Ransomware Hits SMBs Hard, Google OAuth Exploited, Gladinet's Security Flaw, and AI Scraping Issues
Business of Tech: Daily 10-Minute IT Services Insights
Audio is streamed directly from the publisher (pdcn.co) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Ransomware attacks targeting small and medium-sized businesses (SMBs) have reached alarming levels, with a recent UK government survey revealing that 1% of organizations reported such incidents, affecting approximately 19,000 entities. This marks a significant increase from the previous year, highlighting a troubling trend where nation-state actors are increasingly focusing on SMBs due to their often inadequate cybersecurity measures. The survey also indicates a decline in board-level cybersecurity responsibility, with only 27% of businesses having a cyber specialist on their board, down from 38% four years ago. As the frequency of ransomware incidents decreases, the cost per incident is rising, emphasizing the need for resilience-focused security measures.
In addition to ransomware, a vulnerability in Google's OAuth system has been exploited by phishers to create sophisticated attacks that mimic legitimate emails from Google. This DKIM replay phishing attack allows hackers to bypass security checks, making it difficult for users to detect scams. A notable case involved a developer receiving a fraudulent email that appeared to be a legitimate security alert. This incident underscores the importance of updating security awareness training, as traditional methods may not adequately prepare users for such advanced phishing techniques.
Another significant security concern arose from a flaw in Gladinet's Centristack file-sharing platform, which allows remote code execution due to a deserialization issue linked to hard-coded cryptographic keys. This vulnerability has already been exploited in multiple cases, raising alarms within the cybersecurity community. Gladinet has advised customers to upgrade or change their keys to mitigate potential threats. Additionally, Microsoft acknowledged a flaw in its Intune device management tool that inadvertently allowed unauthorized Windows 11 upgrades, prompting organizations to revert affected devices.
On a different note, Wikipedia has partnered with Kaggle to create a machine-readable dataset of its content for training AI models, addressing the challenges posed by content scraping. This initiative aims to manage the rising costs associated with non-human traffic while protecting contributors' rights under Creative Commons licensing. Meanwhile, concerns have emerged regarding the impact of AI on human intelligence, with studies indicating that reliance on AI tools may inhibit critical thinking skills, particularly among younger users. As organizations navigate the complexities of AI integration, the need for resilient systems that can adapt to these changes becomes increasingly critical.
Β
Four things to know today
Β
03:32 Secure by Default? Not This Week β Google, Microsoft, and Gladinet Say Otherwise
07:32 Wikipedia Feeds the AI BeastβBut Wants to on Its Own Terms
10:04 AI Overload: How Education, Cognitive Skills, and Enterprise Strategy Are Buckling Under Pressure
Β
Β
Supported by:Β https://cometbackup.com/?utm_source=mspradio&utm_medium=podcast&utm_campaign=sponsorship
Β
https://getflexpoint.com/msp-radio/
πΌ All Our Sponsors
Support the vendors who support the show:
π https://businessof.tech/sponsors/
π Join Business of Tech Plus
Get exclusive access to investigative reports, vendor analysis, leadership briefings, and more.
π https://businessof.tech/plus
π§ Subscribe to the Business of Tech
Want the show on your favorite podcast app or prefer the written versions of each story?
π² https://www.businessof.tech/subscribe
π° Story Links & Sources
Looking for the links from todayβs stories?
Every episode script β with full source links β is posted at:
π https://www.businessof.tech
π Want to Be a Guest?
Pitch your story or appear on Business of Tech: Daily 10-Minute IT Services Insights:
π¬ https://www.podmatch.com/hostdetailpreview/businessoftech
π Follow Business of Tech
LinkedIn: https://www.linkedin.com/company/28908079
YouTube: https://youtube.com/mspradio
Bluesky: https://bsky.app/profile/businessof.tech
Instagram: https://www.instagram.com/mspradio
TikTok: https://www.tiktok.com/@businessoftech
Facebook: https://www.facebook.com/mspradionews
Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.