cybersecurity

Diriyah Co. partner with SAFCSP to strengthen cybersecurity

The Diriyah Company has partnered with the Saudi Federation for Cybersecurity, Programming, and Drones (SAFCSP) to enhance the city’s digital security and align with the goals of Saudi Vision 2030. That collaboration aims to protect Diriyah’s digital infrastructure as it transforms into a cultural and heritage hub.

As part of the agreement, Diriyah Co. will join BugBounty, the Middle East’s first cybersecurity research platform, to identify and address software vulnerabilities. Additionally, the partnership includes initiatives such as conferences, workshops, and public awareness campaigns to foster a culture of cybersecurity.

To further strengthen capabilities, SAFCSP will provide Diriyah Co. access to its professional database for recruiting cybersecurity specialists. It will also offer specialised training programs to employees and identify top-performing students for advanced training opportunities.

The partnership supports innovation and collaboration across government and private sectors by integrating advanced cybersecurity measures and prioritising talent development. These efforts aim to create a secure and sustainable digital future for Diriyah, empowering the next generation with advanced technology and driving cultural, economic, and technological growth in line with Saudi Vision 2030.

Hidden vulnerabilities in ChatGPT search tool uncovered

OpenAI’s ChatGPT search tool is under scrutiny after a Guardian investigation revealed vulnerabilities to manipulation and malicious content. Hidden text on websites can alter AI responses, raising concerns over the tool’s reliability. The search feature, currently available to premium users, could misrepresent products or services by summarising planted positive content, even when negative reviews exist.

Cybersecurity researcher Jacob Larsen warned that the AI system in its current form might enable deceptive practices. Tests revealed how hidden prompts on webpages influence ChatGPT to deliver biased reviews. The same mechanism could be exploited to distribute malicious code, as highlighted in a recent cryptocurrency scam where the tool inadvertently shared credential-stealing instructions.

Experts emphasised that while combining search with AI models like ChatGPT offers potential, it also increases risks. Karsten Nohl, a scientist at SR Labs, likened such AI tools to a ‘co-pilot’ requiring oversight. Misjudgments by the technology could amplify risks, particularly as it lacks the ability to critically evaluate sources.

OpenAI acknowledges the possibility of errors, cautioning users to verify information. However, broader implications, such as how these vulnerabilities could impact website practices, remain unclear. Hidden text, while traditionally penalised by search engines like Google, may find new life in manipulating AI-based tools, posing challenges for OpenAI in securing the system.

UN General Assembly adopts historic cybercrime convention

The United Nations General Assembly has adopted a landmark treaty to combat cybercrime, marking the culmination of five years of negotiations. The UN Convention against Cybercrime is set to become the first global instrument for global efforts to combat cybercrime and enhance international cooperation and technical assistance.

The UN Office on Drugs and Crime (UNODC), which acted as secretariat throughout the negotiations, celebrated the treaty as a victory for global cooperation.

‘Adopting this landmark convention is a major victory for multilateralism, marking the first international anti-crime treaty in 20 years. It is a crucial step forward in our efforts to address crimes like online child sexual abuse, sophisticated online scams and money laundering,’ said UNODC Executive Director Ghada Waly.

The General Assembly adopted the resolution by consensus, underscoring widespread support. Negotiations included contributions from civil society, academia, and the private sector, ensuring the treaty reflects diverse perspectives. However, many non-state actors raised concerns about the latest draft.

The treaty will open for signature during a formal ceremony in Vietnam in 2025 and will enter into force 90 days after being ratified by at least 40 member states. In addition, UNODC will continue its role as the secretariat for the Ad Hoc Committee, which is tasked with drafting a supplementary protocol to the Convention and supporting the future Conference of States Parties.

For more details about the Convention and negotiations process, please follow the dedicated page.

US healthcare sector faces new data breach

A recent cybersecurity breach involving US healthcare platform ConnectOnCall has compromised sensitive information belonging to more than 910,000 patients. The telehealth service, owned by Phreesia, experienced unauthorised access between February and May 2024, exposing names, phone numbers, medical details, and in some cases, Social Security numbers. Phreesia promptly took action after discovering the breach, enlisting cybersecurity experts and notifying federal authorities.

ConnectOnCall facilitates after-hours communication for healthcare providers, making the data theft particularly alarming due to the permanent and sensitive nature of health records. Cybercriminals may use this information for identity theft, fraudulent insurance claims, and targeted phishing attacks. Phreesia has since taken the service offline, offering identity and credit monitoring to affected patients, while working to implement more robust security measures.

