Aviva Zacks of Safety Detectives recently sat down with Antonio Rotolo, Co-Founder and CEO of Ludwig. She asked him how AI is changing our lives.
Safety Detecti

Scientists are using artificial intelligence (AI) to help people express their ideas.

Wetenschappers gebruiken kunstmatige intelligentie (AI) om mensen te helpen hun ideeën uit te drukken.

Aviva Zacks of Safety Detectives recently sat down with Antonio Rotolo, Co-Founder and CEO of Ludwig. Antonio Rotolo: If English is supposed to be the language of our planet, then it should belong to everybody and not only to those born in English-speaking countries. Writing in perfect English is indeed a fundamental requirement for anyone who wants to succeed in a scientific career: the main goal of any scholar is that of writing a number of scientific papers to advance in their career and to write good papers you need to get funded, and so you have to write research projects… and to write a good project you need to establish connections, often by sending emails.

Aviva Zacks van Safety Detectives heeft onlangs een gesprek gehad met Antonio Rotolo, mede-oprichter en CEO van Ludwig. Antonio Rotolo: Als het Engels de taal van onze planeet moet zijn, dan moet het van iedereen zijn en niet alleen van diegenen die in Engelssprekende landen geboren zijn. We zijn Ludwig begonnen om iedereen in de wereld dezelfde kans te geven om te communiceren.

Aviva Zacks of Safety Detectives recently sat down with Antonio Rotolo, Co-Founder and CEO of Ludwig. She asked him how AI is changing our lives.

Safety Detectives: What motivated you to start your company?

Antonio Rotolo: If English is supposed to be the language of our planet, then it should belong to everybody and not only to those born in English-speaking countries. We started Ludwig to give everybody in the world the same opportunity to communicate.

Let’s take research and academia as an example. Writing in perfect English is indeed a fundamental requirement for anyone who wants to succeed in a scientific career: the main goal of any scholar is that of writing a number of scientific papers to advance in their career and to write good papers you need to get funded, and so you have to write research projects… and to write a good project you need to establish connections, often by sending emails. This can be quite challenging for non-native speakers of English. With Ludwig, we help people express and share their ideas fluently and with confidence, and as a consequence to progress in their careers and life.

I know how difficult it is because I confronted myself with English writing in my previous life as a university researcher. In fact, my childhood dream was that of becoming a professor of Archaeology (and after two MA degrees, a Ph.D., and a few postdocs, I got pretty close to making it happen), then one postdoc at MIT was an eye-opening experience that made me reset my goals and to abruptly change my career path. At MIT, I decided I wanted to become an entrepreneur and solve the English writing problem once and for all. Together with my co-founders Roberta Pellegrino and Federico Papa (both of them former researchers that shared the same difficulty) we decided to start Ludwig.

SD: Tell me about your service. AR: We define Ludwig as a sentence search engine for the English language. When searching on Ludwig, users find several example sentences taken from reliable sources, such as encyclopedias, scientific journals, or newspapers, that help them find the right words to express their ideas. If you are wondering whether you have chosen the right word or your sentences sound clear enough, you can compare what you have written with the instances provided by Ludwig. Ludwig, the name of our service, is a tribute to Ludwig Wittgenstein, the father of the Philosophy of Language who used to say that the “limits of our language are the limits of our world”. Our world is actually limited by how we are able to express ourselves.

AR: Differently from other writing tools, we were the first to shift the focus from empowering the algorithm to “empowering the writer”. We give our users the right pieces of information to make an informed decision on how they would like to express themselves.

With Ludwig, the user is not passively receiving corrections from an algorithm that points out (alleged) grammar mistakes. With Ludwig, the user is active in the process and is actively learning new words and expressions and ultimately how to write better.



SD: How is AI changing our lives?

AR: Whether we like it or not, AI plays an increasingly important role in our lives. Deep Learning and Deep Neural Networks are doing incredible things in the field of Computational Linguistics (i.e. the way computers understand and express human languages) and yet, a perfect understanding of human languages by machines is not something that is going to happen any time soon.

