Author: Frank Salvato

Amazon’s newly appointed security chief Chet Kapoor says the age of artificial intelligence will dramatically increase the volume of data that must be monitored, making security more complex rather than less. In a recent interview, Kapoor pushed back on the idea that AI will replace security systems; instead, he told reporters that as AI agents spread across corporate networks, they will generate vast quantities of activity and signals that demand even more advanced monitoring and analysis. He also highlighted that the explosion of software code in the AI era will be riddled with bugs and mistakes only more AI can…

The historic TAT-8 submarine fiber-optic cable, the first transoceanic fiber-optic system that once carried international communications between the United States, United Kingdom, and France, is being removed from the ocean floor and recycled after nearly 38 years under the sea; this decommissioning highlights both how physical infrastructure made the modern global internet possible and how nearly all intercontinental data traffic still depends on an extensive network of undersea cables that face ongoing maintenance, technological evolution, and vulnerability challenges. Sources https://www.wired.com/story/say-goodbye-to-the-undersea-cable-that-made-the-global-internet-possible/https://en.wikipedia.org/wiki/TAT-8https://www.subseacables.net/infrastructure-news/venezuela-phases-out-historic-submarine-cable/ Key Takeaways In-Depth The physical underpinnings of the internet are far from ethereal; they are tangible strands of glass and…

Password managers, long billed as essential tools for keeping unique, complex credentials safe across the internet, were recently revealed to have significant vulnerabilities that could undermine their security promises and expose users’ entire password vaults if exploited, raising fresh concerns about reliance on cloud-based credential storage in an era of rising cyberattacks. Researchers have found cryptographic weaknesses in major password management platforms that, under certain circumstances, allow attackers to access protected credentials or even write to users’ vaults, despite claims of “zero knowledge” encryption, and these flaws appear in widely used services beyond just one vendor. Beyond that, a massive…

Cybersecurity experts caution that depending on artificial intelligence to create passwords can seriously weaken digital defenses because AI-generated passwords tend to be predictable and lack sufficient randomness, making them easy for attackers to guess or crack. Research by the cybersecurity firm Irregular found that widely used large language models such as ChatGPT, Claude, and Google Gemini often produce password suggestions with repeating patterns and limited diversity in characters, resulting in low entropy and predictable outputs that could be compromised quickly by brute-force attacks. Industry professionals emphasize that these models aren’t designed to generate truly random strings, and replacing cryptographically secure…

The European Union’s Cyber Resilience framework is poised to significantly reshape the operating environment for managed service providers (MSPs), imposing stricter security-by-design requirements, mandatory vulnerability reporting obligations, and expanded liability exposure for digital products and services placed on the EU market. While supporters argue the legislation will strengthen supply chain security and reduce systemic cyber risk, critics note that the compliance burden—particularly for smaller providers—could drive consolidation, increase operational costs, and introduce legal uncertainty around software components and third-party integrations. MSPs that resell, integrate, or manage software and connected devices may be required to verify conformity assessments, maintain detailed technical…

A recently discovered bug in Microsoft’s Copilot AI allowed the system to read and summarize emails marked as confidential in users’ draft and sent folders — even though policies were put in place to stop it from doing so — sparking serious privacy concerns among enterprises and cybersecurity experts; Microsoft has acknowledged the issue, tracked it as CW1226324, and begun rolling out a fix while asserting no unauthorized access occurred outside authorized user rights, but the incident highlights broader risks in rapid AI deployments. Sources https://www.itpro.com/technology/artificial-intelligence/microsoft-copilot-bug-saw-ai-snoop-on-confidential-emails-after-it-was-told-not-tohttps://www.bleepingcomputer.com/news/microsoft/microsoft-says-bug-causes-copilot-to-summarize-confidential-emailshttps://www.thenews.com.pk/latest/1393111-microsoft-copilot-bug-exposes-confidential-emails-to-ai Key Takeaways • A software flaw in Microsoft 365 Copilot Chat enabled access to…

Cybersecurity researchers are sounding the alarm over a newly identified phishing kit known as “Starkiller,” a sophisticated toolkit that allows attackers to proxy legitimate login pages in real time and capture user credentials—even when multi-factor authentication is enabled. Unlike traditional phishing schemes that rely on crude imitation websites, Starkiller functions as a reverse proxy, quietly sitting between the victim and the authentic service, harvesting usernames, passwords, and session cookies as they are entered. This method enables cybercriminals to bypass common security safeguards and hijack active sessions without raising immediate suspicion. Experts warn that the kit lowers the barrier to entry…

A massive data exposure affecting approximately 1.2 million French banking customers was traced back to a single compromised account at a financial services provider, underscoring once again how fragile modern cybersecurity defenses can be when even one credential is left vulnerable. According to reporting, attackers leveraged access to that lone account to infiltrate systems and extract sensitive customer data, including personal and financial details. The breach did not stem from a sophisticated zero-day exploit or nation-state cyber campaign but rather from the exploitation of insufficient access controls and authentication safeguards tied to one user account. French authorities have launched investigations,…

A new working paper from the National Bureau of Economic Research finds that artificial intelligence tools are delivering measurable productivity gains for white-collar professionals, particularly among higher-skilled and more experienced workers, while offering more modest benefits to lower-skilled employees. The research, focused on AI use in professional service roles, reports that workers using advanced generative AI systems completed tasks more quickly and at higher quality levels compared to those without access to the tools. However, the gains were uneven, with top performers leveraging AI to amplify their output, raising questions about whether the technology narrows or widens workplace inequality. The…

Microsoft announced that it has achieved its goal of matching 100 percent of its global electricity consumption with renewable energy purchases, marking a milestone in its broader pledge to become carbon negative by 2030. The company said it procures renewable energy through power purchase agreements and other contracts designed to offset the electricity consumed by its offices, data centers, and operations worldwide. Executives emphasized that the milestone reflects contracted renewable energy generation equal to the total electricity the company uses annually, rather than a direct, real-time transfer of renewable power to every facility. The announcement comes as major technology firms…