The breach highlights the growing threat posed by cyberattacks on US healthcare platforms, where data is not only invaluable but also irreplaceable. Experts urge vigilance, such as monitoring accounts, using strong passwords, and employing identity theft protection. With incidents like this on the rise, calls are growing for stricter regulations to safeguard patient information and prevent similar breaches in the future.

Digital Robin Hood scam hits crypto thieves

A crafty new scam is ensnaring would-be crypto thieves by baiting them with fake wallet seed phrases. Cybersecurity experts at Kaspersky have revealed how scammers post these phrases in YouTube comments, claiming the wallets hold significant funds. The wallets, however, are traps designed to exploit anyone attempting to steal the assets.

One wallet discovered by Kaspersky analyst Mikhail Sytnik reportedly held $8,000 in USDT on the Tron network. A thief must send Tron (TRX) tokens to move the funds to cover transaction fees. Unbeknownst to them, the wallet is a multi-signature account, meaning the TRX sent for fees is instantly redirected to another wallet controlled by the scammers.

Sytnik described the scammers as “digital Robin Hoods” for targeting other opportunists. He advised people never to try accessing others’ wallets, even if given a seed phrase, and to remain cautious of strangers’ claims about cryptocurrency online.

This isn’t the first time fraudsters have exploited greed in the crypto space. In July, Kaspersky exposed a similar scam on Telegram, where users were tricked into downloading malware disguised as legitimate crypto tools, potentially compromising their devices and funds.

The Philippine SEC proposes new crypto regulations

The Philippine Securities and Exchange Commission (SEC) has unveiled a draft of its ‘SEC Rules on Crypto-Assets Service Providers’ to regulate the country’s booming crypto market. The new proposal aims to establish clear guidelines for service providers involved in activities like trading, custody, and public offerings of crypto-assets, which are defined as digital representations of value using distributed ledger technology.

As the Philippines continues to attract a growing number of cryptocurrency users, especially among its tech-savvy population, the SEC’s rules focus on mitigating risks like fraud and market manipulation while promoting innovation. Under the draft rules, service providers must register with the SEC and comply with the standards outlined in the Financial Products and Services Consumer Protection Act. They will also face strict capital requirements and must submit detailed disclosure documents before marketing crypto-assets to the public.

The proposal also places heavy emphasis on cybersecurity and anti-money laundering measures. Service providers will need to align their systems with the National Cybersecurity Plan and undergo regular audits. Additionally, practices to prevent insider trading and market manipulation will be closely monitored.

The public has until 18 January 2025, to provide feedback on the draft rules, marking an important step in shaping the future of the crypto industry in the Philippines.

MCU and Fortinet to enhance cybersecurity education in the Philippines

Manila Central University (MCU) has partnered with Fortinet, a global leader in cybersecurity, through its Academic Partner Program to address the growing talent shortage in the Philippines. That collaboration aims to equip students with essential skills to meet industry demands by integrating Fortinet’s Network Security Expert (NSE) training and certification program into the university’s curriculum, either as coursework or standalone offerings.

Faculty members will receive advanced training, and students will benefit from guest lectures, practical exercises, and hands-on learning in areas like network security, malware analysis, and defence strategies. Additionally, the partnership includes establishing a state-of-the-art Cyber Innovation Lab to provide immersive learning experiences.

The initiative aligns with findings from Fortinet’s ‘Cybersecurity Skills Gap 2024 Global Research Report,’ which revealed that 94% of organisations in the Philippines experienced security breaches in 2023, with 77% partly attributed to a lack of cybersecurity skills. MCU joins nine other institutions, including Mapúa University and Mindanao State University-Sulu, in Fortinet’s nationwide effort to strengthen cybersecurity education.

The partnership also represents a significant step toward bridging the cybersecurity skills gap in the Philippines. By combining Fortinet’s expertise with MCU’s academic foundation, the program offers students industry-recognised certifications and practical knowledge needed to excel as cybersecurity professionals.

Why does it matter?

The initiative addresses immediate challenges highlighted in the report and strengthens the country’s capacity to defend against evolving digital threats, ensuring a robust pipeline of future professionals ready to meet global cybersecurity standards.

NETSCOUT enhances DDoS protection with AI/ML-Driven adaptive solutions

NETSCOUT SYSTEMS announced significant updates to its Arbor Edge Defense (AED) and Arbor Enterprise Manager (AEM) products as part of its Adaptive DDoS Protection solution. These enhancements are designed to address the growing threats of AI-enabled DDoS attacks, which have surged in sophistication and frequency.

