The FTC has finalized a new rule to combat AI-driven impersonation fraud targeting government and businesses. The rule allows it to take legal action to recover proceeds from scams and is now being considered for extension to protect individuals.
The company emphasized the need to shift from AI being an assistive technology to becoming an autonomous one, and highlighted the importance of controlling access to incident data for training AI systems.
Multiple security flaws, including actively exploited vulnerabilities and weaknesses in the Integrity Checker Tool, have been discovered, highlighting the need for enhanced visibility and validation of digital supply chains in enterprise products.
U.S. Internet Corp.’s subsidiary, Securence, inadvertently exposed over a decade’s worth of internal and client emails, including those of government institutions, due to a misconfigured server, raising serious security concerns.
South Korea has accused North Korean hackers of breaching an administrator’s email account in the Office of the President to access information about the president’s communications and overseas trips.
The U.S. Department of Defense has notified around 20,600 individuals that their personal information was exposed in an email data spill due to a misconfigured cloud email server hosted on Microsoft’s platform.
The European Court of Human Rights ruled in favor of a Russian petitioner who challenged a Kremlin rule requiring telecom firms to provide backdoor access to servers for law enforcement data collection.
The operation is carried out by an IT organization called “Gyeongheung,” affiliated with North Korea’s secretive Office 39. These websites are sold for $5,000 a month, with additional tech support for $3,000.
The lawsuits filed against data brokers in New Jersey highlight the need for stronger regulation of data brokers to protect the privacy of law enforcement personnel and all Americans.
Hackers are tricking victims into downloading an outdated but legitimate AnyDesk executable by directing them to fake websites posing as financial institutions. Once the program is run, attackers can gain control of the victim’s machine.