Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Data Risk. Show all posts
data security
AI Risks AI Systems ChatGPT. OpenAI Corporate data Cyber Security Data protection Data Risk data security

China Warns Government Staff Against Using OpenClaw AI Over Data Security Concerns

 

Recently, Chinese government offices along with public sector firms began advising staff not to add OpenClaw onto official gadgets - sources close to internal discussions say. Security issues are a key reason behind these alerts. As powerful artificial intelligence spreads faster across workplaces, unease about information safety has been rising too. 

Though built on open code, OpenClaw operates with surprising independence, handling intricate jobs while needing little guidance. Because it acts straight within machines, interest surged quickly - not just among coders but also big companies and city planners. Across Chinese industrial zones and digital centers, its presence now spreads quietly yet steadily. Still, top oversight bodies along with official news outlets keep pointing to possible dangers tied to the app. 

If given deep access to operating systems, these artificial intelligence programs might expose confidential details, wipe essential documents, or handle personal records improperly - officials say. In agencies and big companies managing vast amounts of vital information, those threats carry heavier weight. A report notes workers in public sector firms received clear directions to avoid using OpenClaw, sometimes extending to private gadgets. Despite lacking an official prohibition, insiders from a federal body say personnel faced firm warnings about downloading the software over data risks. 

How widely such limits apply - across locations or agencies - is still uncertain. A careful approach reveals how Beijing juggles competing priorities. Even as officials push forward with plans to embed artificial intelligence into various sectors - spurring development through widespread tech adoption - they also work to contain threats linked to digital security and information control. Growing global tensions add pressure, sharpening concerns about who manages data, and under what conditions. Uncertainty shapes decisions more than any single policy goal. 

Even with such cautions in place, some regional projects still move forward using OpenClaw. Take, for example, health-related programs under Shenzhen’s city government - these are said to have run extensive training drills featuring the artificial intelligence model, tied into wider upgrades across digital infrastructure. Elsewhere within the same city, one administrative area turned to OpenClaw when building a specialized helper designed specifically for public sector workflows. 

Although national leaders call for restraint, some regional bodies might test limited applications tied to progress targets. Whether broader limits emerge - or monitoring simply increases - stays unclear. What happens next depends on shifting priorities at different levels. Recently joining OpenAI, Peter Steinberger originally created OpenClaw as an open-source initiative hosted on GitHub. Attention around the tool has grown since his new role became known. 

When AI systems gain greater independence and embed themselves into daily operations, questions about safety will grow sharper - especially where confidential or controlled information is involved.
Read more »
Technology
Cyber Threats Data collection Data Risk manufacturing industry online data risks Technology

Data Collection: What are Some ‘Unlikable’ Traits in This Growing Trend?


One of the consequences of the pandemic in the many B2B2C manufacturers was the changes in interactions with their clients. Numerous manufacturing brands in consumer packaged goods (CPG), fashion, equipment, etc. understood the advantages of implementing a direct-to-consumer approach even when the retail shops that would ordinarily distribute their products were shut down.

Due to their business model, which involved selling their goods via resellers, these businesses have typically had little contact with the final consumer. However, several manufacturers smartly constructed digital experiences to interact with, sell to, and gather data from their customers directly as a result of resellers being closed or operating at reduced capacity.

Data that was previously gathered and owned by resellers or intermediaries was suddenly made directly available to manufacturers for them to profit from and learn from. This opened up new revenue streams by charging other organizations for their data, using it to cross- or upsell products, or making the customer experience less complicated.

With all likable traits of data collection, there however exists certain risks that comes with it. These risks not only include data hack, malware or data theft but also exploitation of the collected data that may lead to a brand wreckage or even legal challenges to an organization.

In order to minimize the damaging consequence, organizations are advised to develop a proactive ethical framework rather than any reactive measure, in order to govern the use of technology and data. These principles create a foundation of security and respect for clients, reducing consumer harm.

Moreover, with the evolution of cyber threats, the previously admired strategies are now outdated. There is no longer a secure border or barrier. Through the use of security-in-depth techniques like encrypted communications, segregated areas, granular authentication and authorization, and sophisticated intrusion detection systems, system design should enable risk management and security enforcement across the whole architecture.

Lastly, the manufacturers are also urged to reconsider their views on data in order to effectively address privacy. Particularly, they ought to give top priority to well-considered governance systems that allow for informed choice-making with regard to data collection, access, and utilization. Manufacturers could guarantee that data is treated properly and ethically by designating data owners. For enterprises, having a solid governance framework is important for safeguarding user data and privacy.

Read more »
SQL Server
Business Security Cyber Attacks Data Risk Sever HAck SQL Server

Cyber Assaults via Microsoft SQL Server Surged by 56 percent in 2022

 

Threat analysts at Kaspersky have identified a surge in the number of assaults that employ Microsoft SQL Server processes to attempt to access company infrastructure. 

Earlier this year in September, more than 3,000 SQL servers, which are employed by organizations and small and medium-sized enterprises across the globe to manage databases, were impacted, which is a surge of 56 percent compared to the same period last year, as per the latest findings from Kaspersky’s Managed Detection and Response Report. 

According to Sergey Soldatov, Head of Security Operations Center at Kaspersky, the number gradually increased during the last year, and in April 2022, the number exceeded 3,000, only to see a slight decrease in July and August. 

“Despite the popularity of Microsoft SQL Server, companies do not pay enough attention to protecting against software-related threats. Attacks using malicious processes on SQL Server have been known for a long time, but perpetrators continue to use them to gain access to company infrastructure,” stated Sergey Soldatov. 

There had been a number recent incidents where Microsoft SQL Servers has been exploited by actors. In April, hackers were identified deploying Cobalt Strike beacons on such devices. News of attacks against MS-SQL has also popped up in May, June, as well as October, this year. 

Normally hackers search the internet for endpoints with an open TCP port 1433, and then conduct brute-force attacks against them, until they guess the password. 

Mitigation tips 

To protect against enterprise-targeted threats, cybersecurity experts recommend the following measures: 

• Always update the software on all the devices you use to prevent attackers from infiltrating your network using vulnerabilities. Install updates for new vulnerabilities immediately, because after that they can no longer be abused. 

• Employ latest information about threats to keep up to date with the tactics, techniques and practices utilized by hackers. 

• Implement an authentic endpoint security solution such as Kaspersky Endpoint Security for organizations which represents effective protection against known and unknown threats. 

• Dedicated services can help combat high-profile attacks. Service Kaspersky Managed Detection and Response can help identify and stop intrusions in the early stages, before the cybercriminals achieve their aims.
Read more »
Subscribe to: Comments (Atom)