern-day world of ransomware is now intrinsically linked to Russia ransomware attacks by English speakers stand out for their rarity, and even when they do occur often have a link to a ransomware strain developed by Russian speakers.So it is interesting that this link appears to go all the way back to the early 2000s with Gpcode. According to Lee, there may be a good reason that this connection developed.I think it is probably linked to the dissolution of the Soviet Union, says Lee. There was a lot of hardship in Russia in the 1990s. Youd seen the complete disintegration of a way of life and many jobs that went with that.This left a lot of very skilled people who are very innovative and very good at what they do, struggling. I think this created an environment where people who probably wouldnt normally be drawn into criminality had to do something to survive.In essence, the chaos of post-Soviet Russia as shown to great effect by documentarian Adam Curtis in the landmark Russia 1985-1999: TraumaZone created a fertile breeding ground for new types of criminality that drew in erstwhile well-educated professionals, while the nascent internet attracted technically minded innovators and hackers.Had Boris Grishenko (Alan Cumming), survived the events of Goldeneye, and not been killed by James Bond, might he now be a ransomware don?Gpcode was not a runaway success in that it did not net millions for its creators as ransomwares do today but it was notable in that it meant ransomware was starting to cut through, both in the still-emerging cyber security community and among laypeople.Gpcode also helped to establish some of the popular tropes around ransomware phishing lures today, phantom job offers are frequently used against victim organisations, particularly when executed as part of a targeted attack via a highly placed executive, for example.Over the decade that followed, the story of ransomware became one of almost continuous innovation, as cyber criminals became more motivated to extort money and to avoid capture and prosecution.Anonymity during the payment process was a particularly thorny problem that the criminal underground needed to overcome, says Lee.In 2004, Gpcode had a single software engineer slash operator conducting the attacks, and they had this problem of how are they going to get the ransom paid to them in a way thats easy for the victim, but provides anonymity for the criminal, he says.Initially, we have the rise of digital currencies, E-Gold and Liberty [Reserve] to name but two, which were mechanisms outside of the traditionally regulated banking industry for transferring value between individuals, says Lee. They were how should we put this abused.The big disadvantage of these digital currencies is that they both had a single point of failure from the cyber criminals perspective, in that law enforcement agencies and regulators could act to disrupt the flow of illicit payments traversing them, which of course is exactly what happened.This then coincides with the rise of cryptocurrencies, giving an alternative way for criminals to collect their ransom through crypto, says Lee.The other big innovation addressed the weak point of early ransomware is it was one developer and operator so we did see in the mid-2000s the development of the first ransomware as a service.Malicious software engineers who were very good at writing code but maybe not so good at distributing ransomware or coming up with social engineering lures could focus on the code and then develop a partner portal so that less technically sophisticated cyber criminals could participate in attacks they could be hired, or enter into a partnership, says Lee. If they divide up the tasks, it makes it more efficient.Though it may surprise some to learn that the concept of ransomware as a service, or RaaS, is well over 10 years old, it emerged at a very different time, and the ransomware ecosystem had to go through a few more evolutions to reach its present, devastating form.Lee explains: The next big change comes in 2016 with the gang using SamSam. Prior to that, ransomware was a mass-market attack, distributing as much ransomware as possible to as many end-users as possible, getting it onto PCs, and demanding a few hundred dollars for the victim to get whats on their endpoints back.The big innovation was the gang distributing SamSam chose their victims in a different way. Instead of going for sheer numbers, they would identify businesses, get inside their networks, and combine traditional hacking techniques infiltrating the network, finding key servers that businesses relied on, and getting the ransomware on those key servers.In