The TWiET crew delves into botnets, securing hybrid work environments, the future of DNS architecture, and more. News Blips: Researchers uncover sophisticated IoT botnet named "K- Botnet" targeting US entities; linked to Chinese state-aligned hackers AI startup Vanta (a TWiT.tv Sponsor) launches AI suite to automate repetitive security and complian…

Proxy trojan targets macOS users for traffic redirection Indoor navigation has had a slow start Krasue RAT uses cross-kernel Linux rootkit to attack telecoms U.S. approves first gene-editing treatment, Casgevy, for sickle cell disease The DNS Deep-Drive continues with guests Josh Kuo, DNS expert, and Ross Gibson, Principal Solutions Architect of In…

Hackers Can Easily Extract ChatGPT Training Data Cheebert's prediction about VDI just came true Big Tech jobs are not as immune to layoffs as we thought Siemens PLCs are Still Vulnerable to Stuxnet-like Cyberattacks Josh Kuo, DNS Expert and Ross Gibson, Principal Solutions Architect of Infoblox join Brian Chee and Curt Franklin for part 1 of a 3 pa…

Ransomware group reports a victim company to the SEC for failing to promptly disclose a breach. Shadowy hack-for-hire group behind sprawling web of global cyberattacks Electrical arc detection devices that can prevent dangerous home fires caused by faulty wiring. The worst passwords of 2023 The NIS2 Directive: The first piece of EU-wide legislation…

CISA Alerts: High-Severity SLP Vulnerability currently being exploited. ChatGPT outages attributed to DDoS activity. Gen Z and Millennial employees are a bigger cybersecurity risk than older employees. Security firm finds highly invasive malware hidden in software developer tools. Strategies for bridging the cybersecurity skills gap. Mike Star, CEO…

Okta customer data exposed in support breach impacting 134 companies. Biden requests $3.1B more for FCC's "rip-and-replace" program to remove insecure equipment from federal networks, targeting Huawei and ZTE equipment. Kaspersky finds Android spyware targeting WhatsApp users, reusing malware from Telegram cyber attacks. U.S. Immigration and Custom…

iLeakage gives hackers access passwords and sensitive data on iOS and macOS browsers. 0ktapus is "one of the world's most dangerous financial criminal groups" says Microsoft. Apple backs national right-to-repair bill. Pro-Russia hackers exploiting 0-day in Roundcube webmail software. 9 innovative ways to boost security hygiene for Cyber Awareness M…

This info-packed episode of TWiET dives into the hidden dangers of Google hosted ads with malware. Guest Adam Jacob shares his vision for a "second wave" of DevOps to achieve better collaboration and outcomes. Patch Winrar right now The most used IT Admin passwords Cisco reports 10,000 network devices backdoored with unpatched 0-day The global chip…

On This Week in Enterprise Tech, Lou, Curt, and Brian dive into how remote console devices are empowering IT pros, the future of digital trust and content authenticity, and the evolving landscape of endpoint management security. Jeff Marraccini from Altair explains how air console devices allow him to remotely access noisy server racks to diagnose …

This episode of This Week In Enterprise Tech discusses the major cybersecurity recruitment challenges organizations face today and dives into the world of enterprise edge computing and the future of hyperscale cloud services with Scott Evers of Involta. News Blips: The hosts discuss a severe vulnerability in Atlassian's Confluence Server that allow…

This episode of This Week in Enterprise Tech covers the convergence of networking and security with the emergence of SASE (secure access service edge), tips for navigating the document and file management landscape, and more enterprise tech stories. A new Chrome 0-day is sending the Internet into a new chapter of Groundhog Day DHS Calls Into Questi…

This episode of This Week in Enterprise Tech packs in analysis on Cisco's shocking $25 billion acquisition of Splunk and what it means for the cybersecurity ecosystem. Plus, Intel VP of Sales & Marketing Jason Kimrey joins to decode the company's groundbreaking new neural processors and innovations in chip design, and accelerating AI processing at …

This week on TWiET, Lou Maresca, Brian Chee, and Curt Franklin talk with Dev Rishi, Co-Founder and CEO at Predibase, discussing the hurdles of moving large language models into production environments and how privacy concerns factor into that decision. Guest Dev Rishi of Predibase explains why many organizations say they can't use commercial LLMs, …

