The collaboration will focus on creating software tailored to Australia’s regulatory environment. Google will contribute its existing open-source vulnerability database and AI services, while CSIRO will apply its research expertise to enhance the project’s outcomes. The goal is to provide customised cybersecurity solutions that align with local laws and promote greater compliance and trust.
The partnership is part of Google’s commitment to invest A$1 billion in Australia over five years, a pledge made in 2021 amidst Australia’s efforts to enforce stricter regulations on global tech companies. The collaboration is seen as a critical step in bolstering the country’s defences against cyber threats.
Why does this matter?
The Australian government has recently imposed stricter requirements on critical infrastructure operators to report and prevent cyberattacks following a series of breaches that compromised the personal data of millions of Australians. The tools developed through this partnership aim to mitigate such risks and ensure the security of essential services.
The findings from this research will be made publicly available, ensuring that critical infrastructure operators can easily access the information and improve their cybersecurity measures.
Two US lawmakers have called on the Biden administration to investigate Chinese company TP-Link Technology Co. over concerns that its WiFi routers could pose a national security risk. The request was made in a letter to the Commerce Department, highlighting the potential for cyber attacks using vulnerabilities in TP-Link firmware. The company, a global leader in WiFi router sales, has not yet responded to the inquiry.
Concerns were raised after reports surfaced that TP-Link routers were exploited in cyber attacks targeting government officials in Europe. The lawmakers expressed fears that similar attacks could be carried out against the US infrastructure. They have urged the Commerce Department to assess the threat posed by Chinese-affiliated routers, particularly TP-Link’s, given its market dominance.
TP-Link, founded in China in 1996, has been linked to cybersecurity concerns before. Last year, the US Cybersecurity and Infrastructure Agency flagged vulnerabilities in the company’s routers that could be used for remote attacks. Around the same time, a Chinese state-sponsored hacking group was found to have targeted European officials using malicious implants in TP-Link routers.
The Commerce Department has the authority to impose bans or restrictions on technology transactions with companies from nations considered adversarial to US interests, including China. The investigation could lead to new measures aimed at preventing potential security risks from Chinese-made equipment in critical US infrastructure.
T-Mobile has been fined $60 million by a US committee focused on national security for failing to prevent and report unauthorised access to sensitive data. The penalty, imposed by the Committee on Foreign Investment in the US (CFIUS), is linked to violations of a mitigation agreement T-Mobile signed during its 2020 acquisition of Sprint Corp.
The data breach occurred in 2020 and 2021, during the integration of Sprint into T-Mobile’s operations. T-Mobile, controlled by Deutsche Telekom, explained that technical issues affected a small number of law enforcement data requests, but emphasised that the information never left the law enforcement community and was swiftly addressed.
The $60 million fine is the largest ever imposed by CFIUS, signalling a stronger approach to enforcement. Officials noted that the transparency of the penalty is intended to deter future violations, highlighting the committee’s commitment to holding companies accountable.
In the past 18 months, CFIUS has issued six penalties, including the one against T-Mobile, far surpassing the number of fines levied in the previous decades. The delay in T-Mobile’s reporting hampered the committee’s efforts to investigate and mitigate potential risks to US national security.
The UK’s National Cyber Security Centre (NCSC) recently brought together international and UK government partners, as well as industry leaders, to discuss the role of cyber deception in cyber defense. The event hosted by the NCSC in London underscored the potential of cyber deception technologies, such as digital tripwires, honeytokens, and honeypots, to enhance national cyber defense strategies. The NCSC aims to establish a comprehensive evidence base on the efficacy of these technologies by promoting their widespread deployment across the country. To achieve this, the NCSC invites public and private sector organisations to contribute to this initiative by sharing their experiences and outcomes from deploying these technologies (as defined by the UK NCSC):
Tripwires: Systems designed to detect unauthorised access by interacting with threat actors, such as honeytokens, to disclose their presence within a network.
