Intellectual Property | Breaking Cybersecurity News | The Hacker News

While some SaaS threats are clear and visible, others are hidden in plain sight, both posing significant risks to your organization. Wing's research indicates that an astounding 99.7% of organizations utilize applications embedded with AI functionalities. These AI-driven tools are indispensable, providing seamless experiences from collaboration and communication to work management and decision-making. However, beneath these conveniences lies a largely unrecognized risk: the potential for AI capabilities in these SaaS tools to compromise sensitive business data and intellectual property (IP). Wing's recent findings reveal a surprising statistic: 70% of the top 10 most commonly used AI applications may use your data for training their models. This practice can go beyond mere data learning and storage. It can involve retraining on your data, having human reviewers analyze it, and even sharing it with third parties. Often, these threats are buried deep in the fine print of Term

In an era where digital transformation drives business across sectors, cybersecurity has transcended its traditional operational role to become a cornerstone of corporate strategy and risk management. This evolution demands a shift in how cybersecurity leaders—particularly Chief Information Security Officers (CISOs)—articulate the value and urgency of cybersecurity investments to their boards.  The Strategic Importance of Cybersecurity Cybersecurity is no longer a backroom IT concern but a pivotal agenda item in boardroom discussions. The surge in cyber threats, coupled with their capacity to disrupt business operations, erode customer trust, and incur significant financial losses, underscores the strategic value of robust cybersecurity measures. Moreover, as companies increasingly integrate digital technologies into their core operations, the significance of cybersecurity in safeguarding corporate assets and reputation continues to rise. The Current State of Cybersecurity in Corpo

As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, "Your First 100 Days as a vCISO – 5 Steps to Success" , which covers all the phases entailed in launching a successful vCISO engagement, along with recommended actions to take, and step-by-step examples.  Following the success of the playbook and the requests that have come in from the MSP/MSSP community, we decided to drill down into specific parts of vCISO reporting and provide more color and examples. In this article, we focus on how to create compelling narratives within a report, which has a significant impact on the overall MSP/MSSP value proposition.  This article brings the highlights of a recent guided workshop we held, covering what makes a successful report and how it can be used to enhance engagement with your cyber security clients.

The U.S. Department of Justice (DoJ) announced the indictment of a 38-year-old Chinese national and a California resident for allegedly stealing proprietary information from Google while covertly working for two China-based tech companies. Linwei Ding (aka Leon Ding), a former Google engineer who was arrested on March 6, 2024, "transferred sensitive Google trade secrets and other confidential information from Google's network to his personal account while secretly affiliating himself with PRC-based companies in the AI industry," the DoJ  said . The defendant is said to have pilfered from Google over 500 confidential files containing artificial intelligence (AI) trade secrets with the goal of passing them on to two unnamed Chinese companies looking to gain an edge in the ongoing AI race. "While Linwei Ding was employed as a software engineer at Google, he was secretly working to enrich himself and two companies based in the People's Republic of China," sa

The United States Department of Justice has announced criminal charges and sanctions against 9 Iranians involved in hacking universities, tech companies, and government organisations worldwide to steal scientific research resources and academic papers. According to the FBI officials, the individuals are connected to the Mabna Institute , an Iran-based company created in 2013 whose members were allegedly hired by the Iranian government for gathering intelligence. Though the content of the papers is not yet known, investigators believe it might have helped Iranian scientists to develop nuclear weapons. In past four years, the state-sponsored hacking group has allegedly infiltrated more than 320 universities in 22 countries—144 of which were in the United States—and stolen over 30 terabytes of academic data and intellectual property. The group used spear-phishing attacks to target more than 100,000 e-mail accounts and computer systems of the professors around the world, and suc

Researchers have uncovered several major weaknesses in the implementation of the Institute of Electrical and Electronics Engineers (IEEE) P1735 cryptography standard that can be exploited to unlock, modify or steal encrypted system-on-chip blueprints. The IEEE P1735 scheme was designed to encrypt electronic-design intellectual property (IP) in the hardware and software so that chip designers can protect their IPs from hackers and other prying eyes. Majority of mobile and embedded devices include a System-on-Chip (SoC), a single integrated circuit that can consist of multiple IPs—a collection of reusable design specifications—like a radio-frequency receiver, an analogue-to-digital converter, a digital signal processing unit, a graphics processing unit, a cryptographic engine, from different vendors. Therefore, these licensed IPs are quite valuable to their vendors, so to protect them from being reverse engineered after being sold, the IEEE developed the P1735 standard to encryp

A federal indictment unsealed earlier today alleges that a 35-year-old Texas man hacked into the computer network of an Eden Prairie business, stealing approximately $274,000. The indictment, filed in Minneapolis on October 13, 2010, charges Jeremy Parker of Houston, Texas, with one count of unauthorized access to a protected computer to further fraud and one count of wire fraud. It was unsealed following Parker's initial appearance in United States District Court. The indictment claims that from December 23, 2008, through October 15, 2009, Parker hacked into the computer network to obtain money belonging to Digital River, Inc., through a subsidiary, SWReg, Inc. SWReg pays independent software developers who write code that can run on Digital River's system. Royalties owed to these developers accumulate at SWReg, allowing developers to view their royalty balances online and cash out those accounts. When a developer cashes out, SWReg electronically transfers the money into the

The mobile phone wars became more interesting late on Tuesday when Microsoft publicly claimed for the first time that Google's Android operating system infringes on its intellectual property. According to sources close to the company, Microsoft believes that Android infringes on its patented technology. This infringement spans areas from the user interface to the underlying operating system. In a statement to CNET, Microsoft's deputy general counsel, Horacio Gutierrez, said that while Microsoft prefers to resolve intellectual property licensing issues without lawsuits, it must ensure that "competitors do not free ride on our innovations." Gutierrez's comments came as Microsoft and HTC announced a new patent deal. This agreement specifically allows the Taiwanese cell phone maker to use Microsoft's patented technologies in phones running Google's Android operating system. Microsoft mentioned ongoing discussions with other phone manufacturers. "We ha