The task of disambiguating human communication (which is ambiguous by definition) with the perfect algorithm is like trying to empty the ocean with a spoon. I think that rather we should embrace the ambiguity characterizing any natural human language and build AI technologies that will help us in making better-informed decisions. As mentioned above, the real goal of technology should be that of empowering human beings, rather than creating perfect algorithms.



SD: How is the pandemic affecting your industry?

AR: Since we are an online service, Ludwig’s business wasn’t directly affected by the pandemic but our lives were. At Ludwig, we believe that science, a sense of community, and individual responsibility are key to winning the fight against COVID-19.

Following a request from the White House Office of Science and Technology Policy, a team of top research leaders across tech, academia, and government joined to build the most extensive machine-readable Coronavirus literature collection for data and text mining. We decided to give our help with our means and technology and used that data to create LIA COVID-19, a sentence search engine specifically meant to help researchers, medical doctors, biologists, virologists, find Covid-19 related scientific papers with ease.

Interview with Antonio Rotolo – Ludwig

MariaDB Corporation released Xpand 6 with significant new features, all in the pursuit of maximizing performance.

The world’s biggest data processing firm has released a new version of its database.

s Werelds grootste gegevensverwerkingsbedrijf heeft een nieuwe versie van zijn databank uitgebracht.

MariaDB Corporation released Xpand 6 with significant new features, all in the pursuit of maximizing performance. With fast operational analytics, Xpand now has the smarts to eliminate the need and inconsistencies of loading data to operational data warehouses. As businesses around the world face unpredictable demand and change, they need a database that handles surprise increases in transactions and more diverse workloads while maintaining strict data consistency and availability.

Met snelle operationele analyses beschikt Xpand nu over de slimmigheid om de noodzaak en de inconsistenties van het laden van gegevens naar operationele data warehouses te elimineren. Omdat bedrijven overal ter wereld te maken hebben met onvoorspelbare vraag en veranderingen, hebben ze een database nodig die een onverwachte toename van het aantal transacties en meer uiteenlopende workloads aankan en toch een strikte gegevensconsistentie en -beschikbaarheid behoudt. In tegenstelling tot AWS Aurora's opslagreplicatie of Postgres' leesreplicatie, is Xpand een echte multi-writer, naar elke node kan worden geschreven en voegt schaal toe voor lezen en schrijven.

MariaDB Corporation released Xpand 6 with significant new features, all in the pursuit of maximizing performance.

With fast operational analytics, Xpand now has the smarts to eliminate the need and inconsistencies of loading data to operational data warehouses. Faster parallel data replication across global regions is putting global deployments in everyone’s reach.

As businesses around the world face unpredictable demand and change, they need a database that handles surprise increases in transactions and more diverse workloads while maintaining strict data consistency and availability.

MariaDB Xpand is a fully distributed SQL database with a shared nothing architecture. Unlike AWS Aurora’s storage replication or Postgres’ read replication, Xpand is a true multi-writer, any node can be written to and adds scale for reads and writes.

Columnar data models are popular for ad hoc analytics and perform well on large amounts of data. Xpand is the first modern distributed SQL database supporting this powerful feature for online-transaction processing. Xpand uses columnar indexes for real-time operational analytics directly on transactional data, without losing consistency or missing the latest transactions.

The new columnar feature enables companies to run ad hoc queries in Xpand with speeds up to 50x faster. Best performance is guaranteed as the fully cost based optimizer will determine the faster path, columnar or not. Applications immediately benefit from the new feature without any changes after columnar indexes have been activated.

Developers can leverage this new feature to provide smarter applications, better user experiences and personal analytics giving their application users the latest status and insights on all data changes that may impact them.

With parallel replication, Xpand implements the equivalent of a multi-lane highway for asynchronous replication of data across geo-locations. The data replication is done independently by each node in the cluster, which increases throughput at lower latency. Xpand provides transactional consistency by maintaining the order of transaction during replication. Powered by Xpand 6, customers can deploy their global applications across regions and cloud vendors to survive any hyperscaler outages.

