Latest news with #Identifiable
Yahoo
27-03-2025
- Yahoo
A DOGE staffer working as a ‘senior advisor' in the government's cybersecurity agency once provided tech support to a cybercrime ring
Edward Coristine, a 19-year-old DOGE member, has been linked to a cybercrime group through his former company, DiamondCDN. Coristine has been listed as an adviser in multiple U.S. government agencies, including the Cybersecurity and Infrastructure Security Agency. A member of Elon Musk's Department of Government Efficiency (DOGE) appears to have provided tech support to a cybercrime group known as EGodly. Edward Coristine, also known by his nickname "Big Balls," has been linked to the cybercrime group through a company he ran called DiamondCDN. According to corporate and digital records reviewed by Reuters and Telegram messages seen by Fortune, EGodly was one of the company's users. The group publicly thanked Coristine's company for its assistance in a post on its Telegram channel on Feb. 15, 2023. "We extend our gratitude to our valued partners DiamondCDN for generously providing us with their amazing DDoS protection and caching systems, which allow us to securely host and safeguard our website," the message read. An FBI agent who had contact with EGodly told Reuters the group had been investigated due to a connection with swatting, a practice of making false emergency calls in an attempt to send SWAT teams to targeted addresses. He called EGodly "not a pleasant group," referring to the members as "bad folks." In other messages shared on the Telegram channel and reviewed by Fortune, the group can also be seen selling people's private PII (Personally Identifiable Information), boasting about hacking government emails and cyberstalking an FBI agent. In one post, the group advertised "Brazil government emails" for sale, telling members they could use the addresses to get information on users by sending data requests to the support of platforms. In one video posted by the account, a car drove past what appeared to be the FBI agent's house while someone screamed out the window: "EGodly says you're a bitch!" An analysis of digital records conducted by Reuters found that between October 2022 and June 2023, the EGodly website, was linked to IP addresses associated with DiamondCDN and other businesses owned by Coristine. During this period, some visitors to the site encountered a DiamondCDN "Security check," the outlet reported. Representatives for the State Department and DiamondCDN did not immediately return requests for comment from Fortune. The department and Coristine did not reply to Reuters comment requests either. Coristine's role within the government is not entirely clear. The 19-year-old was most recently a freshman mechanical engineering and physics major at Boston's Northeastern University until joining Elon Musk's cost-cutting team at DOGE. He also worked briefly at Musk's brain implant company Neuralink. According to Reuters, he's listed as a "senior adviser" at the State Department as well as the Cybersecurity and Infrastructure Security Agency. He's also been linked to the Department of Homeland Security by a Washington Post report. Wired has also reported that Coristine is listed as one of several 'experts' at the Office of Personnel Management, the government's HR department. Although Coristine's link to EGodly may have been brief, Nitin Natarajan—formerly the deputy director of CISA under President Joe Biden—expressed concern about the teenager now being part of a team with extensive access to government systems. "This stuff was not in the distant past," Natarajan told Reuters. "The recency of the activity and the types of groups he was associated would definitely be concerning." It's also not the first time Coristine has made headlines for his past associations. Last month, Bloomberg reported that he was previously fired from an internship at Path Network for reportedly leaking information to competitors. Coristine later denied doing anything "contractually wrong' while working at Path Network via a post on Discord, per Bloomberg. This story was originally featured on
Associated Press
14-03-2025
- Business
- Associated Press
CloudDefense.AI Reveals Key Strategies to Identify and Protect Personal Identifiable Information (PII) in the Cloud
'Protecting PII isn't just about compliance - it's about building trust. Organizations that secure their data proactively will lead within the changing digital environment.' — Abhi Arora, COO of CA, UNITED STATES, March 14, 2025 / / -- As businesses migrate to the cloud, securing Personal Identifiable Information (PII) becomes urgent. Cloud environments offer flexibility and scalability, but poor security can expose sensitive data to cybercriminals. Misconfigurations or unchecked access can lead to significant PII exposure, causing financial, legal, and reputational damage. a leader in cloud security, assists companies in proactively identifying and securing PII before threats arise. A significant risk in cloud security is the lack of visibility into where PII is stored and accessed. Organizations struggle to track sensitive data across databases, logs, backups, and third-party applications. Without understanding data flow, businesses are vulnerable to unauthorized access and accidental leaks. highlights the need for automated discovery and classification tools that monitor cloud environments, ensuring organizations know where their PII resides and who can access it. Controlling access to PII is crucial. Excessive permissions pose threats, with many breaches stemming from poor access management rather than complex attacks. follows the Principle of Least Privilege (PoLP), granting only essential access to employees and applications. Using Cloud Infrastructure Entitlement Management (CIEM) and Role-Based Access Control (RBAC), organizations can automate reviews, detect and remove excessive permissions, thus minimizing risks. Restricting access is insufficient. If data is compromised, encryption is essential. Properly encrypted data remains unreadable, even to attackers. advises using strong encryption like AES-256 for data at rest and TLS for data in transit. Tokenization and effective key management also protect sensitive data. Many organizations neglect key management