Wednesday , April 30 2025

Data breach cause prediction
90% of data breaches in 2024 will feature a human element

According to an analyst, there will be major data breaches and fines for application developers who use generative AI (GenAI) extensively next year. Forrester made the claims in its 2024 predictions for cybersecurity, risk and privacy and trust.

Alla Valente, a senior analyst, issued a warning about the excessive use of “TuringBots”, which are GenAI assistants that aid in code creation. She emphasized the importance for developers to thoroughly scan the generated code for vulnerabilities.

Massive Attack: Hacker Actively Use 4800+ IPs To Attack Git Configuration Files

A recent increase in cyber reconnaissance has endangered thousands of organizations, as GreyNoise, a global threat intelligence platform, reported a...
Read More
Massive Attack: Hacker Actively Use 4800+ IPs To Attack Git Configuration Files

CISA Adds Actively Exploited Broadcom Flaws to KEV Database

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two high-severity security flaws affecting Broadcom Brocade Fabric OS and Commvault...
Read More
CISA Adds Actively Exploited Broadcom Flaws to KEV Database

Google reports 97 zero-days exploited in 2024, 50% in spyware attacks

Google's Threat Intelligence Group (GTIG) reported that in the year 2024, attackers exploited 75 zero-day vulnerabilities, with over 50% related...
Read More
Google reports 97 zero-days exploited in 2024, 50% in spyware attacks

Palo Alto Networks to Acquire AI Security Firm “Protect AI”

On Monday, Palo Alto Networks confirmed it is acquiring the US-based AI security company Protect AI. Protect AI has created...
Read More
Palo Alto Networks to Acquire AI Security Firm “Protect AI”

CISA Releases Seven ICS Advisories

On April 24, 2025, CISA published seven advisories addressing security issues, vulnerabilities, and exploits related to Industrial Control Systems (ICS)....
Read More
CISA Releases Seven ICS Advisories

India Launches First Quantum Computing Village in Amaravati

India has taken a monumental stride toward next-generation technology by initiating its first Quantum Computing Village, a state-of-the-art project in...
Read More
India Launches First Quantum Computing Village in Amaravati

400+ SAP NetWeaver Devices Vulnerable to 0-Day Attacks

Shadow servers found 454 vulnerable SAP NetWeaver systems at risk from a critical zero-day exploit currently being used in attacks....
Read More
400+ SAP NetWeaver Devices Vulnerable to 0-Day Attacks

30 Teams Qualify for Online Preliminary Round At UAP CTF Contest

Blind_Virus, DU_Featherless_Bipeds and Hidden investigations team secure the 1st , 2nd and 3rd positions accordingly for online preliminary round at...
Read More
30 Teams Qualify for Online Preliminary Round At UAP CTF Contest

CVE-2025-43859
Request Smuggling Vulnerability in Python’s h11 HTTP Library

A critical vulnerability tracked as CVE-2025-43859 has been disclosed in h11, a minimalist, I/O-agnostic HTTP/1.1 protocol library written in Python....
Read More
CVE-2025-43859  Request Smuggling Vulnerability in Python’s h11 HTTP Library

NVIDIA Releases Security Update For GPU Driver Vulnerabilities

NVIDIA has released a software security update for its GPU Display Driver to fix multiple vulnerabilities affecting both the driver...
Read More
NVIDIA Releases Security Update For GPU Driver Vulnerabilities

ALSO READ:

40 countries to sign a agreement not to pay ransom

In a blog post, she mentioned that if there are no proper protections for TuringBot-generated code, Forrester predicts that by 2024, at least three data breaches will be attributed to insecure AI-generated code. These breaches could occur because of security flaws in the code or vulnerabilities in suggested AI dependencies.
Regulatory issues may arise for apps that use GenAI products like ChatGPT to provide information to users.

Valente predicted at least one would be fined for its handling of personally identifiable information (PII).

The person mentioned that OpenAI has the means to protect itself from regulators, but third-party apps on ChatGPT may not have the same resources.

Some apps introduce risks through their third-party tech providers, but lack the resources and expertise to handle them properly. In 2024, companies should identify apps that may increase their risk exposure and focus on managing third-party risks.

The European Data Protection Board has created a task force to coordinate enforcement action against ChatGPT. This action was taken after the Italian Data Protection Authority decided to suspend the use of the product in Italy.
In the US, the FTC is investigating OpenAI.

GenAI may also play a part in Valente’s third prediction: that 90% of data breaches in 2024 will feature a human element. According to Verizon, the figure is already at 74%.

GenAI poses a significant risk to security. It enhances social engineering and enables attackers to efficiently carry out convincing phishing attacks.

“This increase [in people-centric risk] will expose one of the touted silver bullets for mitigating human breaches: security awareness and training,” argued Valente.

In 2024, CISOs will focus more on adaptive human protection. This is because NIST will update its guidance on awareness and training, and there will be more human quantification vendors available.

Check Also

SessionShark

‘SessionShark’ ToolKit Bypasses Microsoft Office 365 MFA

The SessionShark phishing kit bypasses Office 365 MFA by stealing session tokens. Experts warn about …

Leave a Reply

Your email address will not be published. Required fields are marked *