“With these key new features in Xpand, developers get to broaden their use of analytics in applications without having to worry about performance, at the same time supporting the capability is literally effortless for the database administrators,” said Robbie Mihalyi, senior vice president of engineering at MariaDB Corporation. “The parallel replication capabilities have been shaped by our customers and their business needs, giving them maximum data transfer speeds at minimal latency and control over their data flows.”

MariaDB Xpand 6 improves performance of operational analytics

The show, starring Rhys Darby as Stede Bonnet and Waititi as Blackbeard, arrives on HBO Max in March.

We’re getting a sense of wry humor from the new HBO Max comedy What We Do in the Shadows, starring Rhys Darby as Blackbeard.

De nieuwe HBO Max-komedie What We Do in the Shadows, met Rhys Darby als Blackbeard in de hoofdrol, heeft een wrang gevoel voor humor.

What if What We Do in the Shadows was about swashbucklers on the high seas rather than vampires on Staten Island? After trading in the seemingly charmed life of a gentleman for one of a swashbuckling buccaneer, Stede becomes captain of the pirate ship Revenge. Struggling to earn the respect of his potentially mutinous crew, Stede’s fortunes change after a fateful run-in with the infamous Captain Blackbeard, played by Waititi.

Een gloednieuwe trailer is gearriveerd en we zijn meer dan ooit opgewonden om deze te bekijken. Deze Max Original komt niet alleen van Oscarwinnaar Waititi, die hier zowel hoofdrolspeler als producent is, maar ook van bedenker en showrunner David Jenkins, die eerder onder meer de erg grappige buitenaardse ontvoeringskomedie People of Earth op zijn naam schreef. Stede probeert het respect van zijn muitende bemanning te verdienen, maar zijn lot verandert na een noodlottige ontmoeting met de beruchte kapitein Blackbeard, gespeeld door Waititi.

What if What We Do in the Shadows was about swashbucklers on the high seas rather than vampires on Staten Island? We’re getting a similar sense of wry humor from Taika Waititi’s next TV project: pirate comedy Our Flag Means Death, starring Rhys Darby as “gentleman pirate” Stede Bonnet and Waititi himself as Blackbeard. A brand-new trailer has arrived and we’re more excited than ever to watch this one.

This Max Original hails not just from Oscar winner Waititi, who’s both co-star and producer here, but also creator and showrunner David Jenkins, whose previous credits include the very funny alien-abduction comedy People of Earth. Here’s the official description of Our Flag Means Death: “The unique new comedy is (very) loosely based on the true adventures of 18th century would-be pirate, Stede Bonnet, played by Rhys Darby. After trading in the seemingly charmed life of a gentleman for one of a swashbuckling buccaneer, Stede becomes captain of the pirate ship Revenge. Struggling to earn the respect of his potentially mutinous crew, Stede’s fortunes change after a fateful run-in with the infamous Captain Blackbeard, played by Waititi. Stede and crew attempt to get their ship together and survive life on the high seas.”

As if Darby and Waititi weren’t enough to get you to watch, the rest of the ensemble cast includes Nathan Foad, Samson Kayo (Truth Seekers), Vico Ortiz, Ewen Bremner, Joel Fry, Matt Maher, Kristian Nairn (Game of Thrones), Con O’Neill, Guz Khan, David Fane, Rory Kinnear, Samba Schutte, Nat Faxon, Fred Armisen, and Leslie Jones. 



The HBO Max show will run 10 episodes total; the first three will arrive March 3, followed by three more on March 10, then two each on March 17 and 24.

Wondering where our RSS feed went? You can pick the new up one here.

Taika Waititi's New Series Our Flag Means Death Looks Yo-Ho-Ho-Larious

Threat actors leveraging the Brainjacking technique to obtain unauthorized access to neural implants deployed in a human brain.

Cyberattacks on connected medical devices have become a pressing issue to businesses around the world.

Cyberaanvallen op aangesloten medische apparatuur zijn voor bedrijven over de hele wereld een urgent probleem geworden.

