A vulnerability was found in Video Playlist and Gallery Plugin up to 1.136 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality of the file wp-media-cincopa.php. The manipulation leads to cross-site request forgery. The attack may be launched remotely. Upgrading to version 1.137 is able to address this issue. The name of the patch is ee28e91f4d5404905204c43b7b84a8ffecad932e. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-230264.
Monthly Archives: June 2023
CVE-2014-125104
A vulnerability was found in VaultPress Plugin up to 1.6.0 on WordPress. It has been declared as critical. Affected by this vulnerability is the function protect_aioseo_ajax of the file class.vaultpress-hotfixes.php of the component MailPoet Plugin. The manipulation leads to unrestricted upload. The attack can be launched remotely. Upgrading to version 1.6.1 is able to address this issue. The name of the patch is e3b92b14edca6291c5f998d54c90cbe98a1fb0e3. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-230263.
BigID wants to let you tweak your data classifications manually
BigID is adding a feature that lets end users of its data intelligence platform manually adjust classification models, in an effort to make those more precise without the need for advanced coding knowledge.
The company announced today that the new feature, called classifier tuning, would allow users to adjust machine learning models in real time, leading to improved accuracy in the classification of machine-discovered data.
BigID said that the idea is to help businesses, which face increasingly complex data landscapes in their day-to-day operations, keep their information organized and protected. Across cloud, hybrid and local environments, and any number of different applications, organizations may have duplicated data sets in more places than they know, making close scrutiny important from both a privacy and an efficiency perspective.
USN-6128-1: CUPS vulnerability
It was discovered that CUPS incorrectly handled logging. A remote attacker
could use this issue to cause CUPS to crash, resulting in a denial of
service, or possibly execute arbitrary code.
On the Catastrophic Risk of AI
Earlier this week, I signed on to a short group statement, coordinated by the Center for AI Safety:
Mitigating the risk of extinction from AI should be a global priority alongside other societal-scale risks such as pandemics and nuclear war.
The press coverage has been extensive, and surprising to me. The New York Times headline is “A.I. Poses ‘Risk of Extinction,’ Industry Leaders Warn.” BBC: “Artificial intelligence could lead to extinction, experts warn.” Other headlines are similar.
I actually don’t think that AI poses a risk to human extinction. I think it poses a similar risk to pandemics and nuclear war—which is to say, a risk worth taking seriously, but not something to panic over. Which is what I thought the statement said.
In my talk at the RSA Conference last month, I talked about the power level of our species becoming too great for our systems of governance. Talking about those systems, I said:
Now, add into this mix the risks that arise from new and dangerous technologies such as the internet or AI or synthetic biology. Or molecular nanotechnology, or nuclear weapons. Here, misaligned incentives and hacking can have catastrophic consequences for society.
That was what I was thinking about when I agreed to sign on to the statement: “Pandemics, nuclear weapons, AI—yeah, I would put those three in the same bucket. Surely we can spend the same effort on AI risk as we do on future pandemics. That’s a really low bar.” Clearly I should have focused on the word “extinction,” and not the relative comparisons.
Seth Lazar, Jeremy Howard, and Arvind Narayanan wrote:
We think that, in fact, most signatories to the statement believe that runaway AI is a way off yet, and that it will take a significant scientific advance to get there—ne that we cannot anticipate, even if we are confident that it will someday occur. If this is so, then at least two things follow.
I agree with that, and with their follow up:
First, we should give more weight to serious risks from AI that are more urgent. Even if existing AI systems and their plausible extensions won’t wipe us out, they are already causing much more concentrated harm, they are sure to exacerbate inequality and, in the hands of power-hungry governments and unscrupulous corporations, will undermine individual and collective freedom.
This is what I wrote in Click Here to Kill Everybody (2018):
I am less worried about AI; I regard fear of AI more as a mirror of our own society than as a harbinger of the future. AI and intelligent robotics are the culmination of several precursor technologies, like machine learning algorithms, automation, and autonomy. The security risks from those precursor technologies are already with us, and they’re increasing as the technologies become more powerful and more prevalent. So, while I am worried about intelligent and even driverless cars, most of the risks arealready prevalent in Internet-connected drivered cars. And while I am worried about robot soldiers, most of the risks are already prevalent in autonomous weapons systems.
Also, as roboticist Rodney Brooks pointed out, “Long before we see such machines arising there will be the somewhat less intelligent and belligerent machines. Before that there will be the really grumpy machines. Before that the quite annoying machines. And before them the arrogant unpleasant machines.” I think we’ll see any new security risks coming long before they get here.
I do think we should worry about catastrophic AI and robotics risk. It’s the fact that they affect the world in a direct, physical manner—and that they’re vulnerable to class breaks.
(Other things to read: David Chapman is good on scary AI. And Kieran Healy is good on the statement.)
Okay, enough. I should also learn not to sign on to group statements.
The role of cybersecurity in financial institutions -protecting against evolving threats
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.
Cybersecurity is practice of protecting information technology (IT) infrastructure assets such as computers, networks, mobile devices, servers, hardware, software, and data (personal & financial) against attacks, breaches and unauthorised access. Due to bloom of technology, most of all businesses rely on IT services, making cybersecurity a critical part of IT infrastructure in any business.
The role of cybersecurity in financial institutions is very vital as the number and severity of cyber threats continues to rise by each day. With the widespread use of technology and the increasing amount of data being stored and shared electronically, financial institutions must ensure that they have robust cybersecurity measures in place to protect against evolving threats.
Financial institutions face a range of cybersecurity threats, including phishing attacks, malware, ransomware, and denial of service (DDoS) attacks. These threats can result in the theft of sensitive customer data (PII), financial fraud, and reputational damage. Sometimes theft of PII can lead to identity theft too.
