#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

Intellectual Property | Breaking Cybersecurity News | The Hacker News

Category — Intellectual Property
Acronym Overdose – Navigating the Complex Data Security Landscape

Acronym Overdose – Navigating the Complex Data Security Landscape

Oct 19, 2024 Regulatory Compliance / Data Security
In the modern enterprise, data security is often discussed using a complex lexicon of acronyms—DLP, DDR, DSPM, and many others. While these acronyms represent critical frameworks, architectures, and tools for protecting sensitive information, they can also overwhelm those trying to piece together an effective security strategy. This article aims to demystify some of the most important acronyms in data security today and offer practical guidance to help businesses navigate the data security landscape and protect their most valuable assets with confidence. What's driving data security? In today's ever-evolving digital landscape, data security has become a top priority for businesses of all sizes. As data continues to be the most valuable asset for organizations, the need to protect it from breaches, unauthorized access, and other security threats grows. But what exactly is driving businesses to prioritize data security? From compliance with regulations to safeguarding intellectual pr...
The Secrets of Hidden AI Training on Your Data

The Secrets of Hidden AI Training on Your Data

Jun 27, 2024 Artificial Intelligence / SaaS Security
While some SaaS threats are clear and visible, others are hidden in plain sight, both posing significant risks to your organization. Wing's research indicates that an astounding 99.7% of organizations utilize applications embedded with AI functionalities. These AI-driven tools are indispensable, providing seamless experiences from collaboration and communication to work management and decision-making. However, beneath these conveniences lies a largely unrecognized risk: the potential for AI capabilities in these SaaS tools to compromise sensitive business data and intellectual property (IP). Wing's recent findings reveal a surprising statistic: 70% of the top 10 most commonly used AI applications may use your data for training their models. This practice can go beyond mere data learning and storage. It can involve retraining on your data, having human reviewers analyze it, and even sharing it with third parties. Often, these threats are buried deep in the fine print of Term...
The Future of Serverless Security in 2025: From Logs to Runtime Protection

The Future of Serverless Security in 2025: From Logs to Runtime Protection

Nov 28, 2024Cloud Security / Threat Detection
Serverless environments, leveraging services such as AWS Lambda, offer incredible benefits in terms of scalability, efficiency, and reduced operational overhead. However, securing these environments is extremely challenging. The core of current serverless security practices often revolves around two key components: log monitoring and static analysis of code or system configuration. But here is the issue with that: 1. Logs Only Tell Part of the Story Logs can track external-facing activities, but they don't provide visibility into the internal execution of functions. For example, if an attacker injects malicious code into a serverless function that doesn't interact with external resources (e.g., external APIs or databases), traditional log-based tools will not detect this intrusion. The attacker may execute unauthorized processes, manipulate files, or escalate privileges—all without triggering log events. 2. Static Misconfiguration Detection is Incomplete Static tools that check ...
Crafting and Communicating Your Cybersecurity Strategy for Board Buy-In

Crafting and Communicating Your Cybersecurity Strategy for Board Buy-In

Mar 19, 2024 Regulatory Compliance / Cloud Security
In an era where digital transformation drives business across sectors, cybersecurity has transcended its traditional operational role to become a cornerstone of corporate strategy and risk management. This evolution demands a shift in how cybersecurity leaders—particularly Chief Information Security Officers (CISOs)—articulate the value and urgency of cybersecurity investments to their boards.  The Strategic Importance of Cybersecurity Cybersecurity is no longer a backroom IT concern but a pivotal agenda item in boardroom discussions. The surge in cyber threats, coupled with their capacity to disrupt business operations, erode customer trust, and incur significant financial losses, underscores the strategic value of robust cybersecurity measures. Moreover, as companies increasingly integrate digital technologies into their core operations, the significance of cybersecurity in safeguarding corporate assets and reputation continues to rise. The Current State of Cybersecurity in C...
cyber security

Creating, Managing and Securing Non-Human Identities

websitePermisoCybersecurity / Identity Security
A new class of identities has emerged alongside traditional human users: non-human identities (NHIs). Permiso Security's new eBook details everything you need to know about managing and securing non-human identities, and strategies to unify identity security without compromising agility.
Ex-Google Engineer Arrested for Stealing AI Technology Secrets for China