Several cybersecurity experts stated that certain connected medical devices implanted in a human’s body or brain could be hijacked—they are calling this Brainjacking. Brainjacking is a kind of cyberattack in which a hacker obtains unauthorized access to neural implants in a human body. Hacking surgically implanted devices in a human brain could allow an attacker to control the patient’s cognition and functions, potentially resulting in drastic consequences.

In het algemeen wordt bij een cyberaanval het apparaat van het slachtoffer gecompromitteerd en de werking ervan gecontroleerd. Verscheidene deskundigen op het gebied van cyberbeveiliging hebben verklaard dat bepaalde aangesloten medische apparatuur die in het lichaam of de hersenen van een mens is geïmplanteerd, kan worden gekaapt - zij noemen dit Brainjacking. Het hacken van chirurgisch geïmplanteerde apparatuur in de hersenen van een mens kan een aanvaller in staat stellen de cognitie en de functies van de patiënt te controleren, met mogelijk drastische gevolgen.

In the present connected world, wireless IoT devices make human lives smarter and more vulnerable to security risks than ever. Almost every connected device can be hacked, from smart TVs to smart vehicles. In general, a cyberattack compromises the victim’s device and controls its operations. However, the most concerning issue for the health care sector is cyberattacks on implanted medical devices. Several cybersecurity experts stated that certain connected medical devices implanted in a human’s body or brain could be hijacked—they are calling this Brainjacking.

Brainjacking is a kind of cyberattack in which a hacker obtains unauthorized access to neural implants in a human body. Hacking surgically implanted devices in a human brain could allow an attacker to control the patient’s cognition and functions, potentially resulting in drastic consequences.

Brain implants also referred to as neural implants, are microchips that connect directly to a human’s brain to establish a brain-computer interface (BCI) in the brain that has become dysfunctional due to medical issues.

The unauthorized control of brain implants was represented as science fiction in movies, but with advances in medical technology, it is now becoming a real threat. According to a research from the Oxford Functional Neurosurgery, medical implants become vulnerable to various cyberthreats.

The researchers stated that hackers leverage different mechanisms like Blind attacks to gain unauthorized access to an implant. A blind attack could cause severe damages to human implants, including cessation of stimulation, draining implant batteries, inducing tissue damage, information theft, impairment of motor function, alteration of impulse control, modification of emotions, and induction of pain, etc.

Cyberattacks in the health care sector have become rampant recently. With multiple intrusions and attacks on connected medical devices, the health care providers continued to be the primary target for cybercriminals. In line with a research, around 83% of connected medical devices are at security risks for running on outdated software.

Earlier, the Food and Drug Administration (FDA) in the U.S. released a draft of premarket guidance for medical device cybersecurity. The draft comprises new recommendations for internet-connected medical device manufacturers on assessing cybersecurity in the review of medical devices to ensure protection against cyberthreats.

Will IoT Ever be 100% Secure?

The number of IoT devices is estimated to reach 83 billion by 2024, from 35 billion in 2020, which represents a growth of 130% over the next five years. With the growing cyberattacks on connected devices, IoT security has become a pressing issue to organizations globally.

Commenting on the same with CISO MAG, Chukwudum Chukwudebelu, CSO and Co-Founder at Simius Technologies Inc., said, “The IoT technology will always improve, but it will never be 100% secure. As long as it is connected to the internet, there is always a risk. The best chance at cybersecurity is to reduce that risk. Since the internet was not built to be secure, rather, it was designed to be shared. Industries are increasing the use of IoTs, and consumers are doing the same.

“In the next five years, many of these industries will become fully dependent on IoT devices. They will need to be secure to reduce risk, and the manufacturers of these devices, together with the cybersecurity companies and government, have to find a way to work together to deliver 100% secure IoT devices. By constantly keeping up with the threats and vulnerabilities while being on point to thwart or prevent an attack at a moment’s notice. There’s no such thing as the cyber police yet, but I am sure that it will become recognized and more prominent as a need with most law enforcement agencies.”