encrypting the files and stopping the functionality of those key servers, says Lee, SamSam brought the entire business to a half, and at that point the gang could ask for a much, much larger ransom.Read more about ransomwareWe look at ransomware attacks, and the importance of good backup practice as well as immutable snapshots, air-gapping, network segmentation,AI anomaly detection and supplier warranties.Anomaly detection and immutable copies can be frontline tools against ransomware we look at the role storage can play against the latest techniquesemployed by ransomware gangs.Threat intel specialists at Recorded Future have shared details of newly developed techniques they are using to disrupt Rhysida ransomware attacks before the gangeven has a chance to execute them.This is not to say that mass-market, end-user focused ransomware has gone away, it is very much still a threat, and in many ways, it is more devastating for the average person to be hit with ransomware than it is for a well-insured, regulated corporation.Ive had people reach out to me with an elderly parent whose laptop has been hit with ransomware and it had the last photos of their deceased spouse on it, is there a way of getting it back? says Lee.Its heartbreaking, and nine times out of 10 the answer is no. So, this has not gone away and its not going to. Businesses may have more to lose than an end-user, but thats not to say that end-users cant suffer significant pain.But the big money for the bad guys is in businesses, getting inside businesses, causing high-value disruption and destroying large amounts of value, because the profits are so much higher.This brings us neatly to the developments we have seen since 2020, when the scourge of ransomware really took off, and cyber security broke out of its niche and started to make national headlines. These have all been well-documented, including the rise of double extortion attacks and the emergence of an extensive underground economy of affiliates and brokers. We are even seeing what looks like collaboration between financially motivated cyber criminal gangs and politically motivated cyber espionage operators.This year, we have seen the beginnings of a new trend in which ransomware gangs actually forego the ransomware locker entirely. Just last month, the Australian and American authorities released new intelligence on the work of the BianLian ransomware gang, which has shifted solely to extortion without encryption.Could it be that ransomware, in its traditional form, is starting to reach the end of the line?Probably not, says Lee, looking ahead, although it will look different: You know IT brings enormous positives to our lives and enables so much but anywhere where IT is creating value, criminals are looking for ways to piggyback and steal that value. Ransomware has proved to be a very profitable way for them do it.I think that for any new ways in which we use IT in the near- and medium-term future, we can expect there will be criminals looking to make money off that, and one of the ways that theyre going to do it, for certain, is going to be through ransomware.From ransomwares birth pangs as the howl of the frustrated and aggrieved Joseph Popp, we can chart a clear line to the big bucks ransomware hits of the 2020s, and this continuity of criminality and innovation leads Lee to a simple conclusion.We need to be much more aware that for anything IT touches, we need to think about cyber security, we need to think about how the bad guys might disrupt it, because for certain, theyre going to be thinking too and someones going to try it.The history of ransomware has been one of constant innovation, and we can expect that to continue into the future, he says.The Security Interviews seriesOkta regional chief security officer for EMEA sits down with Dan Raywood to talk about how Okta is pivoting to a secure-by-design champion.We speak to Googles Nelly Porter about the companys approach to keeping dataas safe as possible on Google Cloud.Matt Riley, data protection and information security officer at Sharp Europe, discusses balancing cyber riskswith business leaders goals.Former NCSC boss Ciaran Martin talks about nation-state attacks and how the UK is in danger ofmisunderstanding its adversaries.Alex Yampolskiy conceived the idea for risk management specialist SecurityScorecard after getting stung by a SaaS supplier that was being cavalier with its customer data. He tells his story to Computer Weekly.In October 2023, Rebecca Taylor of SecureWorks was recognised at the annual Security Serious Unsung Heroes Awards for her work on diversity in the sector. Computer Weekly caught up with her.