On This Week in Enterprise Tech, Lou Maresca, Brian Chee, and Curtis Franklin dive into how the SEC's proposed cybersecurity rules could reshape how corporations handle disclosures and risk management. Guest Brian McDonald from Mutare also shares insights on securing voice communications against rising cyber threats. Plus Brian Chee explains out-of…

UK's Online Safety Bill compromises end-to-end encryption and could result in systemic security risks Cybercriminal gangs are trafficing cybercrime workers Pros and Cons of JAVA programing AirBnb accounts hacked using stealers malware and stolen cookies Should Big Tech firms help pay for broadband contruction? Ketan Karkhanis, executive vice presid…

This week on This Week in Enterprise Tech, host Lou Maresca and co-hosts Curt Franklin and Brian Chee explore the key takeaways from the 2023 Black Hat and DEF CON cybersecurity conferences. They discuss the proliferation of AI, especially in relation to security. Guest Michael Amori, CEO of Virtualitics, talks about how AI is impacting data analyt…

This episode of This Week in Enterprise Tech discusses the latest issues around AI, including legal implications, security concerns, and practical applications. Lucid Software Chief Product Officer Dan Lawyer joins hosts Curt Franklin, Brian Chee, and Oliver Rist to explain how Lucid's visual collaboration tools aim to improve teamwork through inte…

Facial Recognition Lawsuit, AI-generated Fake Books, SaaS Management with Zylo, and more. How fame-seeking teenagers hacked some of the world's biggest targets Innocent pregnant woman jailed amid faulty facial recognition trend XWorm, Remcos RAT evade EDRs to infect critical infrastructure Homage to Lahaina Author discovers AI-generated counterfeit…

Researchers strengthen defenses against denial-of-service attack Cult of the Dead Cow Hacktivists Give Life to 'Privacy-First' App Framework Photoshop can now use generative AI to expand images Text prompts for AI are also available in over 100 languages. US military battling cyber threats from within and without White House Cyber Workforce Strateg…

Cloudflare Radar's new BGP origin hijack detection system TSA Updates Pipeline Cybersecurity Requirements AT&T and Verizon's ancient lead cables have US lawmakers demanding action EFF: FBI Seizure of Mastodon Server Data is a Wakeup Call to Fediverse Users and Hosts to Protect their Users Companies Must Have Corporate Cybersecurity Experts, SEC Say…

Rootkit Attack Detections Increase at UAE Businesses White House, Big Tech Ink Commitments to Secure AI Firmware vulnerabilities in millions of computers could give hackers superuser status The Biden administration is tackling smart devices with a new cybersecurity label Adam Gavish, CEO and Co-Founder of DoControl talks about how you and your orga…

AWS Lambda proactively warms things up WormGPT Cybercrime Tool Heralds an Era of AI Malware vs. AI Defenses DirectorStorage on Windows now works for consumers and games White House Fills in Details of National Cybersecurity Strategy Hackers Say Generative AI Unlikely to Replace Human Cybersecurity Skills According to Bugcrowd Survey Alfonso Santos …

336,000 servers remain unpatched against critical Fortigate vulnerability Patchless Cisco flaw breaks cloud encryption for ACI traffic Google changed its privacy policy to reflect Bard AI's data collecting Top 10 cybersecurity findings from Verizon's 2023 data breach report Ron Reiter, Co-Founder and CTO of Sentra talks data security and improving …

TSMC confirms data breach after LockBit cyberattack on third-party supplier Red Hat Says "Bye Bye CentOS" Cybercriminals Hijacking Vulnerable SSH Servers in New Proxyjacking Campaign ChatGPT's Still a Baby and It's Already Getting Sued Minimizing Dark Data Risk Ranga Bodla, Vice President of Field Engagement and Marketing at Oracle NetSuite talks a…

AWS launches $100M program to fund generative AI initiatives Smaller firms aim to consolidate security tools Schneider power meter vulnerability opens door to power outages Satellite-based laser communication: A rival to fibre networks? USB drives spread spyware as China's Mustang Panda APT goes global Lenley Hensarling, Chief Product Officer of Ae…