What is Brainjacking? How Does it Work?

FBI stated that cybercriminals are leveraging SIM swapping attacks to steal millions from U.S. citizens.

The US Federal Bureau of Investigation (FBI) has warned that SIM swap attacks are increasing.

Het Amerikaanse Federal Bureau of Investigation (FBI) heeft gewaarschuwd dat het aantal SIM-ruilaanvallen toeneemt.

FBI stated that cybercriminals are leveraging SIM swapping attacks to steal millions from U.S. citizens. From January 2018 to December 2020, the FBI Internet Crime Complaint Center (IC3) received 320 complaints related to SIM swapping incidents with adjusted losses of approximately $12 million. In a SIM swap attack, the attacker calls service providers and tricks them into changing a victim’s phone number to an attacker-controlled SIM card.

Het agentschap heeft onlangs bekendgemaakt dat het aantal SIM-ruilaccounts is toegenomen om de virtuele valutarekeningen van slachtoffers te compromitteren en geld te stelen. Van januari 2018 tot december 2020 heeft het Internet Crime Complaint Center (IC3) van de FBI 320 klachten ontvangen in verband met SIM-swappingincidenten met gecorrigeerde verliezen van ongeveer 12 miljoen dollar. Bij een SIM-swapaanval belt de aanvaller serviceproviders en verleidt hen ertoe het telefoonnummer van het slachtoffer te veranderen in een SIM-kaart die in handen is van de aanvaller.

FBI stated that cybercriminals are leveraging SIM swapping attacks to steal millions from U.S. citizens. The agency recently disclosed the increase in SIM swapping accounts to compromise victims’ virtual currency accounts and steal money. From January 2018 to December 2020, the FBI Internet Crime Complaint Center (IC3) received 320 complaints related to SIM swapping incidents with adjusted losses of approximately $12 million. In 2021, IC3 received 1,611 SIM swapping complaints with adjusted losses of more than $68 million.

A SIM Swapping attack is one of the simplest ways cybercriminals bypass users’ 2FA protection. In a SIM swap attack, the attacker calls service providers and tricks them into changing a victim’s phone number to an attacker-controlled SIM card. This allows the attacker to reset passwords and access victims’ sensitive data.

The FBI recommended users follow certain security precautions to avoid SIM swapping threats. These include:
• Do not advertise information about financial assets, including ownership or investment of cryptocurrency, on social media websites and forums.
• Do not provide your mobile number account information over the phone to representatives who request your account password or pin. Verify the call by dialing the customer service line of your mobile carrier.
• Avoid posting personal information online, such as mobile phone numbers, addresses, or other personally-identifying information.
• Use a variety of unique passwords to access online accounts.
• Be aware of any changes in SMS-based connectivity.
• Use strong multi-factor authentication methods such as biometrics, physical security tokens, or standalone authentication applications to access online accounts.
• Do not store passwords, usernames, or other information for easy login on mobile device applications.
• Carefully inspect incoming email addresses containing official correspondence for slight changes that make fraudulent addresses appear legitimate and resemble actual clients’ names.
• Set strict security protocols enabling employees to effectively verify customer credentials before changing their numbers to a new device.

If you suspect that you are a victim of SIM swapping:
• Contact your mobile carrier immediately to regain control of your phone number.
• Access your online accounts and change your passwords.
• Contact your financial institutions to place an alert on your accounts for suspicious login attempts and/or transactions.
• Report information concerning all suspicious activity to your local law enforcement agency or your local FBI field office (contact information can be found at www.fbi.gov/contact-us/field-offices.)
• Report the activity to the FBI’s Internet Crime Complaint Center at www.ic3.gov.

FBI Issues a Lookout for SIM Swapping Attacks

Malicious QR codes pose severe security threats to users and corporates as cybercriminal groups exploit QR codes via Quishing and QRLjacking attacks

Consumers are being warned about the risks associated with QR codes, which could lead to a surge in cyber threats.

Consumenten worden gewaarschuwd voor de risico's van QR-codes, wat kan leiden tot een sterke toename van cyberdreigingen.