Maksim Kabakou - stock.adobe.comNewsTop 10 cyber security stories of 2024Data breaches, data privacy and protection, and the thorny issue of open source security were all hot topics this year. Meanwhile, security companies frequently found themselves hitting the headlines, and not always for good reasons. Here are Computer Weekly's top 10 cyber security stories of 2024ByAlex Scroxton,Security EditorPublished: 18 Dec 2024 12:00 The year 2024 threw up another diverse crop of stories in the world of cyber security, with much to pay attention to, particularly in the realm of artificial intelligence (AI), which continued to dominate the headlines.This year, we steer away from AI fear, uncertainty and doubt to focus on some of the other big issues, such as data privacy and protection, large scale breaches, and the tricky issues surrounding the security of widely used open source components.There was also trouble at the mill for cyber security companies themselves, which often found themselves in the headlines, often after the privileged access afforded by their products and services was abused to attack their customers. Ivanti, Microsoft and Okta all make our top 10 this year and we would be remiss not to mention CrowdStrike.Here are Computer Weeklys top 10 cyber security stories of 2024.1. Leak of 26 billion records may prove to be mother of all breachesAt the end of January 2024, a data dump comprising 26 billion records and totalling more than 25GB in size was discovered by researchers. Dubbed the largest leak in history, and the mother of all breaches, the majority of the data related to Chinese social media platforms, but the likes of Adobe, Dropbox, LinkedIn, MyFitnessPal, Telegram and X were also included.Much of the data appeared to have been compiled from various smaller leaks, likely a broker who intended to sell it on to others for use in identity theft, phishing attacks and account takeovers.2. Okta doubles down on cyber in wake of high-profile breachesIn February, identity and access management (IAM) provider Okta announced plans to double its investment in security over the next 12 months andlaunched a Secure Identity Commitment. This came in the wake of the exploitation of its products and services during a series of cyber attacks during 2023, and earlier.The companys leadership said that as a security leader it recognised it needed to work a lot harder to stop neer-do-wells from taking advantage of the identity data its customers entrust to it.3. Widespread Ivanti vulnerabilities make wavesAnother cyber company was in the news at the start of 2024, Ivanti, a specialist in asset, identity and supply chain management found a series of vulnerabilities in its Policy Securenetwork access control(NAC), Ivanti Connect Securesecure socket layer virtual private network(SSL VPN), and Ivanti Neurons forzero-trust access(ZTA) products caused concern at organisations worldwide after being exploited by a threat actor.The three vulnerabilities in question enabled attackers to access privileged data and obtain elevated access rights on their victims systems.4. Open source alert over intentionally placed backdoorIn April, users of the open sourceXZ Utilsdata compression library narrowly avoided falling victim to a major supply chain attack, after evidence of an apparently intentionally placedbackdoorin the code was revealed. The malicious code, embedded in versions 5.6.0 and 5.6.1 of the library, enabled unauthorised access to affected Linux distributions.It later emerged that the dodgy code was placed there by a malicious actor who intentionally worked hard over a long period to gain the trust of the projects developers. The security of widely used open source components was to be one of the big themes of the year.5. Microsoft beefs up cyber initiative after hard-hitting US reportIn May, Microsoft doubled down on itsSecure Future Initiative(SFI), expanding the programme which set out to address the software and vulnerability issues frequently exploited by threat actors in the wake of a damning US government Cyber Safety Review Board (CSRB) report.Redmond said the rapid evolution of the threat landscape underscored the severity of the threats that face both its own operations and those of its customers, and admitted that given its central role in the worlds IT ecosystem, it had a critical responsibility to earn and maintain trust.6. CrowdStrike update causes worldwide chaos The biggest IT story of 2024 arguably was not strictly speaking a security incident, but appears here since it originated at a security company. On 19 July, IT pros all over the UK and beyond awoke to a fast spreading IT outage downing key systems, originating at cyber firm CrowdStrike after it pushed a flawed rapid response update to key threat detection sensors that caused Windows computers to enter a so-called boot loop.The extensive disruption caused no major security