Honeypots: Systems that allow threat actors to engage with them, providing opportunities to observe and collect data on their tactics, techniques, procedures, capabilities, and infrastructure for threat intelligence purposes.
Breadcrumbs: Digital artifacts strategically placed within a system to lure threat actors into interacting with tripwires or honeypots, aiding in their detection and study.
To build a comprehensive evidence base on the effectiveness of these tools, the NCSC announced several objectives for this large-scale deployment :
5,000 instances of both low and high interaction solutions across the UK internet, covering both IPv4 and IPv6.
20,000 instances of low interaction solutions within internal networks.
200,000 assets of low interaction solutions deployed within cloud environments.
2,000,000 tokens deployed to bolster detection and intelligence-gathering efforts.
To contribute and participate in this consultation, you contact the UK NCSC at thfcd@ncsc.gov.uk.
A newly identified zero-day flaw linked to the 0.0.0.0 IP address has been exploited by hackers, placing users of major web browsers on macOS and Linux at risk. This vulnerability has been observed in popular browsers like Safari, Chrome, and Firefox, which could potentially allow unauthorised access to private networks. Although Windows users are unaffected, other browsers like Microsoft Edge, Brave, and Opera, which are based on Chromium, are also vulnerable.
The cybersecurity firm Oligo has reported that this flaw enables hackers to communicate with local software on Mac or Linux systems. By using the 0.0.0.0 address instead of localhost, public websites might execute arbitrary code on a visitor’s device, bypassing long-standing security measures. Oligo researchers have estimated that around 100,000 websites could facilitate this attack, which has already been used in targeted strikes on AI workloads.
In response to the threat, Apple has promised to address the issue in the upcoming macOS 15 Sequoia beta by blocking the 0.0.0.0 address. An update to Safari’s WebKit will also block connections to this IP. Chrome is considering a similar approach to ensure that users cannot bypass its Private Network Access protection. Mozilla, however, remains cautious, with a spokesperson noting that tighter restrictions might lead to compatibility issues, and therefore, Firefox has not yet implemented any proposed restrictions.
The widespread nature of the vulnerability and the potential for serious security breaches underscore the urgent need for a solution. Users of affected browsers are encouraged to stay updated on patches and fixes as they become available, particularly from browser developers like Apple, Google, and Mozilla.
The multinational technology magnate has unveiled an internal security platform designed to handle the immense scale of the company’s network. Built on a vast graph database, Mithra helps Amazon manage and protect its systems by filtering vast amounts of data to identify and neutralise malicious domains. Chief Information Security Officer C.J. Moses likens Mithra to a funnel, narrowing down data until human intervention is minimal.
Mithra’s integration with Sonaris, Amazon’s network observation platform, creates a robust defensive net around Amazon’s environments. AI and machine learning are essential for managing the large-scale data, with AI models trained to detect anomalies and potential threats. Generative AI further assists threat analysts by allowing them to interact with data in plain language, enhancing decision-making efficiency.
Amazon’s proactive approach extends beyond technology. The company maintains a strong network of Chief Information Security Officers (CISOs) to facilitate rapid communication and collaboration in times of crisis. The unveiling of Mithra comes as Amazon faces scrutiny over its AI deal with startup Adept and accountability issues for hazardous products in the United States.
Telecommunications firm Lumen Technologies has secured $5 billion in new deals from cloud and tech companies for its networking and cybersecurity solutions. These agreements come as more businesses rush to adapt AI-driven technologies. One notable deal involves Microsoft, which will use Lumen’s network equipment to expand its capacity for AI workloads.
Lumen, which provides secure digital connections for data centres, announced ongoing discussions with customers to secure an additional $7 billion in sales opportunities. The surge in AI adoption has led enterprises across multiple sectors to invest heavily in building infrastructure capable of supporting AI-powered applications.
