Begin Again/Getty Images Slack is harnessing AI to make workplace collaboration and communication even smoother. On Thursday, the workplace productivity software company announced four new AI-powered features built directly into its platform. The bundle is meant to function as a smart digital assistant operating in the background of a team’s normal operations, automating routine and […] More

Kerry Wan/ZDNETFollow ZDNET: Add us as a preferred source More

Getty Images/Andriy Onufriyenko Safety is one of the biggest worries surrounding the rapid growth of generative artificial intelligence models. A seven-page complaint filed by whistleblowers and obtained by The Washington Post regarding OpenAI’s safety practices has only heightened these concerns. As a result, OpenAI is now sharing an update on its safety initiatives with the public. […] More

McAfee announced Monday that it will sell its enterprise security business to a consortium led by Symphony Technology Group in a deal worth $4 billion. McAfee, which went public in October, said the deal is meant to bolster its efforts to become a pure-play consumer cybersecurity company. 

Since its split from Intel in early 2017, McAfee has pivoted to cloud services and worked to build out its platform with a focus on its enterprise product portfolio. However, the company is now narrowing focus and directing its resources to the consumer side of the business in a bid for long term growth.
“This transaction will allow McAfee to singularly focus on our consumer business and to accelerate our strategy to be a leader in personal security for consumers,” said McAfee chief executive Peter Leav, in a statement.
Intel bought McAfee in 2011 and rebranded as Intel Security in 2014. A year later, Intel Security adjusted its strategy to refocus the business on endpoint security, as well as threat intelligence, analytics, and orchestration. McAfee was spun out from Intel through a deal with TPG Capital, which owns 51 percent of McAfee.
When the deal closes, the McAfee brand name will be retained and used for the consumer business. The enterprise unit will get a new name and brand refresh in the coming months.
RELATED: More

The FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint advisory in the aftermath of a devastating ransomware attack on Colonial Pipeline. 

more coverage

The alert, published on Tuesday, provides details on DarkSide, malware operators that run a Ransomware-as-a-Service (RaaS) network. DarkSide is responsible for the recent cyberattack on Colonial Pipeline. Last Friday, the fuel giant said a cyberattack had forced the company to halt pipeline operations and temporarily pull IT systems offline to contain the incident, found to be an infection caused by DarkSide affiliates.  Colonial Pipeline is yet to recover and as a critical infrastructure provider — one of whom supplies 45% of the East Coast’s fuel and which usually delivers up to 100 million gallons of fuel daily — the FBI has become involved.  “Cybercriminal groups use DarkSide to gain access to a victim’s network to encrypt and exfiltrate data,” the alert says. “These groups then threaten to expose data if the victim does not pay the ransom. Groups leveraging DarkSide have recently been targeting organizations across various CI sectors including manufacturing, legal, insurance, healthcare, and energy.” The DarkSide ransomware is provided to RaaS customers. This cybercriminal model has proven popular as it only requires a core team to develop malware, which can then be distributed to others.  RaaS, also known as ransomware affiliate schemes, may be provided on a subscription basis and/or the creators receive a cut of the profits when a ransom is paid. In return, the developers continue to improve their malware ‘product’.  

DarkSide tries to portray itself in a ‘Robin Hood’ light, with terms of service for clients that dictate no medical, care homes, or palliative care providers should be targeted. The operators have been quick to distance themselves from the attack on Colonial Pipeline as a core country fuel provider and vaguely blamed the attack on a partner.”Our goal is to make money, and not creating problems for society,” DarkSide said.  The FBI/CISA advisory also includes advice and best practices for preventing or mitigating the threat of ransomware.  “CISA and FBI urge CI [critical infrastructure] asset owners and operators to adopt a heightened state of awareness and implement recommendations […] including implementing robust network segmentation between IT and OT networks; regularly testing manual controls; and ensuring that backups are implemented, regularly tested, and isolated from network connections,” the agencies say. “These mitigations will help CI owners and operators improve their entity’s functional resilience by reducing their vulnerability to ransomware and the risk of severe business degradation if impacted by ransomware.” Other recommendations include: Multi-factor authentication for remote access to IT networks Spam filters to mitigate phishing, network traffic filters Employee training programs Frequent patch processes Implementing security audits, risk assessment  RDP restrictions Anonymization service connection monitoring “CISA and the FBI do not encourage paying a ransom to criminal actors,” the agencies added. “Paying a ransom may embolden adversaries to target additional organizations, encourage other criminal actors to engage in the distribution of ransomware, and/or may fund illicit activities. Paying the ransom also does not guarantee that a victim’s files will be recovered.” Previous and related coverage Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More