incidents at the time, but the ramifications continue to this day, with CrowdStrike execs facing legal repercussions and even being called to account for the incident in front of politicians. As with the XZ Utils scare a couple of months previously, the CrowdStrike incident shows again the importance of paying close attention to ones code.7. Campaigners call for evidence to reform UK cyber lawsThose who have been following the CyberUp campaign for legal reform over the past few years will know well the difficulties the group has had in convincing Britains politicians that the time has come to reform the outdated Computer Misuse Act of 1990, which thanks to archaic wording in regard to the offence of unauthorised access to a computer puts security professionals in the UK at risk of prosecution simply for doing their jobs.With Keir Starmer moving into 10 Downing Street, the campaign team seized the opportunity to launch a fresh call for evidence and views during the summer, saying that about a third of UK security firms had experienced monetary losses due to the law, putting at risk 3bn of the sectors 10.5bn annual contribution to the economy.8. NCSC celebrates eight years as Horne blows inIn eighth place on the Computer Weekly list, the National Cyber Security Centre celebrated its eighth birthday this year, although its new leader, Richard Horne, who took up the post in October, is only the organisations third official CEO.Eight years may not be a particularly long time the Brexit referendum was eight years ago but the cyber security landscape has changed radically in that time, and looking ahead, as the interdependency between security and intelligence would become more critical, and the risks and opportunities of new technologies and more sophisticated threats increase, the NCSCs work to get better at addressing the security of those technologies and how to use them to the UKs advantage continues.9. Zero-day exploits increasingly sought out by attackersIn November, the NCSC and its US equivalent, CISA, published new annual data revealing that of the 15 most exploited vulnerabilities of 2023, the majority were zero-days compared with less than half in 2022. The trend has continued through 2024, and the NCSC warned that defenders need to dramatically up their game when it comes to vulnerability management and patching.Among some of the most heavily exploited CVEs were some that are now widely known, including infamous issues in Progress Softwares MOVEit Transfer, Log4Shell and Citrix, many of them dating back years.10. US TikTok ban imminent after appeal failsAt the end of 2024 came the news that TikTok is likely to be banned in the US in mere weeks after a Washington DC appeal court rejected representations from the China-owned social media platform, which claimed its First Amendment rights were being violated.Legitimate concerns about the firms data protection and privacy practices and the possibility that the data TikTok holds may be exploited by the Chinese government lie at the core of the potential ban which would have global ramifications and impact millions of users, influencers and businesses alike.Somewhat ironically, given he once tried to ban it himself, the platforms best hope for a reprieve may now lie with president-elect Donald Trump, who will undoubtedly be an impactful force in the cyber security world in 2025.In The Current Issue:What do the home secretarys policing reforms mean for the future of the Police Digital Service?What are the security risks of bring your own AI?Download Current IssueMicrosoft Copilot: A Year of Learning Write side up - by Freeform DynamicsPrint Industry Trends, 2025 Quocirca InsightsView All Blogs

Maksim Kabakou - FotoliaOpinionLook to the future: How the threat landscape may evolve nextFrom Covid-19 to war in Ukraine, SolarWinds Sunburst, Kaseya, Log4j, MOVEit and more, the past five years brought cyber to mainstream attention, but what comes next? The Computer Weekly Security Think Tank looks ahead to the second half of the 2020sByElliott Wilkes, ACDSPublished: 18 Dec 2024 Its been quite the half-decade. In fact, its hard to know where to start when reflecting on it. The Covid-19 pandemic saw a (forced) mass shift towards hybrid working models, leaving security teams with a new and complex attack surface to secure quickly. Charges made against the CISOs of SolarWinds and Uber set a precedent of legal responsibilities for CISOs when it comes to cyberattacks and reporting. Elsewhere, new regulations are being written into law across the world to protect organisations and consumers everywhere, from NIS2 to the Cyber Resilience Act. Similarly, artificial intelligence (AI) has revolutionised cyber security, for good and bad. In some ways, AI has become a helpful ally for security teams when it comes to fighting threats, especially as teams are facing a barrage of new and novel threats