FCC Makes AI-Generated Voices in Robocalls Illegal
This is a tremendous advancement in legislation that seeks to halt this emerging trend. It was only a matter of time until organizations adopted AI in their robocall schemes. In many cases, this is just annoying. Robocalls are butt! There is extreme danger of AI robocalls being utilized to exhort family members by pretending to be a loved one, imitating celebrities for gain, and voter fraud. You can read more via the FCC.
KRR to Acquire VMware End User Computing Business
M&A activity continues its hot trend in 2024. KRR announced its plan to acquire the end user compute line of biz from Broadcom for $4B. This comes in the wake of extensive price increases being felt as changes to VMware pricing rolls out to the masses. You can learn more via Yahoo News.
OpenAI Faces Stiff Competition
A lot has changed over the last year since ChatGPT broke the internet. Since then, startups, big tech and open source have gained ground. This indicates that pricing will begin to compress. You, the end user, will have more options available for selection. New LLM’s will hit the scene offering deeper levels of customization at lower prices. You can read more via Big Technology.
Data Brokers Security Risk
It’s surprisingly cheap to buy the personal data for US service members. As little as a few cents per person! Clearly this should be seen as a threat to national security. New legislation is being posed that would prohibit the US Government from sourcing from these data brokers. You can read more via Forbes.
Atlassian Vulnerability
Bug CVE-2023-22518 is causing havoc for Atlassian users. This bug recently bumped from a 9.1 to a 10 (highest level) on the vulnerability severity scale. If you don’t take action, you’re at risk of severe data loss. You can read more via Rapid7.
Maine Targeted by MOVEit
The state of Maine fell victim to MOVEit in a breach that impacted 1.8 million user’s data. While the investigation is ongoing, users could see a variety of private information leaked, ranging from driver’s license, healthcare information, Social Security numbers and more. MOVEit has impacted 70+ million people. You can read more via Maine.gov.
Sumo Logic and Rotating Keys
While Sumo Logic did not declare a breach, it has issued a notice for users to rotate API keys. This comes on the heals of finding evidence of a security incident. This is still a developing story. You can read more via Bleeping Computer.
Okta Meant 100%, Not 1%
This is a fun story coming out of one of the leaders in identity management. In October Okta released a notice stating that 1% of users were impacted by a breach. Fast forward to November and it appears that nearly all accounts were impacted in some capacity. Fortunately, the bulk of contacts compromised were support users. You can read more via Axios.
Tech COO Goes Bad
This is a WILD story. The former COO of Securolytics out of Atlanta plead guilty to a 2018 incident in which he staged attacks against two hospitals in order to pitch his tech services. The court has yet to decide if he will face jail time. You can read more via The Register.
SolarWinds Denies Charges
This is a fun development in the SolarWinds saga that stems from their 2020 breach. In October the SEC formally filed charges, which SolarWinds plans to fight. One area of note is that the CISO is specifically named in the suit. This is generally uncommon for the SEC, unless the executive is responsible for preparing financial documentation. You can read more via the Wall Street Journal.
ScreenConnect Related Breaches
Hackers are targeting healthcare organizations across the US via ScreenConnect leveraged by Transaction Data Systems, a pharmaceutical supply chain company. ScreenConnect is a ConnectWise product. The vendor has stated that these incidents are related to an unmanaged instance which has lacked proper updates since 2019. You can read more via BleepingComputer.
Comcast Xfinity Breach
35 million people were impacted in a breach that includes usernames, passwords, partial SSN, and more. You can learn more via The Verge.
VMware CSP Changes
Broadcom recently announced cuts to a multitude of cloud service providers. Only 22 CSP partners will remain in the wake of these changes. This means thousands of small vendors who provide private and multi-tenant VMware clouds will be at risk. If you need assistance sourcing the correct CSP for your needs, holler at us. You can read more via The Register.
NSA Buys Internet Records
Ron Wyden, Oregon Senator, dropped a juice nugget. He reports that the NSA is buying large quantities of American’s internet data, including netflow and DNS data. The key point from this article is that the NSA is purchasing the data without a warrant, because the data is available to be purchased by anyone. You can read more via Reuters.
Printers Gone Wild
HP recently came under scrutiny due to claims by current CEO, Enrique Lores. The CEO claimed HP recently brinked printers that use third-party ink due to concerns that hackers could embed the ink cartridges with viruses. HP responded to this claim after blowback confirming that no known cases in the wild have been confirmed. You can read more via Wired.
Cisco Flaw with Unified Coms
Patches have been released related to vulnerabilities with Cisco’s Unified Communications and CX platforms. The exploit allows bad actors to infiltrate the underlying operating system. That’s not good! You can learn more via The Hacker News.