Major corporations are increasingly seeking high-capacity fibre, a resource becoming valuable and potentially scarce due to growing AI requirements. Lumen’s AI-ready infrastructure and expansive network are key factors driving this demand. According to CEO Kate Johnson, this marks the beginning of a significant opportunity that could lead to one of the largest expansions of the internet ever.
In response to rising demand, Lumen has established a new division, Custom Networks, to oversee its Private Connectivity Fabric solutions portfolio. The division aims to meet the increasing needs of various organisations for secure and reliable connectivity solutions.
A pro-Ukrainian hacker group, known as Cyber Anarchy Squad, has claimed responsibility for hacking the Russian information security firm Avanpost and leaking a significant amount of its data. They also reported destroying more than 60 terabytes of data and leaking 390 gigabytes of ‘valuable information.’
Avanpost, which has been operating in Russia for 15 years and specialises in developing authorisation and authentication systems for local businesses, confirmed the incident. The company acknowledged that its infrastructure was hit by a ‘serious cyberattack’ but did not provide details on the extent of the damage or the specific data that was leaked.
Avanpost advised its customers, including Russian airports, a large water supply company, and telecom service providers, to update their identification data and change passwords ‘as a precaution.’ The company also urged people not to trust ‘rumors’ and to rely only on official information.
The exact method of the hackers’ entry into Avanpost’s system, the tools they used, and the specifics of the leaked data remain unclear.
Cyber Anarchy Squad shared some of the allegedly leaked data on Telegram and the file hosting service Mega. They also posted screenshots of what they claim to be a group chat of Avanpost employees discussing the hack. However, the authenticity of this data could not be independently verified.
The Paris Olympics will highlight the use of generative AI for American viewers, while European audiences will experience a more traditional approach. Comcast’s NBCUniversal plans to integrate AI into its US broadcast, including recreating the voice of a legendary sportscaster. Meanwhile, Warner Bros. Discovery’s sports division in Europe considers the technology too immature for roles like sports commentating.
Warner Bros. Discovery, which will stream the Games on its Max and discovery+ platforms across Europe, has tested AI for translating speech but found it lacks the emotion needed for thrilling sports moments. Scott Young, senior vice president at Warner Bros. Discovery Sports Europe, emphasised that AI struggles to capture the genuine excitement of live commentary. The difference in approaches reflects global media companies’ varied stances on AI technology, as France also plans to allow AI-powered surveillance during the Olympics, highlighting its broad application.
In the US, NBCUniversal will collaborate with Google and Team USA to enhance the viewing experience with AI, including AI-enhanced Google Map images of Olympic venues and AI-generated personalised daily briefings narrated by an AI recreation of Al Michaels’ voice. The Olympic Broadcasting Services is also using AI to produce quick highlights but remains cautious about deepfake risks. Additionally, extensive cybersecurity measures are being implemented to protect the Games from cyber threats, showcasing the crucial role of AI in ensuring safety and security.
As AI capabilities advance, European sports fans may soon experience similar technology. Warner Bros. Discovery anticipates significant AI integration by the 2028 Los Angeles Olympics. The International Olympic Committee (IOC) is already implementing AI for athlete safety and deploying AI tools to counter cyber threats at the 2024 Olympics, illustrating the growing influence of AI in sports.
The US cybersecurity company has successfully restored 97% of its Windows sensors following a global outage caused by a faulty software update. The issue, which began nearly a week ago, affected 8.5 million devices running Microsoft’s Windows operating system, leading to significant disruptions in services, including flights, healthcare, and banking.
The outage was triggered by a fault in CrowdStrike’s Falcon platform sensor, a security agent designed to protect devices from threats. The fault caused computers to crash and display the notorious blue screen of death. In response, CrowdStrike deployed a fix and mobilized all resources to support customers, enhancing recovery efforts with automatic recovery techniques.
The recovery comes amidst scrutiny over the cybersecurity firm’s quality control measures. Despite the challenges, CrowdStrike’s swift response has helped mitigate further impact and restore critical services globally.