daily. On the other hand, the uptick in attacks is likely due to the increased use of AI by cyber criminals to speed up and automate attacks. These notable events are just scratching the (attack) surface!The cyber industry has always been fast paced and security teams are no stranger to change. However, the last five years have challenged the industry significantly, with the unprecedented volume and sophistication of new threats, talent retention issues and burnout rise. As always, these challenges have exemplified the resilience of the industry. We learn from one another and, as a community, we have become more open to speaking of our collective challenges and helping one another. As we head into the unknown once again, its critical that we continue to foster a continued sense of openness and community.I find predictions difficult. This feels like using sticks to find hidden wells of water. I have no crystal ball that will reveal the spring of vulnerabilities going to be released upon us in the next five years. But, I have seen some trends over the past few years that have proven hardy and are representative of significant problems that arent going away any time soon. These are the best spots I can look to for what lies ahead.We might see the quantum computing event horizon in the next five years, in which case, all bets are off. I dont think that that day will be like the vaunted Y2K that was foretold, but will be more problematic over a longer period of time. It will still be a good amount of time before quantum computing is easily accessible by criminal groups in such a way that will make it an everyday threatgovernments protecting secrets though, are in a different boat.I will also make the very spicy take that the AI, at least in the current form using LLMs or things of a similar stripe, is going to sputter and fall flat. We havent seen massive increases in uptake by significant parts of the economy for any of the leading companies, despite them shovelling money into the AI furnace by the billions. There are also reports that the current flavour of AI LLMs have reached their limit, with diminishing returns as there are no longer any major corpuses of human-created data and content to consume and use for training. There, I said it. We are nearing peak AI. Cue sad trombone.And now for something completely differentOn a much more serious note, I think the major events relating to cyber security over the next five years will be driven largely by geopolitical crises, starting with China.Between now and 2030 we will see increased aggression by China with some form of conflict both hot and cold, brought on by the possible annexation of Taiwan. China has, for some time, been using police actions (and civilian fishing vessels) to encroach on the territorial sovereignty of regional nations including the Philippines and Taiwan. I worry that what happened in Hong Kong will be tried in a similar way, and these methods for attacking territorial water boundaries will continue, using this playbook in Taiwan, with a diminished role for some traditional western powers. If this comes to pass, and unfortunately it seems thats the direction things are heading, this will be a cataclysmic global event with truly massive implications. Western-based manufacturers of silicon will become parts of the national security apparatus as critical national infrastructure, in a way that they have escaped thus far but are increasingly moving towards.More critical national infrastructure will fail in larger ways, due to espionage, conflict or both, like we have seen with the actions of Volt Typhoon and Salt Typhoon, Chinese state-sponsored actors digging into infrastructure like ISPs and telcos and energy companies for use in a future potential conflict and to monitor communications of strategic importance. My fear is that disruption of telcos and other everyday critical infrastructure sectors that have not gone as far in their cyber security maturity journey will force governments to assert more explicit control through regulation and direct assistance. And some of this will be long overdue, for in the year 2024, is it really defensible to not require MFA for privileged (or all) users? Or not move away from memory unsafe languages? Or not keep logs on critical system events? These things shouldnt be acceptable now but Im afraid it will take an even bigger catastrophe than the cyber crises weve endured in the past few years for these requirements to get stated in a sufficiently forceful way that gets some orgs to take note.The Computer Weekly Security Think Tank looks aheadMike Gillespie and Ellie Hurst, Advent IM:CISOs will face growing challenges in 2025 and beyond.Elliot Rose, PA Consulting:The most pressing challenges for CISOs and cyber security teams.Pierre-Martin Tardif, ISACA:Six trends that will define cyber through to 2030.Stephen McDermid, Okta:In 2025: Identities conquer, and hopefully unite.Deepti Gopal, Gartner:CISOs:Don't rely solely on technical defences in 2025.Paul Lewis, Nominet:Decoding the end of the decade: What CISOs should watch out for.Rob Dartnall, SecAlliance: 2025-30: Geopolitical influence on cyber and the convergence of threat.Russia will continue its role as global bully, but we will see more cracks emerge when they struggle running out of updates to Windows devices and other western technologies that are no longer available due to sanctions. Russian-based ransomware groups will move in more close alignment with the government and become proxy actors of the Kremlin, even more explicitly than they are now.Supply chains will get hit, again, and again, and some more. Unfortunately this is a growing trend over the past few years and as we saw with CrowdStrike this year (which wasnt a supply chain attackbut the disruption of their software caused a global technology event that impacted millions of people, disrupted businesses, cancelled flights, and more) these technologies have become almost irreversibly intertwined with corporate enterprise IT to such an extent that they can cause cascade failures.Whether the attackers are aggravated aggressor nation-states like Russian and China or neo-organised crime in the form of ransomware gangs, the next years will see disruptions with increasing frequency and magnitude. Eventually there will be a counterforce, deployed by governments, in the form of policy, law and cyber action. My hope for my friends still working in the halls of power in Washington and Whitehall, is that we can mount an effective response to acts of aggression in a way that is proportionate and lasting, not overcorrecting but likewise not wasting an opportunity to help set and enforce some norms around responsible stewardship of user data, technology and public services, as well as norms for conflict in cyberspace that are rooted in our principles and values as a society.Elliott Wilkes is chief technology officer at Advanced Cyber Defence Systems(ACDS). A seasoned digital transformation leader and product manager, Wilkes has over a decade of experience working with both the American and British governments, most recently as a cyber security consultant to the Civil Service.In The Current Issue:What do the home secretarys policing reforms mean for the future of the Police Digital Service?What are the security risks of bring your own AI?Download Current IssueMicrosoft Copilot: A Year of Learning Write side up - by Freeform DynamicsPrint Industry Trends, 2025 Quocirca InsightsView All Blogs

blackred/Getty ImagesSometimes it can be hard to get all your reading done, especially with ADHD diagnoses on the rise. If you're tasked with a school or work project and you're pressed for time (or focus),artificial intelligence (AI)chatbots like ChatGPT can help summarize long articles, research papers, and books to make them a bit more accessible.Also: You can now talk to ChatGPT on the phone - no Wi-Fi neededChatGPT has come a long way from its launch in 2022, especially since it got web browsing last spring. However, all AI chatbots can make mistakes -- don't rely entirely on ChatGPT's summary for your understanding of a text. Though ChatGPT now provides citations, they aren't always correct. Plus, an AI system won't interpret more abstract concepts or literature the way a human mind can, meaning it won't necessarily capture certain themes or details.Think of ChatGPT as a tool that can help make a dense text more approachable. If you're using it to help with other parts of your work, such as writing, tread carefully -- considering the plagiarism and copyright issues surrounding these tools, it isn't in your best interest to have chatbots write your work for you.If you're a student writing a research paper, someone who is keen to discover more about a lengthy article, or want to dive into a complicated subject, you can use ChatGPT to simplify the process.How to create summaries with ChatGPTWhat you'll need: A device that can connect to the internet, a free (or paid) OpenAI account, and a basic understanding of the article, research paper, or book you want to summarize.The process should take about one to three minutes. 