Quick-Response (QR code) technology was well received and much used after people turned to contactless transactions. However, the rise of digital transactions via QR code technology also introduced new cyber threats, which most people are unaware of. According to research, more than 1.5 billion people leveraged QR codes for digital transactions in 2020 globally, and threat actors have already exploited the trend.

Quick-Response (QR-code) technologie werd goed ontvangen en veel gebruikt nadat mensen waren overgeschakeld op contactloze transacties. Met de opkomst van digitale transacties via QR-code-technologie zijn echter ook nieuwe cyberdreigingen ontstaan, waarvan de meeste mensen zich niet bewust zijn. Volgens onderzoek hebben in 2020 wereldwijd meer dan 1,5 miljard mensen QR-codes gebruikt voor digitale transacties, en bedreigingsactoren hebben deze trend al uitgebuit.

Since the outbreak of the COVID-19 pandemic, there has been a dramatic change in consumer technology across the globe. Quick-Response (QR code) technology was well received and much used after people turned to contactless transactions. However, the rise of digital transactions via QR code technology also introduced new cyber threats, which most people are unaware of.

According to research, more than 1.5 billion people leveraged QR codes for digital transactions in 2020 globally, and threat actors have already exploited the trend.

A QR code is a barcode that allows users to instantly access information by a digital device. QR codes store data as a series of pixels in a square-shaped grid and are mostly used to track details of a particular product in a supply chain. Consumer-based QR codes pose severe security threats to corporate systems and data. Several cybercriminal groups exploit QR codes via Quishing and QRLjacking attacks to compromise targeted devices and steal sensitive financial data.

Like phishing attacks, threat actors use different lures and tactics to trick users into scanning the malicious QR code. The types of QR code attacks include:

In a Quishing attack, threat actors send a phishing email containing a malicious QR code attachment. Once the user scans the QR code, it will direct the user to a phishing page that captures sensitive data like users’ login credentials.

Most organizations use Quick Response Code Login (QRL) as an alternative to password-based authentication procedures. A QRL allows users to log in to their accounts by scanning a QR code, which is encrypted with the user’s login credentials.

QRLJacking is like a social engineering attack capable of session hijacking affecting all accounts that rely on the Login with the QR code feature. In a QRLjacking attack, threat actors trick unwitting users into scanning a specially crafted QRL rather than the legitimate one. Once the victim scans the malicious QRL, the device gets compromised, allowing the attacker to take over complete control over the device.

Additionally, threat actors leverage “honeypot” techniques such as enticing users with a free Wi-Fi network that scans the QR Code. Bad actors also replace QR codes in public places with malicious ones that redirect users to phishing sites. The malicious QR codes can connect the victim’s device to a malicious network to reveal the user’s location and initiate fraudulent payments. Most fraudulent QR codes can easily evade traditional security detections that only scan the email/site content rather than suspicious barcodes.

While avoiding QR code scans may be impractical, taking certain proactive measures may help mitigate the risks associated with QR code technology.
• Do not log in to an application or service via a QR code.
• Remember, there is no need to scan a QR code to receive money. So, never believe it when someone encourages you to do so.
• Never initiate the payment, if you get a notification to put any sensitive information when you scan a QR code.
• Do not scan QR codes received via emails from unknown sources.
• Ensure the QR is original and not pasted over with another one.
• Use QR scanner software to view the URL before clicking on it.

QR code attacks, like ransomware and phishing attacks, are becoming more frequent across the global threat landscape. With new kinds of cyber threats predicted to surge in 2022, users should be vigilant about the risks involved and think before scanning their next QR code.

How Cybercriminals Exploit QR Codes to Their Advantage

Threat actors make significant efforts in displaying their fake identity by using peculiar or catchy phrases that demand attention. . CISO MAG decodes some fancy names of cybercriminal groups.

Cybersecurity experts have been investigating the existence of a group of cybercriminals known as Shiny Hunters and Fancy Bear.

