Tuesday , December 24 2024

infosecbulletin

Russian hacktivist group targets India’s health ministry

A Russian hacktivist group has claimed to have breached the health management information system of India, which could contain the health data of millions of Indian citizens. “On 15 March 2023, CloudSek’s contextual AI digital risk platform XVigil discovered a threat actor group claiming to have targeted an Indian government website,” cybersecurity …

Read More »

China draft law to require ‘security assessment’ for new AI products

All new artificial intelligence (AI) products developed in China will be required to undergo a “security assessment” before being released to the public, a sweeping new draft law by the country’s internet regulator showed on Tuesday. “Before providing services to the public that use generative AI products, a security assessment …

Read More »

Google New Initiative to Reduce the Risk of Zero-Day Vulnerabilities

Charley Snyder, the Head of Security Policy at Google, has posted a new initiative that will eliminate the risk of vulnerabilities and protect security researchers. In his post, he mentioned, “The security industry has improved in many ways, both in technological advances and collaboration, but many challenges remain, especially within …

Read More »

Hacker group brings down Israeli postal, banking and telecoms websites

A hacker group attacked the websites of Israel’s national mail service and major banks Friday, briefly bringing them down in an assault seemingly timed to coincide with a day of Iranian-promoted anti-Israel events. The attack was quickly squelched, authorities said, with apparently no significant harm or data leaks, though the …

Read More »

Critical Vulnerability in Hikvision Storage Solutions Exposes Video Security DataCritical Vulnerability in Hikvision Storage Solutions Exposes Video Security Dataz

Video surveillance giant Hikvision this week informed customers that it has patched a critical vulnerability affecting its Hybrid SAN and cluster storage products. The vulnerability, tracked as CVE-2023-28808, has been described by the vendor as an access control issue that can be exploited to obtain administrator permissions by sending specially crafted messages …

Read More »