Cybersecurity measures are designed to protect the confidentiality, integrity, and availability of data and systems. Confidentiality refers to protection of sensitive information from unauthorised disclosure using measures like encryption, access control etc., to protect sensitive data. Integrity refers to accuracy and completeness of data to ensure data is not manipulated or corrupted using cybersecurity measures like data backups, system monitoring. Availability refers to the ability of authorised users to access the systems and data when needed under any circumstances using measures like disaster recovery plans.
Before we go further and discuss about various threats faced by financial institutions, let’s look at the regulatory requirements and industry standards in financial institutions.
There are mainly two standards which financial institutions must comply with:
PCI-DSS: Payment Card Industry Data Security Standard is a set of security and compliance requirements designed to protect the cardholder data which defines how the financial data (card data) will be processed, stored and transmitted in a safe manner. This standard requires use of encryption, masking, hashing and other secure mechanisms to safeguard the customer data. PCI-DSS is widely accepted globally.
GLBA: Gramm-Leach-Bliley Act, also known as Financial Modernisation Act of 1999 is a federal law in the United states which requires financial institutions to explain their information sharing practices to their customers and to safeguard sensitive data.
Apart from PCI-DSS, GLBA some countries have their own privacy laws which also requires compliance from financial institutions to operate. Non-adherence to regulatory compliance can sometimes attract penalties to financial institutions.
Top Cybersecurity threats faced by banks are:
• Malware- Malware, or malicious software, is any program or file that is intentionally harmful to a computer, network or server. It is very important to secure customer devices such as computers and mobile devices that are used for digital transactions. Malware on these devices can pose a significant risk to a bank’s cybersecurity when they connect to the network. Confidential data passes through the network and if the user’s device has malware without proper security, it can create a serious danger to the bank’s network.
• Phishing- Phishing means to get confidential, classified data such as credit, debit card details etc. for malicious actions by hiding as a reliable person in electronic interaction. Online banking phishing scams have advanced constantly. They seem real and genuine, but they trick you into providing away your access data.
• Spoofing- Spoofing can be used to gain access to a target’s PII (Personally Identifiable Information), spread malware through infected links or attachments, bypass network access controls, or redistribute traffic to conduct a denial-of-service attack. Spoofing is often the way a bad actor gains access in order to execute a larger cyber-attack such as an advanced persistent threat or a man-in-the-middle attack.
• Unencrypted data- unencrypted data is a significant threat to financial institutions, as hackers can use it immediately if they seize it. Therefore, all data should be encrypted, even if stolen by potential thieves, they would face the challenge of decrypting it.
• Cloud-based cybersecurity theft- There is an increased risk of cloud-based attacks as more software systems and data are stored in the cloud. Attackers have taken advantage of this, leading to a rise in cloud-based attacks.
• Insider theft- An insider threat refers to when someone with authorized access to an organization’s information or systems misuses that access to harm the organization. This can be intentional or unintentional and can come from employees, third-party vendors, contractors, or partners. Insider threats can include data theft, corporate espionage, or data destruction. People are the root cause of insider threats, and it’s important to recognize that anyone with access to proprietary data can pose a threat. 25% of security incidents involve insiders. Many security tools only analyse computer, network, or system data, but it’s crucial to consider the human element in preventing insider threats.
Financial institutions can take several steps to improve their cybersecurity posture and protect against evolving threats. Some best practices for cybersecurity in financial institutions include:
Regular risk assessments: Financial institutions should conduct regular risk assessments to identify potential vulnerabilities in their systems and networks. Risk assessments should include both technical and non-technical factors such as employee training and physical security.
Implementing strong access controls: Financial institutions should implement strong access controls to protect against unauthorized access to systems and data. Access controls should include strong passwords, multi-factor authentication, and role-based access controls.
Awareness programs: Financial institutions should educate employees on cybersecurity best practices and provide regular training to help them recognize and respond to potential threats. Employees should be trained on topics such as phishing, malware, and password security. They can also simulate phishing campaigns to make employees aware.
Encrypting sensitive data: Financial institutions should encrypt sensitive data such as customer information and financial transactions to protect against unauthorized disclosure.
Financial institutions must manage third-party risks by conducting due diligence on third-party vendors and ensuring that they have robust cybersecurity measures in place. This includes regular monitoring and auditing of third-party vendors to ensure that they are complying with cybersecurity standards and regulations.
Cybersecurity is a critical issue for financial institutions, given the sensitive information and valuable assets they handle. Financial institutions must prioritize cybersecurity measures to protect themselves and their customers from cyber-attacks. The evolving cyber threat landscape and the challenges financial institutions face in implementing effective cybersecurity measures make it crucial for them to stay up-to-date with evolving threats, invest more resources in cybersecurity, prioritize employee training and education, and manage third-party risks.
HMRC in New Tax Credits Scam Warning
What is the Cybercrime Atlas? How it can help disrupt cybercrime
Announced in June 2022, the Cybercrime Atlas is an initiative from the World Economic Forum (WEF) to map activities of cybercriminals and create a database that can be used by law enforcement across the world to disrupt the cyber-criminal ecosystem. Cybercrime Atlas officially launched in February 2023 in a partnership between WEF and Banco Santander, Fortinet, Microsoft, and PayPal. Cybercrime Atlas was conceptualized by WEF’s Partnership against Cybercrime, which includes more than 40 public and private organizations.
How the Cybercrime Atlas is being developed
The first iteration had “really smart” analysts from organizations throughout the globe brought together to come up with a normalized taxonomy from where samples would be selected. From this, 13 major known threat actors were the initial focus. Using open-source intelligence the analysts looked at things like the bad guy’s name, the address that they’re known to live at, their bank account details, their crypto wallet details, their social media footprint, known bulletproof hosting, and other malicious services that they’re using.