1. Find your article, paper, or book to summarize If you need ChatGPT to help summarize an article or research paper, find the body of text online and keep it open in a separate tab. You can also try just giving ChatGPT the book title and author by inputting it into the text box. Show more 2. Open your web browser and log in to ChatGPT Open your web browser of choice and head to chatgpt.com.Also:5 ways college students can use Gemini AI to keep up with school workLog in or sign up for an account. Show more Screenshot by Radhika Rajkumar/ZDNET 3. Type your request In the chat box, type in "Summarize [book title]." For example, "Summarize Thinking, Fast and Slow by Daniel Kahneman," or "Summarize this article: [URL]."Also: Study finds AI-generated research papers on Google Scholar - why it mattersNow that ChatGPT can provide sources for the info it surfaces, you can also ask for clarifying background information on a topic. For example, if you're writing about cognition, you can prompt ChatGPT to "Explain how personal experiences impact cognition and provide citations."ChatGPT will respond with several bullet points and citations, giving you a framework for your larger topic area and additional sources to dive into if you choose.In my case, those citations were papers and books that weren't linked -- I verified the titles were real by Googling each one. If you want to skip that step, simply ask ChatGPT to "provide citations with links," and you'll only get sources you can click on to verify yourself.If you're having trouble comprehending specific passages in an article, book, or research paper, you can copy parts of the text and paste them into ChatGPT, or even upload a photo.Also: The most popular AI tools of 2024 (and what that even means)Think of this method as reshuffling the words you're currently reading to help you make more sense of the text in front of you. Show more This is an accurate summary of Let The Misunderstand, an essay by Moeko Fujii that I have read before. Screenshot by Radhika Rajkumar/ZDNET 4. Check responses and citations for accuracy Review ChatGPT's responses to ensure they're correct within your understanding. For one of my queries, ChatGPT did not catch that an article was an excerpt of a novel, responding instead that it was the novel itself."'The Witches of El Paso' is a novel by Luis Jaramillo, published on December 11, 2024," ChatGPT told me. The novel was published on Oct. 8, and the excerpt was published in the Public Seminar on Dec. 11, but ChatGPT mistakenly noted that date as the novel's publication date despite citing the article itself.ChatGPThas a track record of fabricating sources. Once you've reviewed the chatbot's responses, be sure to check the sources it provides. Search titles of papers or books to verify they're real, and click on linked articles if ChatGPT provided them. For one of the non-linked book titles ChatGPT offered me, the chatbot listed the book's publication year as 2009, but I was only able to find editions going back to 2012.Also: I'm an AI tools expert, and these are the only two I pay forWhile the other details were correct, this is a good reminder that ChatGPT does make mistakes, or at the very least doesn't always offer transparency into how it finds sources. Show more ChatGPT did not catch that this article was an excerpt of a novel, not the novel itself. The novel was published on Oct. 8, and the excerpt was published in Public Seminar on Dec. 11, but ChatGPT mistakenly noted that date as the novel's publish date. Screenshot by Radhika Rajkumar/ZDNETFAQ Show more What are ChatGPT's limitations?If you're using ChatGPT to summarize an article, book, or piece of research, keep in mind that ChatGPT can still hallucinateinformation. Always check its outputs.Also: 8 ways to reduce ChatGPT hallucinationsChatGPT is a large language model that uses queues and millions of data points to mimic human responses. This form of mimicry is why ChatGPT will answer questions even when it doesn't output the correct answer. Make sure you're not using any information from ChatGPT without fact-checking it.Can ChatGPT summarize a PDF?Now that ChatGPT can ingest file uploads in both the free and paid versions, you can upload a PDF and ask ChatGPT to summarize it. The chatbot correctly summarized a press release I uploaded, formatting the key points of a tech company's release -- though it was only two pages long.Also:Don't trust ChatGPT Search and definitely verify anything it tells youYou can also try ChatPDFfor free, especially for much longer documents. You can summarize two PDFs of up to 120 pages per day, and a plan is available for $5 per month.Can ChatGPT summarize an email thread?Sort of. If you want to copy and paste every single email, ChatGPT can summarize the thread's contents for you -- but I wouldn't recommend that in terms of security. Emails can contain sensitive information, like confidential work information or personal identifiers, that you can't guarantee will be safe if uploaded to OpenAI.It would be more helpful to scan an email thread yourself and ask ChatGPT to help you write a response based on the key points you know about the conversation.Artificial Intelligence

If you need help with coding, math, and reasoning, Gemini 2.0 Flash is the model for you.

Instagram's new 'profile card' turns social networking into a professional networking site for freelancers, content creators, and small business owners.

The next flagship iPhone is expected to show an updated design. But a new report flatly contradicts the most recent rumor.