Application-layer and volumetric attacks have increased by 43% and 30%, respectively, with DDoS-for-hire services making attacks easier to execute. To combat these evolving threats, NETSCOUT leverages AI and machine learning (ML) within its ATLAS Threat Intelligence system, which monitors over 550 Tbps of real-time internet traffic across 500 ISPs and 2,000 enterprise sites worldwide.

The AI/ML-powered solution enables dynamic threat identification and mitigation, creating a scalable, proactive defence mechanism. The updated AED and AEM products automate a closed-loop DDoS attack detection and mitigation process, providing real-time protection by adapting to changing attack vectors and applying mitigation recommendations automatically.

NETSCOUT’s solution also offers comprehensive protection across hybrid IT environments, including on-premise infrastructure, private data centres, and public cloud platforms like AWS and Microsoft Azure, with enhancements such as 200 Gbps mitigation capacity, high-performance decryption, and visibility into non-DDoS threats.

By minimising downtime and safeguarding business-critical services, NETSCOUT’s Adaptive DDoS Protection reduces business risks and protects productivity and reputation. As the threat landscape continues to evolve, organisations can rely on NETSCOUT’s innovative technology to stay ahead of attackers and maintain IT resilience. Industry experts and agencies like the Cybersecurity & Infrastructure Security Agency (CISA) highlight the need for adaptive cybersecurity measures. NETSCOUT’s AI/ML-driven solutions meet these demands by offering robust, future-proof protection for critical IT infrastructure.

stc Bahrain and Huawei to drive digital innovation and talent development

Stc Bahrain has partnered with Huawei to launch the fourth edition of its successful Technical Capacity Program, aligning with Bahrain’s Economic Vision 2030 to foster digital innovation and talent development. The program aims to advance Bahrain’s digital economy by providing extensive training in critical ICT sectors, including networking, cybersecurity, cloud computing, AI, and emerging technologies.

Participants will gain hands-on experience through technology showcases, engaging with the latest industry advancements and best practices. This year, the program will expand across stc Bahrain’s entire technology divisions, including Digital, Business, Wholesale, Consumer, and Customer Experience, reflecting the company’s commitment to empowering its workforce and driving the country’s digital transformation.

The initiative plays a key role in stc Bahrain’s broader digital transformation strategy by equipping employees with the skills necessary to innovate and lead in the telecommunications sector. The program is vital for nurturing a culture of continuous learning and talent development.

Through this collaboration, stc Bahrain is contributing to developing a highly skilled ICT workforce in Bahrain and supporting the kingdom’s goal of achieving sustainable economic growth and leadership in the digital space.

US CISA unveils draft update to National Cyber Incident Response Plan

The US Cybersecurity and Infrastructure Security Agency (CISA) has released a draft update to the National Cyber Incident Response Plan (NCIRP) for public feedback, reflecting changes in cybersecurity, law, policy, and operational processes since the plan’s 2016 release. Developed in collaboration with the Joint Cyber Defense Collaborative (JCDC) and the Office of the National Cyber Director (ONCD), the update aims to improve national preparedness for the growing complexity of cyber threats.

Key updates include clarifying how non-federal stakeholders, such as private sector entities, can participate in cyber incident response efforts, enhancing usability by aligning the plan with the incident response lifecycle, and incorporating the latest legal and policy changes. The NCIRP will now undergo regular updates to stay relevant as threats and technologies evolve.

The NCIRP coordinates efforts across federal agencies, state and local governments, the private sector, and international partners as a strategic framework. It outlines four critical lines of effort (LOEs): Asset Response, Threat Response, Intelligence Support, and Affected Entity Response, ensuring cohesive and coordinated actions during a cyber incident.

The plan also defines two key phases—Detection and Response—focusing on identifying significant incidents and then containing, eradicating, and recovering from them. Coordination between government agencies, private sector entities, and other stakeholders is vital to managing the response and minimising the impact on national security, the economy, and public health.

Collaboration and continuous improvement are central to the NCIRP’s success. The JCDC, Cyber Unified Coordination Group (Cyber UCG), and Cyber Response Group (CRG) ensure all stakeholders are aligned in their efforts, with the CRG overseeing policy coordination and broader strategic responses.

The NCIRP will be regularly reviewed and updated based on feedback and post-incident assessments, allowing it to adapt to new threats and technological changes. CISA is committed to strengthening the nation’s ability to respond to cyber incidents, emphasising the need for an agile, effective framework to keep pace with evolving cyber risks.