Ex-Google Engineer Arrested for Stealing AI Technology Secrets for China

Mar 07, 2024 Artificial Intelligence / Corporate Espionage
The U.S. Department of Justice (DoJ) announced the indictment of a 38-year-old Chinese national and a California resident for allegedly stealing proprietary information from Google while covertly working for two China-based tech companies. Linwei Ding (aka Leon Ding), a former Google engineer who was arrested on March 6, 2024, "transferred sensitive Google trade secrets and other confidential information from Google's network to his personal account while secretly affiliating himself with PRC-based companies in the AI industry," the DoJ  said . The defendant is said to have pilfered from Google over 500 confidential files containing artificial intelligence (AI) trade secrets with the goal of passing them on to two unnamed Chinese companies looking to gain an edge in the ongoing AI race. "While Linwei Ding was employed as a software engineer at Google, he was secretly working to enrich himself and two companies based in the People's Republic of China," sa...
U.S. Charges 9 Iranians With Hacking Universities to Steal Research Data

U.S. Charges 9 Iranians With Hacking Universities to Steal Research Data

Mar 25, 2018
The United States Department of Justice has announced criminal charges and sanctions against 9 Iranians involved in hacking universities, tech companies, and government organisations worldwide to steal scientific research resources and academic papers. According to the FBI officials, the individuals are connected to the Mabna Institute , an Iran-based company created in 2013 whose members were allegedly hired by the Iranian government for gathering intelligence. Though the content of the papers is not yet known, investigators believe it might have helped Iranian scientists to develop nuclear weapons. In past four years, the state-sponsored hacking group has allegedly infiltrated more than 320 universities in 22 countries—144 of which were in the United States—and stolen over 30 terabytes of academic data and intellectual property. The group used spear-phishing attacks to target more than 100,000 e-mail accounts and computer systems of the professors around the world, and suc...
IEEE P1735 Encryption Is Broken—Flaws Allow Intellectual Property Theft

IEEE P1735 Encryption Is Broken—Flaws Allow Intellectual Property Theft

Nov 07, 2017
Researchers have uncovered several major weaknesses in the implementation of the Institute of Electrical and Electronics Engineers (IEEE) P1735 cryptography standard that can be exploited to unlock, modify or steal encrypted system-on-chip blueprints. The IEEE P1735 scheme was designed to encrypt electronic-design intellectual property (IP) in the hardware and software so that chip designers can protect their IPs from hackers and other prying eyes. Majority of mobile and embedded devices include a System-on-Chip (SoC), a single integrated circuit that can consist of multiple IPs—a collection of reusable design specifications—like a radio-frequency receiver, an analogue-to-digital converter, a digital signal processing unit, a graphics processing unit, a cryptographic engine, from different vendors. Therefore, these licensed IPs are quite valuable to their vendors, so to protect them from being reverse engineered after being sold, the IEEE developed the P1735 standard to encryp...
Texas Man Indicted for Hacking Eden Prairie Business, Stealing $274,000

Texas Man Indicted for Hacking Eden Prairie Business, Stealing $274,000

Dec 24, 2010
A federal indictment unsealed earlier today alleges that a 35-year-old Texas man hacked into the computer network of an Eden Prairie business, stealing approximately $274,000. The indictment, filed in Minneapolis on October 13, 2010, charges Jeremy Parker of Houston, Texas, with one count of unauthorized access to a protected computer to further fraud and one count of wire fraud. It was unsealed following Parker's initial appearance in United States District Court. The indictment claims that from December 23, 2008, through October 15, 2009, Parker hacked into the computer network to obtain money belonging to Digital River, Inc., through a subsidiary, SWReg, Inc. SWReg pays independent software developers who write code that can run on Digital River's system. Royalties owed to these developers accumulate at SWReg, allowing developers to view their royalty balances online and cash out those accounts. When a developer cashes out, SWReg electronically transfers the money into the ...
Microsoft Targets Android with Patent Infringement Allegations

Microsoft Targets Android with Patent Infringement Allegations

Nov 03, 2010
The mobile phone wars became more interesting late on Tuesday when Microsoft publicly claimed for the first time that Google's Android operating system infringes on its intellectual property. According to sources close to the company, Microsoft believes that Android infringes on its patented technology. This infringement spans areas from the user interface to the underlying operating system. In a statement to CNET, Microsoft's deputy general counsel, Horacio Gutierrez, said that while Microsoft prefers to resolve intellectual property licensing issues without lawsuits, it must ensure that "competitors do not free ride on our innovations." Gutierrez's comments came as Microsoft and HTC announced a new patent deal. This agreement specifically allows the Taiwanese cell phone maker to use Microsoft's patented technologies in phones running Google's Android operating system. Microsoft mentioned ongoing discussions with other phone manufacturers. "We ha...
Expert Insights / Articles Videos
Cybersecurity Resources