The United States and South Korea reaffirmed a commitment to mitigate the risks in technologies including AI, 5G networks and cloud computing, while developing an "inclusive approach" to govern their use. The two countries said governance must support the development of trustworthy AI.
Three suspected Chinese espionage actors aimed a series of cyberattacks against an unnamed Southeast Asian country's critical infrastructure, healthcare and government organizations. Researchers attributed the hacks to APT group Mustang Panda, known for espionage attacks on foreign governments.
The Hong Kong Consumer Council said it had detected a severe ransomware attack on Wednesday that compromised 65 gigabytes of data, including employee and client information, internal records and possibly the data of current and former staff and their family members.
Indian government officials say they may delay enforcement of the new Digital Personal Data Protection Act to give small businesses and healthcare organizations more time to comply. A decision on the deadline will come sometime after the appointment of a Data Protection Board in the next 30 days.
Microsoft said Chinese state-affiliated groups have stepped up cyberattacks in 2023 against countries in the South China Sea region - even hacking telecom firms to steal call records for cyberespionage. The most active group, Raspberry Typhoon, targets governments, militaries and infrastructure.
Enterprises are grappling with constantly changing technologies and new stakeholders, making it hard for security teams to achieve both cyber maturity and long-term sustainability. Standardization plays a critical role in cyber resilience, said Sunil Varkey, former CISO of Wipro and Idea Cellular.
The Ukraine war underscores the threats posed by cyberwarfare. India faces its own threats, which means public and private sectors need to work together to defend against nation-state attacks, according to retired Lt. Cdr. Antony KM, vice president of internal audit and cybersecurity at NAB India.
A spate of high-profile ransomware attacks shows that the Asia-Pacific region is squarely in the crosshairs of cybercriminal groups, and some fear that attackers are turning to smaller, regional businesses even less prepared to defend themselves. Expert weigh in on defensive strategies.
Growing reliance on both AI and generative AI is posing new challenges to CISOs. For example, CISOs have limited visibility into how certain large language models were packaged, making it difficult for them to spot security and privacy risks, said Chandan Pani, CISO at LTIMindtree.
China hasn't ordered any restrictions on the use of Apple iPhones by government agencies, according to a Chinese government spokesperson, but the official cited recent security flaws in the iPhone and warned that foreign mobile device manufacturers must abide by domestic information security laws.
A major ransomware attack on the Sri Lankan government's cloud infrastructure compromised approximately 5,000 government email accounts and wiped out numerous emails that had not been protected by offline backups. The agency said some employees lost three months of email messages.
Cybersecurity researchers at Symantec said a cybercriminal entity with possible ties to the Chinese government used the ShadowPad Trojan to target an Asian country's national power grid earlier this year. The Redfly APT group focused on stealing credentials and compromising multiple computers.
Cybercriminals have found a new opportunity to exploit retail investors - a popular target among individuals looking to diversify their income. Researchers at Group-IB discovered an ongoing global investment scam that uses fake money-making investment schemes to lure investors.
More than a one-fourth of Indian organizations suffered over $2 million in losses to cyberattacks in the past year as a result of a lack of skilled cybersecurity workforce and funds, according to a recent survey by cloud cybersecurity vendor Cloudflare.
One-fourth of APAC healthcare organizations over the past year paid a ransom to recover encrypted files and systems, and a greater share incurred losses exceeding $1 million to cyberattacks. A survey by cybersecurity firm Claroty found that defenders are understaffed and using outdated technology.