EU inquiries about generative AI risk management by major tech platforms like Google, Facebook, and Tiktok

EU regulators are intensifying their examination of major tech firms like Google, Facebook, and TikTok concerning their handling of risks related to generative artificial intelligence, particularly the rise of deepfakes. The European Commission has dispatched questionnaires to eight platforms and search engines, including Microsoft's Bing, Instagram, Snapchat, YouTube, and X (formerly Twitter), to understand their efforts in mitigating the risks associated with generative AI. This action is part of the EU's implementation of the Digital Services Act, aimed at regulating online platforms and ensuring user safety. Until the AI Act, the first comprehensive AI regulation globally, is fully enacted, the EU is relying on existing regulations like the DSA. Apart from deepfakes, concerns also encompass other AI-related risks such as the dissemination of false information and automated manipulation for deceptive purposes.


Hacked health care giant shows recovery progress, yet small clinics face ongoing concerns

Following a cyberattack last month on a major health insurance billing company in the United States, the situation is gradually stabilizing. While 95% of Change Healthcare's health insurance claims are now being processed, there are still concerns for smaller health clinics, especially in rural areas, which may require assistance to remain operational. The cyberattack, which affected Change Healthcare's computer systems handling electronic payments and insurance claims, has been described as the most significant attack in US healthcare history by the American Hospital Association. While Change Healthcare has restored some of its services, the full financial impact of the attack remains unclear, with billions of dollars reportedly halted in payments to healthcare providers.


NetSuite 2024.1 introduces AI capabilities: text enhance, bill capture, and more

NetSuite 2024 Release 1 introduces AI tools to simplify adoption. Text Enhance uses generative AI for tasks like drafting product descriptions and customer communications. NetSuite Bill Capture automates invoice processing, reducing manual effort and errors. Intelligent Performance Management in NetSuite Planning and Budgeting offers predictive analytics to improve forecasting and decision-making. Furthermore, the release introduces Intelligent Performance Management (IPM) to NetSuite Planning and Budgeting, offering predictive analytics to monitor and analyze plans, forecasts, and variances. IPM highlights trends, anomalies, biases, and correlations, empowering finance teams to take faster action on insights such as forecast variance, bias, and predictions. These features aim to enhance productivity and streamline operations for businesses.


SAP introduces new commerce cloud payment solution to help retailers stay ahead

The new composable payment solution introduced by SAP within its SAP Commerce Cloud platform aims to assist retailers in adapting to changing customer expectations, particularly with the rising popularity of alternative payment methods like buy now, pay later. This solution, known as SAP Commerce Cloud Open Payment Framework, seamlessly integrates with various third-party payment service providers (PSPs) to offer retailers flexibility in selecting partners tailored to their specific needs and markets. The framework, which is designed to simplify integration complexities and enhance the checkout experience, covers a range of payment processes and is expected to be generally available in the second half of 2024.


New DEEP#GOSU malware campaign targeting Windows systems

A sophisticated attack campaign dubbed DEEP#GOSU, attributed to the North Korean state-sponsored group Kimsuky, has been uncovered by cybersecurity firm Securonix. The campaign utilizes PowerShell and VBScript malware to infiltrate Windows systems, employing techniques such as keylogging, clipboard monitoring, and data exfiltration. Notably, the malware leverages legitimate cloud services like Dropbox and Google Docs for command-and-control purposes, enabling the threat actors to blend into regular network traffic and update malware functionality. The attack begins with a malicious email attachment containing a ZIP archive disguised as a PDF file, initiating a multi-stage infection process. The malware aims to establish persistence on compromised systems while continuously communicating with a command-and-control server via Dropbox.


Microsoft is facing difficulties in combating Russian cyberspies who have stolen company secrets

Microsoft is facing ongoing challenges in keeping out Russian cyberspies who gained high-level access to the company late last year. These hackers have recently accessed key company secrets, including digital vaults housing source code for some programs. The hackers are associated with Russia's SVR intelligence agency, responsible for the SolarWinds hacking campaign of 2020. The extent of the information taken is unclear, but Microsoft's crucial role in U.S. federal government systems and advanced AI research adds significance to the breach. Password spraying, a technique to repeatedly try username and password combinations, facilitated the initial access. The severity of the issue has increased, with a tenfold rise in password spraying attempts from February to March. The U.S. Cybersecurity and Infrastructure Security Agency is closely collaborating with Microsoft to address the intrusion campaign and assist affected organizations.