Cyberbeveiligingsdeskundigen hebben onderzoek gedaan naar het bestaan van een groep cybercriminelen die bekend staan als Shiny Hunters en Fancy Bear.

People with basic cybersecurity knowledge can easily tell that the ShinyHunters black-hat cybercriminal group has been involved in various data breaches, cyberattacks, and extortion schemes on dark web forums. Even the Twitter profile of ShinyHunters group has a shiny Pokémon profile picture, representing that they shiny hunt rare or sensitive information that is not readily available or accessible. InfinityBlack represents the endless cybercriminal activities of the group to steal online credentials, cryptocurrency wallets, loyalty reward points, and much more.

Mensen met basiskennis van cyberbeveiliging kunnen gemakkelijk zien dat de black-hat cybercriminele groep ShinyHunters betrokken is geweest bij diverse gegevensinbreuken, cyberaanvallen en afpersingsconstructies op dark web-fora. Zelfs het Twitter-profiel van de groep ShinyHunters heeft een glimmende Pokémon-profielfoto, die voorstelt dat zij op zeldzame of gevoelige informatie jagen die niet gemakkelijk beschikbaar of toegankelijk is. InfinityBlack vertegenwoordigt de eindeloze cybercriminele activiteiten van de groep om online referenties, cryptocurrency portefeuilles, loyalty beloningspunten, en nog veel meer te stelen.

People with basic cybersecurity knowledge can easily tell that the ShinyHunters black-hat cybercriminal group has been involved in various data breaches, cyberattacks, and extortion schemes on dark web forums. But in general, Shiny Hunter is a character in the Pokémon video game series, who hunts and collects shiny Pokémon that are considered trophies or rewards in the game. Even the Twitter profile of ShinyHunters group has a shiny Pokémon profile picture, representing that they shiny hunt rare or sensitive information that is not readily available or accessible.

The term Infinity indicates limitlessness or without bound, and Black signifies the identity of black-hat hackers. InfinityBlack represents the endless cybercriminal activities of the group to steal online credentials, cryptocurrency wallets, loyalty reward points, and much more. The group was busted last year by the Polish National Police (Policja) in coordination with Eurojust, Swiss law enforcement, and Europol authorities.

This is a simple yet powerful name, indirectly stating that threat actors work in silence, but their cyber activities make noise. The Silence hacking group is known for its extortion schemes with banks and financial institutions globally.

This cute-sounding threat actor group is involved in multiple illicit cryptomining activities using malicious botnets. While there is no solid evidence on where the group name is derived, we suspect that the attackers were inspired by the popular Chinese cuisine Lemon Duck.

In general, Backdoor Diplomacy is the process of resolving any political or territorial disputes between two countries out of the public view. Coincidentally, the BackdoorDiplomacy cybercriminal operations involve targeting charitable groups, diplomatic organizations, and Ministries of Foreign Affairs to impact their operations.

Fancy Bear is an infamous Russian cyberespionage group that is responsible for various hacking operations across the globe. The Russian bear symbolizes the country’s nationalism and has been used widely in cartoons and caricatures representing Russia. We suspect that the Fancy Bear group (also known as Cozy Bear) used the word “Bear” to indicate its Russian origin and promote its political interests. The U.K. National Cyber Security Centre (NCSC) has also exposed a cyberattack campaign involving the GRU (which is associated with Fancy Bear and other cybercriminal syndicates) targeting political and governmental institutions. Rudra Srinivas is a Senior Feature Writer and part of the editorial team at CISO MAG. He writes news and feature stories on cybersecurity trends. Read More from the author.

Smart or Stupid? Cybercriminal Group Names Decoded!

Unpatched vulnerabilities and design flaws in IoT devices have become a gateway for threat actors to penetrate user and corporate networks. Read this article to know the three common IoT attacks.

In our series of letters from African journalists, novelist and writer Adaobi Tricia Nwaubani looks at how connected technology has changed the way we communicate.

In onze serie brieven van Afrikaanse journalisten bekijkt romanschrijfster Adaobi Tricia Nwaubani hoe verbonden technologie de manier waarop we communiceren heeft veranderd.