Chinese spies breached hundreds of public, private networks, security firm says Millions of Americans' personal data exposed in global hack Nature bans AI-generated art from its 153-year-old science journal Shady Chinese firm's encryption chips got inside the US Navy, NATO, and NASA Use of Multifactor Authentication (MFA) nearly doubles since 2020,…

Google to crack down on office attendance, asks remote workers to reconsider CIOp gang sat on exploit for MOVEit flaw for nearly 2 years Hawaii's Kilauea volcano erupts... again.. and again... U.S. Congress to consider two new bills on artificial intelligence Ways to help cybersecurity's essential workers avoid burnout Jason McGee, GM and CTO of IB…

AI challenges, addressing human fallibility, maintaining data agility with Talend, and more. Triangulation Spyware hits iPhones Jetpack WordPress plug-in API bug triggers mass updates Lawyer cited 6 fake cases made up by ChatGPT; judge calls it "unprecedented" Team sets new speed record for industry-standard optical fiber Using IR spectroscopy for …

China-Backed cyber attacks, AI automation a savior or job-stealer? AI's impact on cybersecurity with ManageEngine, and more. How three US teenagers built Mirai, a DDoS botnet that exploited IoT devices, and avoided prison by helping the FBI with cybercrime and cybersecurity matters. Volt Typhoon' breaks fresh ground for China-backed cyber campaigns…

KeePass Vulnerability Imperils Master Passwords 3 Common Initial Attack Vectors Account for Most Ransomware Campaigns Montana becomes 1st state to ban TikTok Rapid prototyping for the years to come Sit and Surf: High-tech benches bridge digital divide 5 ways security testing can aid incident response Heather Dahl, CEO of Indicio talks about taking …

Google expands TensorFlow open-source tooling for accelerated machine learning development CISA addresses 'Cyber Poor' small biz, local government Wendy's drive-through orders to be taken by a chatbot The future of real-world evidence and data analytics - self-service mode Ex-Ubiquiti engineer behind "breathtaking" data theft gets 6-year prison ter…

Data leakage is becoming a bigger issue for chipmakers. New White House AI initiatives include AI software-vetting event at DEF CON Hotels at risk from bug in Oracle property management software Fresh GDPR ruling says even 'minor anxiety' could mean payouts for EU folks Do Passkeys fix the problems with passwords? Lise Lapointe of Terranova Securit…

NSA Cybersecurity Director Says 'Buckle Up' for Generative AI As sea levels rise, the East Coast is also sinking Russian Bank Releases a ChatGPT Rival Google's New Cloud-Based Authentication Isn't End-to-End Encrypted Yet The FDA's Medical Device Cybersecurity Overhaul Has Real Teeth, Experts Say High-Severity SLP Flaw Can Amplify DDoS Attacks up t…

iOS 17 to support app sideloading to comply with European regulations GhostToken opens Google accounts to permanent infection Over half of the enterprise routers researchers bought secondhand hadn't been wiped IT companions instead of managers Consumers are fed up with passwords, according to 1Password research Paul Mountford, CEO of Protegrity, ta…

Over 1 million WordPress sites were infected by Balada injector malware campaign Western Digital Hackers Demand 8-Figure Ransom Payment for Data NY Senator Chuck Schumer calls for bipartisan legislation to slow down AI Hackers flood NPM with bogus packages causing a DoS attack Almost half of former employees say their passwords still work Dr. Chase…

Amazon Web Services and Microsoft Azure face antitrust probe. Cybercriminals 'CAN' steal your car, using novel IoT hack Romance Scams: Authorities claw back funds from "Pig-butchering" cybercrime ring EU Chips act likely to get the green light on April 18 Designing Tabletop exercises that actually thwart attacks Vincent Korstanje, CEO of Kigen, tal…

Cylance Ransomware strain emerges. BEC Fraudsters Expand to Snatch Real-World Goods in Commodities Twist Bitwarden Announces Secrets Management With a Combination of Open Source, End-to-End Encryption, and Ease of Use Leaked IT contractor files detail the Kremlin's stockpile of cyber-weapons GPT and Enterprise Impact - Edge Tech, Services, and Soft…

Hackers drain bitcoin ATMs of $1.5 million by exploiting a 0-day bug Malicious ChatGPT Extensions Add to Google Chrome Woes Journalists Targeted by USB Drives That Explode When Inserted Into PCs Stanford sends 'hallucinating' Alpaca AI model out to pasture over safety, cost Attackers Are Probing for Zero-Day Vulnerabilities in Edge Infrastructure P…

