Calif. Gov. Vetoes AI Safety Bill Aimed at Big Tech Players

Critics viewed the bill as seeking protections against nonrealistic "doomsday" fears, but most stakeholders agree that oversight is needed in the GenAI space. [TechWeb]( Follow Dark Reading: [RSS]( October 01, 2024 LATEST SECURITY NEWS & COMMENTARY [Calif. Gov. Vetoes AI Safety Bill Aimed at Big Tech Players]( Critics viewed the bill as seeking protections against nonrealistic "doomsday" fears, but most stakeholders agree that oversight is needed in the GenAI space. [Overtaxed State CISOs Struggle With Budgeting, Staffing]( CISOs for US states face the same kinds of challenges those at private companies do: lots of work to handle, but not necessarily enough money or people to handle it sufficiently well. [Sloppy Entra ID Credentials Attract Hybrid Cloud Ransomware]( Microsoft warns that ransomware group Storm-0501 has shifted from buying initial access to leveraging weak credentials to gain on-premises access before moving laterally to the cloud. [DoJ Charges 3 Iranian Hackers in Political 'Hack & Leak' Campaign]( The cyberattackers allegedly stole information from US campaign officials only to turn around and weaponize it against unfavored candidates. [Elaborate Deepfake Operation Takes a Meeting With US Senator]( The threat actors managed to gain access to Sen. Ben Cardin (D-Md.) by posing as a Ukrainian official, before quickly being outed. [UAE, Saudi Arabia Become Plum Cyberattack Targets]( Hacktivism-related DDoS attacks have risen 70% in the region, most often targeting the public sector, while stolen data and access offers dominate the Dark Web. [Treat Your Enterprise Data Like a Digital Nomad]( By combining agility with compliance, and security with accessibility, businesses will treat their data as a well-prepared traveler, ready for any adventure. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Millions of Kia Vehicles Open to Remote Hacks via License Plate]( The vulnerability is the latest discovered in connected vehicles in recent years, and it points out the cyber dangers lurking in automotive APIs. [Shadow AI, Data Exposure Plague Workplace Chatbot Use]( Productivity has a downside: A shocking number of employees share sensitive or proprietary data with the generational AI platforms they use, without letting their bosses know. [Could Security Misconfigurations Become No. 1 in OWASP Top 10?]( As Superman has kryptonite, software has weaknesses — with misconfigurations leading the pack. [Top Allies for Executives & Boards to Leverage During a Cyber Crisis]( It is imperative for executives and board members to know who their top allies are, and how to best leverage them to successfully navigate a crisis and minimize the harm caused by a breach. [MORE]( PRODUCTS & RELEASES [Stellar Cyber Secures National 'Don't Click It' Day]( [Cybersecurity Success Hinges on Full Organizational Support, New CompTIA Report Asserts]( [OneTrust Automates DORA ICT Risk Management and Compliance]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Novel Exploit Chain Enables Windows UAC Bypass]( Adversaries can exploit CVE-2024-6769 to jump from regular to admin access without triggering UAC, but Microsoft says it's not really a vulnerability. LATEST FROM THE EDGE [FERC Outlines Supply Chain Security Rules for Power Plants]( The US Federal Energy Regulatory Commission spelled out what electric utilities should do to protect their software supply chains, as well as their network "trust zones." LATEST FROM DR TECHNOLOGY [Reachability Analysis Pares Down Static Security-Testing Overload]( For development teams awash in vulnerability reports, reachability analysis can help tame the chaos and offer another path to prioritize exploitable issues. LATEST FROM DR GLOBAL [Meet UNC1860: Iran's Low-Key Access Broker for State Hackers]( The group has used more than 30 custom tools to target high-value government and telecommunications organizations on behalf of Iranian intelligence services, researchers say. WEBINARS - [10 Emerging Vulnerabilities Every Enterprise Should Know]( - [Harnessing the Power of Automation to Boost Enterprise Cybersecurity]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [Product Review: Trend Vision One Cloud Security]( - [IDC White Paper: The Peril and Promise of Generative AI in Application Security]( - [Gartner Report: Cyber Asset Attack Surface Management]( - [The Anatomy of a Ransomware Attack]( - [The ROI of RevealX Against Ransomware]( - [Purple AI Datasheet]( - [SANS Security Awareness Maturity Model]( [View More White Papers >>]( FEATURED REPORTS - [Managing Third-Party Risk Through Situational Awareness]( - [2024 InformationWeek US IT Salary Report]( [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=126021&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_10.01.24&sp_cid=55258&utm_content=DR_NL_Dark%20Reading%20Daily_10.01.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#a2 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)