Since IoT devices are smart devices and often interact with other devices over the internet, the personal information they collect makes them vulnerable to various security risks. Other Side of the CoinIn addition to the ease of technological advancements, the proliferation of connected IoT devices also introduced new kinds of remote attacks causing severe damage to critical digital infrastructure. According to a survey, 84% of organizations have deployed IoT devices on their corporate networks, and more than 50% don’t maintain the necessary security measures beyond default passwords.

De opkomst van aangesloten apparaten heeft de manier waarop de gegevens van gebruikers worden verwerkt en opgeslagen ingrijpend veranderd. Andere kant van de muntNaast het gemak van de technologische vooruitgang, heeft de proliferatie van aangesloten ivd-apparaten ook nieuwe soorten aanvallen op afstand geïntroduceerd die ernstige schade toebrengen aan kritieke digitale infrastructuur. Volgens een onderzoek heeft 84% van de organisaties IoT-apparaten ingezet op hun bedrijfsnetwerken, en meer dan 50% handhaaft niet de noodzakelijke beveiligingsmaatregelen die verder gaan dan standaardwachtwoorden.

The explosion of IoT technologies incited users and organizations to swiftly adopt IoT devices to enhance process control and boost productivity. The rise of connected devices has transformed the way users’ data is processed and stored. Since IoT devices are smart devices and often interact with other devices over the internet, the personal information they collect makes them vulnerable to various security risks.

Other Side of the Coin

In addition to the ease of technological advancements, the proliferation of connected IoT devices also introduced new kinds of remote attacks causing severe damage to critical digital infrastructure. A remote hacker can monitor a smart house or break into an organization’s network by exploiting the unpatched vulnerabilities in the connected systems.

According to a survey, 84% of organizations have deployed IoT devices on their corporate networks, and more than 50% don’t maintain the necessary security measures beyond default passwords. Cybercriminals often rely on IoT connections to compromise network systems and steal personal information. Unpatched vulnerabilities and manufacturing defects in connected devices become a gateway for threat actors to penetrate corporate networks.

While there are various security incidents reported on IoT networks, the most common IoT attacks include:

An attacker could monitor targeted networks and steal personal data by exploiting security loopholes and weak connections between IoT devices and the server. Recently, security experts have disclosed a vulnerability present in over 83 million IoT devices that could allow attackers to eavesdrop on live video and audio streams and take over control of the vulnerable devices. Earlier, the researchers also found a novel side-channel attacking technique that allows eavesdroppers to spy on conversations happening in a room from a nearby location by watching a light bulb hanging in that room.

A privilege escalation attack involves obtaining unauthorized access of privileges or elevated rights by a malicious insider or an external attacker. In privilege escalation attacks, threat actors exploit privilege escalation vulnerabilities such as unpatched bugs in the system, misconfiguration, or inadequate access controls.

Most IoT device users keep the default or easy-to-remember passwords, allowing brute-force attackers to access the targeted IoT connections quickly. In brute-force attacks, threat actors guess passwords using dictionaries or common word combinations to penetrate IoT networks. Enabling robust authentication procedures like two-factor authentication (2FA), multi-factor authentication (MFA), and zero-trust models can mitigate brute-force attacks.

The capabilities of IoT technology continue to evolve, but IoT devices can’t be completely secure. Since IoT devices are not built to detect and mitigate potential cyberthreats, they could pose a serious risk to organizations unless they aren’t adequately secured.

Advanced digital risk management

Just in

What is Brainjacking? How Does it Work?

FBI Issues a Lookout for SIM Swapping Attacks

How Cybercriminals Exploit QR Codes to Their Advantage

Smart or Stupid? Cybercriminal Group Names Decoded!

3 Common IoT Attacks that Compromise Security

Hot topics

Top 5 topics

Top 5 persons

Cyber news

Interview with Antonio Rotolo – Ludwig

MariaDB Xpand 6 improves performance of operational analytics

Taika Waititi's New Series Our Flag Means Death Looks Yo-Ho-Ho-Larious