by storing encryption keys with the data. highlights the need for secure, separate storage of keys to prevent unauthorized decryption access. Encryption minimizes data exposure, but real-time monitoring and threat detection are essential to prevent security incidents. Cloud environments are dynamic, requiring ongoing monitoring and anomaly detection to respond swiftly to evolving cyber threats. highlights advanced Threat Detection and Response (TDR) solutions for immediate alerts on suspicious activities and unauthorized access, enabling organizations to act before breaches occur. Organizations must prioritize compliance with data protection regulations like GDPR, CCPA, HIPAA, and PCI-DSS, which impose strict guidelines on handling personally identifiable information (PII). Non-compliance risks penalties, and customer trust. automates audits, enforces data retention policies, and trains staff in sensitive data handling. By embedding security into cloud operations, organizations ensure compliance and maintain strong security. As cloud adoption continues to grow, businesses must stay ahead of evolving threats by proactively securing PII. remains committed to helping organizations build resilient cloud security strategies through CNAPP, DSPM, and CIEM solutions. By taking a proactive stance on data protection, access control, encryption, and threat monitoring, businesses can fortify their cloud environments and build lasting trust with customers. About headquartered in Palo Alto, is a cutting-edge Cloud-Native Application Protection Platform (CNAPP) that provides end-to-end security for cloud infrastructures and applications. seamlessly integrates advanced technology and expertise, making it the ultimate solution for mitigating security risks from development to deployment. Their state-of-the-art platform offers a full spectrum of security solutions, ensuring organizations can confidently protect their cloud environments. Covering every layer of security, provides SAST, DAST, SCA, IaC Scanning, Advanced API Security, Container Security, CSPM, CWPP, CIEM, Kubernetes Security, and AI-SPM. Moreover, their exclusive technology guarantees continuous policy enforcement and proactive threat mitigation. enhances security with AI-driven remediation, attack path analysis, and automated risk assessment to reduce vulnerability noise and detect zero-day threats in real-time. This innovative approach boosts security efficiency, providing up to five times the value of traditional tools and establishing them as leaders in cloud security. If you want to learn more about and explore one of the best CNAPPs in the industry, please book a free demo or connect with them at [email protected] X LinkedIn Instagram YouTube Legal Disclaimer:
Arabian Business
27-02-2025
- Business
- Arabian Business
VFS Global launches GenAI-powered chatbot to serve UK visa applicants in 141 nations
Promising to enhance customer support for travellers to the United Kingdom, Dubai-headquartered VFS Global has launched a new Generative AI-powered chatbot that is now available to UK visa applicants in 141 countries, including the GCC countries. Among the key features of the GenAI-Powered chatbot, apart from its 24×7 availability, are human-like interactions where it delivers responses that closely mimic human conversation, enhancing user engagement. It is focussed solely on the customers' needs and the information provided is highly accurate and relevant and follows ethical AI practices, which minimises biases and ensures fair and consistent responses. AI chatbot revolutionises visa support Privacy is a big area of focus for VFS Global and the process detects and masks any Personally Identifiable Information (PII), which means no sensitive data is stored. It has secured AI hosting, and the Large Language Model (LLM) is deployed in a safe environment to prevent data sharing with external platforms. Developed by VFS Global's AI team, also based in Dubai, the AI-powered chatbot addresses the increasing demand for efficient customer support, allowing users to easily access the information needed to navigate the application process. The AI-powered chatbot not only utilises advanced Generative AI technology to offer human-like, conversational support, but does so through both voice and text commands, providing instant, accurate, and accessible information for UK-bound customers. Jen Vidler, Deputy Director, Cross Cutting Service Operations, Visa, Status and Information Services, Customer Services Group, UK Visas and Immigration, said: 'The rollout of VFS Global's AI-powered chatbot demonstrates our continued commitment to ensuring our visa services are accessible, efficient and meet the needs of all customers. Providing instant access to accurate information about the visa application process will ensure we continue to offer the best service to our customers.' A dedicated team of data scientists and AI specialists, including those based in Mumbai and Berlin, collaborated on the project, leveraging in-house expertise to uphold the highest quality and security standards. VFS Global partnered with the 'Responsible AI Institute' to integrate ethical considerations and bias mitigation into the development process. The project utilises proprietary AI platforms, including their AI Foundation Model and Super Alpha Application Platform, both equipped with built-in guardrails to ensure data safety, security, and regulatory compliance. Zubin Karkaria, Founder & Chief Executive Officer, VFS Global, added: 'Technology and innovation have always been the cornerstones of our operations at VFS Global, and we are pleased to launch this AI-powered information solution which will significantly enhance the visa application experience for our customers travelling to the UK from across the globe. 'We are developing a range of AI and digital technology products to drive the next transformation in visa and consular services for our client governments and customers. We remain deeply committed to the responsible development of AI in accordance with the policies of our client governments.' VFS Global serves as a partner to 68 client governments and operates over 3,500 Application Centres in 153 countries. The company has processed more than 305 million applications since 2001.
