Microsoft has issued a critical security update to address a severe vulnerability in its Azure Kubernetes Service, identified as CVE-2024-29990, which allowed unauthenticated attackers to gain complete control over Azure Kubernetes clusters by stealing credentials. This vulnerability was part of a larger security update that covered over 150 flaws, highlighting Microsoft's ongoing struggle with cybersecurity as evidenced by recent government critiques of its security practices and response to cyber incidents. The patch release, which is Microsoft's most substantial since 2017, also fixed additional security issues across various Microsoft products, including Microsoft Defender for IoT and Windows Secure Boot, amid heightened scrutiny of the company's ability to protect against cyberthreats.

Microsoft Plugs Gaping Hole in Azure Kubernetes Service Confidential Containers Security Week

Sam Altman, CEO of OpenAI, and Jony Ive, former Apple design chief, are in the early stages of funding for a new AI device startup aiming to revolutionize the personal AI product market. This venture seeks to secure up to $1 billion in funding, engaging in discussions with major venture capitalists, including Thrive Capital and Emerson Collective. The startup, which has yet to be named, aims to develop a device that goes beyond the conventional smartphone experience, incorporating advanced AI capabilities. While details on the device are scant, it is hinted that the product will not mimic traditional smartphones, potentially aligning with trends in AI-driven hardware such as wearables and voice-enabled assistants. Both Ive and Altman bring significant experiences from their respective fields, promising a product that could redefine daily interactions with artificial intelligence.

Sam Altman and Jony Ive Raising Funding for Secret AI Device Company maginative.com

As email continues to be a primary target for cybercriminals, leveraging it for phishing and business email compromise (BEC) attacks, organizations are increasingly relying on Security Awareness Training (SAT) to educate employees on identifying threats. However, the emergence of generative AI technologies like ChatGPT has enabled even unskilled attackers to create more convincing and personalized phishing emails, posing new challenges for SAT's effectiveness. While SAT remains crucial in combating low-level email attacks, updating these programs to address the advanced capabilities of AI-generated emails and reinforcing them with additional security measures such as multi-factor authentication and email security solutions are essential for providing comprehensive protection against evolving cyber threats.

Security awareness training meets a new obstacle: Generative AI SC Magazine

Eric Bricker, MD, has announced the launch of 'Billy', a novel website aimed at enhancing hospital price transparency by utilizing hospitals' own publicly mandated pricing data. Developed by Leon Wisniewski and created by Cody Coonradt and Dustin McQuay, Billy facilitates comparisons of healthcare service prices across different hospitals, specifically highlighting the disparities in costs for services like echocardiograms among major insurance carriers at hospitals such as Presbyterian and Baylor in Dallas. While not all hospitals comply with the data release mandate, making some data unavailable, Billy serves as a valuable tool for a diverse group of stakeholders including employers, insurance and hospital contract negotiators, government regulators, insurance brokers, benefits consultants, and consumers, seeking to navigate the complex landscape of healthcare pricing.

Eric Bricker, MD on LinkedIn: Hospital #PriceTransparency Website TryBilly.App using Hospitals' Own Data LinkedIn