BankInfoSecurity.com

Attack Method Exploits RAG-based Tech to Manipulate AI System's Output
Researchers found an easy way to manipulate the responses of an artificial intelligence system that makes up the backend of tools such as Microsoft 365 Copilot, potentially compromising confidential information and exacerbating misinformation. Researchers called the attack "ConfusedPilot."

2023 Hacking Incident Affected 1.9 Million Patients, Employees
A Michigan-based dental practice with 250 centers across nine states has agreed to pay $2.7 million under a preliminary settlement of a proposed consolidated class action lawsuit centered on a 2023 hacking incident reported as affecting more than 1.9 million patients and employees.

US Cyber Defense Agency Says Election Is Secure Despite Intensifying Threats
The Cybersecurity and Infrastructure Security Agency is ramping up its warnings of potential election interference and influence campaigns in the lead up to the November vote. But voters can be assured their ballots are secure and will be counted as cast, the agency said.

Vulnerability Tool Detected Flaws in OpenAI and Nvidia APIs Used in GitHub Projects
Security researchers have developed an AI tool that can detect remote code flaws and arbitrary zero-day code in software. Protect AI applied the tool to nearly 10,000 GitHub projects and on CVSS data and uncovered local file inclusion, cross-site scripting and remote code flaws in APIs.

Boston Children's Health Physicians Says Incident Involved Unnamed IT Vendor
Ransomware gang BianLian has listed Boston Children's Health Physicians - a pediatric group that practices in New York and Connecticut - on its dark web site, threatening to release stolen patient and employee data. The practice said the September incident involved an IT vendor.

Phishing Emails Impersonating Eset Target Cybersecurity Professionals With Malware
Cybercriminals posing as a top security firm in Israel have launched wiper attacks on local cybersecurity professionals after bypassing significant security measures, according to recent reports. Cybersecurity firm Eset said threat actors did not compromise its systems.

Report Reveals North Korean Workers Expanding Into Intellectual Property Theft
North Korean threat actors posing as remote information technology workers are increasingly extorting ransom from Western companies after securing jobs under false pretenses, according to a new report from Secureworks' counter threat unit.

Company Shifts Cyber Focus to QNX and Secure Communications as Key Growth Drivers
As Cylance continues to incur significant losses, BlackBerry is reallocating resources toward its more promising QNX and secure communications teams. The company expects its cybersecurity unit to stabilize and become profitable by the end of the fiscal year, thanks to strategic bets and cost cuts.

Also: Impact of NIS2 Directive in Europe, Cloud Governance Challenges
In the latest weekly update, ISMG editors discussed the strategic convergence of data security posture management and data loss prevention technologies, evolving priorities of security leaders and the urgent readiness challenges posed by the NIS2 Directive.

Wallix, One Identity Remain Visionaries as Securing Remote Work Takes Center Stage
CyberArk, Delinea and BeyondTrust have maintained their positions atop the privileged access management market due to their adaptability to client needs, according to Gartner. The leaders quadrant remains unchanged from 2023 due to consistent performance and a strong focus on execution.

Also: Internet Archive Limps Back Online, Beware Kerbertoasing and Passkey Takeup
This week, Brazilian police arrested USDoD, Internet Archive is recovering, a Microsoft warning over Kerberoasting and of mounting phishing attacks, Google touted memory safety efforts, Volkswagen said no harm after ransomware attack, and Amazon reported over 175 million customers using passkeys.

CISA and FBI Warn Software Providers to Avoid Risky Development Practices
The Cybersecurity and Infrastructure Security Agency and the FBI released a joint advisory urging software providers to avoid risky practices like using memory-unsafe languages and other techniques that could jeopardize critical infrastructure and national security.

Cyber Security and Resilience Bill Includes 72-Hour Reporting Deadline, Hefty Fines
The U.K. government's proposed Cyber Security and Resilience Bill is a "good step forward" to encourage ransomware incident reporting, said Ciaran Martin, the former NCSC chief. But he said the success of the new regulations also hinges on the support mechanism for cyber victims.

By collecting, analyzing, and leveraging data from security events, security analytics empowers teams to proactively detect anomalies and pinpoint vulnerabilities to mitigate targeted attacks, insider threats, and advanced persistent threats (APTs).