PayPal data breach, copyright of AI content, streaming databases with Materialize, and more. PayPal data breach exposes personal information of 35,000 users Low-budget 'Winter Vivern' APT awakens after 2-Year hibernation Moon-gate: Samsung fans are mad about AI-processed photos of the moon Making deepfakes gets cheaper and easier thanks to AI Autho…

Malware infecting widely used security appliance survives firmware updates IceFire Ransomware Portends a Broader Shift From Windows to Linux Thousands scammed by AI voices mimicking loved ones in emergencies Personal details of U.S. House members exposed in health data breach Biden FCC nominee withdraws, blaming cable lobby and "unlimited dark mone…

Pernicious Permissions: How Kubernetes Cryptomining Became an AWS Cloud Data Heist CISA, MITRE Look to Take ATT&CK Framework Out of the Weeds Meta unveils a new large language model that can run on a single GPU BlackLotus bootkit bypasses UEFI Secure Boot on patched Windows 11 Microsoft to Store World's Music Collection on Quartz Wafers Andre Keart…

Nvidia's $10K AI chip, authentication management, monitoring & observability with Catchpoint, and more. Voicemod tools up with $14.5M to ride the generative AI (sonic)boom 'New Class of Bugs' in Apple Devices Opens the Door to Complete Takeover The big reuse: 25 MWh of ex-car batteries go on the grid in California Meet the $10,000 Nvidia chip power…

Health info for 1 million patients stolen using critical GoAnywhere vulnerability ESXi Ransomware Update Outfoxes CISA Recovery Script Comcast gave false map data to FCC—and didn't admit it until Ars got involved Atlassian and Envoy briefly blame each other for the data breach Hospitals Sued for Using Meta's Ad-Tracking Code, Violating HIPAA Steve …

CISA releases recovery script for ESXiArgs ransomware victims MagicWeb mystery highlights Nobelium attacker's sophistication Challenges facing Bing, Bard and AI search in the future Amazon secures key FCC approval to deploy its Project Kuiper broadband satellites Have PLC's overstayed their welcome? John Engates, Field Chief Technology Officer from…

Can Google Compete with ChatGPT? Rising 'Firebrick Ostrich' BEC Group Launches Industrial-Scale Cyberattacks iOS 16.3 and macOS Ventura 13.2 add hardware security key support MIT Engineers Invent Vertically Stacked MicroLEDs With Highest-Ever Pixel Density Appliance makers sad that 50% of customers won't connect smart appliances Welden Dodd, SVP of…

Deep faking signatures and handwriting means digital signatures are safer Critical RCE Lexmark Printer Bug Has Public Exploit Right to repair: Farmers can fi their own John Deere tractors Reverse your heart age by 10 years with a bit of gene therapy Is this the year of derivative AI? Dan Finnigan, former CEO of Jobvite and current CEO of Filtered t…

T-Mobile data breach, auto industry rife with vulnerabilities, Ridge Ventures on enterprise VC space, and more. Mailchimp says it was hacked — again Critical manufacturing sector in the bull's-eye 1-in-3 organizations do not provide any cybersecurity training to remote workers despite a majority of employees having access to critical data T-Mobile …

Founder sued by JP Morgan for faking customers Cyberattackers targeting enterprise tools CircleCI, Lastpass, Okta, and Slack FAA giving airlines another year to fix altimeters incompatible with 5G signals Critical flight safety system grounds airlines ChatGPT - disrupter or parlor trick? Becky Trevino, Executive Vice President of product for Snow S…

CircleCI security incident, making API's secure, the state of service mesh with William Morgan CircleCI warns of security breach PurpleUrchin Gang embraces DevOps Biden tries to end 2 years of deadlock at FCC by renominating Gigi Sohn from ARS Technica The Guardian ransomware attack hits week two as staff told to work from home What are some ways t…

Apple search engine, FCC's $300M robocall fine, host's enterprise wishlist, and more. Apple 'at least four years away' from launching Google search competitor Biden signs post-quantum cybersecurity guidelines into law Robocall company may receive the largest FCC fine ever Okta says source code for Workforce Identity Cloud service was copied Apple's…