Civil actions brought by the SolarWinds Corp and its CISO Timothy Brown have been dismissed with prejudice by the Manhattan federal court handling the case, the end result of a settlement negotiation process that began in July of this year.
Senior Correspondent at CPO Magazine
Scott Ikeda is a technology futurist and writer for more than 15 years. He travels extensively throughout Asia and writes about the impact of technology on the communities he visits. Over the last 5 years, Scott has grown increasingly focused on the future landscape of big data, surveillance, cybersecurity and the right to privacy.
Google says that Chinese SMS phishing campaigns have collectively yielded somewhere between 15 million and 100 million stolen credit cards in the US alone. The case names 25 individuals and believes the hackers produced over 100 different fraudulent websites that made use of Google branding.
With the first new release since 2021, the one thing that hasn't changed about the OWASP Top 10 is that "broken access control" is still the lead category after all this time, present as a security risk in 3.73% of the apps that were tested.
Anthropic's calls the incident the "first reported AI-orchestrated cyber espionage campaign" and has attributed it with high confidence to a Chinese state-sponsored group it calls GTG-1002. The campaign took place in mid-September and the integration of AI agents for performance of autonomous tasks is described as unprecedented.
While the proposed EU privacy law changes seem almost entirely like concessions to big tech desires at first glance, the European Commission is selling them as removement of onerous restrictions on smaller businesses. Critics such as noyb are calling this a "side-show" meant to pass changes that are instead really tailored to the tech industry.
A lawsuit filed in California is accusing Google's "Gemini" AI assistant of spying on private communications, citing an undeclared change in policy from opt-in to opt-out that took place in October of this year.
The UK has experienced a long string of disruptive cyber incidents, but the announcement of the cyber resilience bill cites attacks on managed service providers as a particular impetus for the overhaul of existing laws.
A new report from the Association of British Insurers (ABI) has tallied up the cyber insurance claims from 2024 and found that payout numbers more than tripled from those recorded in 2023, with a 230% year-on-year increase.
Scattered Spider, ShinyHunters, and LAPSUS$ are the three groups involved, and have collectively been the most active of the major cybercrime gangs over roughly the past year. The groups all had prior ties via "The Com," a broader collection of cyber criminals that loosely affiliate and come together for singular projects in a fluid way.
Google's report of novel AI-enabled malware in the wild is a game changer if these capabilities are now being picked up by sophisticated attackers. It identifies two specific new malware families, "PROMPTFLUX" and "PROMPTSTEAL," that are the first to incorporate a "just in time" dynamic function creation feature that draws on an LLM.










