Ollie Whitehouse, CTO of the U.K. National Cyber Security Center, at Black Hat Europe on Dec. 6, 2023 (Photo: Mathew Schwartz)

Better Cybersecurity Defense? Try Surprising Adversaries

Mathew J. Schwartz • December 6, 2023

"How do we surprise our adversaries?" So asked Ollie Whitehouse, CTO of Britain's National Cyber Security Center, in a keynote speech at Black Hat Europe in London in which he urged defenders to focus on resilience and on finding fresh ways to impose material costs on adversaries.

►

Application Security

BlueVoyant Raises $140M, Buys Resilience Firm Conquest Cyber

Latest

Fraud Management & Cybercrime

Russia Uses AI, Evasion Tactics in Disinformation Drive

Mihir Bagwe • December 6, 2023

A Russia-linked disinformation campaign known as Doppelgänger is employing advanced obfuscation techniques and likely deploying AI to generate content, say security researchers. Doppelgänger has been called Russia's "most aggressively persistent covert influence operation" since 2017.

Governance & Risk Management

CISA Urges Software Developers to Prioritize Memory Safe Coding

Chris Riotta • December 6, 2023

The U.S. Cybersecurity and Infrastructure Security Agency is urging software developers to implement memory safe coding as part of an effort to address critical vulnerabilities in programming languages and further shift security responsibilities away from end users.

Governance & Risk Management

Biden Administration Issues Cyber Strategy for Health Sector

Marianne Kolbasuk McGee • December 6, 2023

The U.S. Department of Health and Human Services on Wednesday released a sweeping strategy document proposing how the Biden administration intends to push the healthcare sector - through new requirements, incentives and enforcement - into improving the state of its cybersecurity.

Cyberwarfare / Nation-State Attacks

New iPhone Exploit Technique Evades Lockdown Mode Function

Chris Riotta • December 6, 2023

Researchers from Jamf Threat Labs said they have managed to manipulate the code in a compromised iPhone to effectively make it appear as if the device is entering Lockdown Mode - but "without any of the protections that would normally be implemented by the service."

Breach Notification

Hackers Hit Medical Imaging Services Centers in NY, Texas

Marianne Kolbasuk McGee • December 6, 2023

A New York medical imaging services provider is notifying nearly 606,000 individuals that their information was potentially accessed and copied in a recent hacking incident. The entity is one of several medical imaging centers that have reported major hacking breaches in recent weeks and months.

Artificial Intelligence & Machine Learning

How to Jailbreak Machine Learning With Machine Learning

Rashmi Ramesh • December 6, 2023

A small group of researchers says it has identified an automated method for jailbreaking OpenAI, Meta and Google large language models with no obvious fix. Just like the algorithms that researchers can force into giving dangerous or undesirable responses, the technique depends on machine learning.

Legislation & Litigation

Supporting CISA - The 'Focal Point of Our Defensive Efforts'

Steve King • December 6, 2023

On Nov. 8, Tenable Chairman and CEO Amit Yoran wrote a letter to Congress in support of CISA. In this episode of "Cybersecurity Insights," Yoran calls the agency the "primary focal point of our defensive efforts" and discusses why the country needs to stay unified on defeating cyberthreats.

Governance & Risk Management

Experts Urge Congress to Task NIST With REAL ID Standards

Chris Riotta • December 5, 2023

Security experts testified to Congress that the National Institute of Standards and Technology is better placed than the Transportation Security Administration to lead national implementation efforts for security-enhanced identification cards ahead of a looming 2025 deadline for national compliance.

Cyberwarfare / Nation-State Attacks

Russian GRU Hackers Exploit Critical Patched Vulnerabilities

Prajeet Nair • December 5, 2023

A Russian military hacking intelligence group is winning the race to exploit known vulnerabilities before system administrators can apply patches, warns Proofpoint. The firm has seen a spike in activity from TA422, also known as APT28, Fancy Bear and Forest Blizzard.

Cyberwarfare / Nation-State Attacks

North Korean Hackers Steal South Korean Anti-Aircraft Data

Jayant Chakravarti • December 5, 2023

Seoul police have accused the North Korean hacker group Andariel of stealing sensitive defense secrets from South Korean defense companies and laundering ransomware proceeds back to North Korea. The hackers stole 1.2TB of data, including information on advanced anti-aircraft weapons.

Fraud Management & Cybercrime

Feds, AHA Urge Hospitals to Mitigate Citrix Bleed Threats

Marianne Kolbasuk McGee • December 5, 2023

A recent spike in ransomware attacks has prompted federal regulators and the American Hospital Association to issue urgent warnings to hospitals and other healthcare firms to prevent potential exploitation of the Citrix Bleed software flaw affecting some NetScaler ADC and NetScaler Gateway devices.

Incident & Breach Response

23andMe Says Hackers Stole Ancestry Data of 6.9M Users

Mihir Bagwe • December 5, 2023

Genetics testing firm 23andMe says hackers, in a credential-stuffing attack this fall, siphoned the ancestry data of 6.9 million individuals. 23andMe disclosed the attack on Oct. 1, stating the attackers had scraped the profiles of 23andMe users who opted in to the company's DNA Relatives feature.