OpenAI’s ChatGPT enters the search arena to rival Google 

OpenAI is launching a ChatGPT-powered search engine to compete with Google, allowing ChatGPT to respond to real-time information queries. The search engine is initially for paid users and will eventually expand to all users. This move follows Google’s recent AI-driven search updates, which faced criticism for inaccuracies. OpenAI partnered with news outlets, including The Associated Press, to include source links, though it’s unclear if these link back to original sources. News organizations, like The New York Times, have raised copyright concerns, some suing OpenAI and Microsoft over content use.

Lessons from the CrowdStrike outage: resilience and preparedness in cloud security

The CrowdStrike outage, caused by a flawed software update, disrupted millions of devices globally and had severe impacts across healthcare, travel, and emergency services. Key lessons include integrating IT and business risks, improving software update strategies, and ensuring clear communication during incidents. The event highlights the need for diverse security solutions, proactive resilience, and robust service level agreements with vendors. Agencies should prepare for similar disruptions by updating their continuity and recovery plans to minimize future impacts. Cyber insurance and regular performance reviews also play a critical role in managing risk.

NetSuite launches Connector for Salesforce to enhance data sharing and business processes

Oracle NetSuite has introduced the NetSuite Connector for Salesforce, which automates data sharing between the two platforms to reduce silos and improve business processes. This integration enhances financial, customer, item, and order management by providing real-time access to crucial data across both systems. The connector, powered by Oracle Integration Cloud, is designed to streamline workflows, improve accuracy, and support faster, data-driven decision-making. It will be available in North America within the next 12 months.

SAP's innovations in Spend Management: enhancing productivity, insights, and growth

SAP's latest innovations in spend management focus on improving productivity, providing insights, and supporting business growth. SAP introduced several new solutions aimed at improving procurement and workforce management. The SAP Ariba Intake Management solution simplifies employee procurement requests and enhances process visibility. A new SAP Business Network subscription helps suppliers grow by attracting new buyers. Additionally, an analytics add-on for SAP Fieldglass provides AI-powered insights for managing external workforce performance and trends. These innovations are designed to improve productivity, compliance, and spend management. The solutions will be available in early 2025.

United Nations’ database exposure puts vulnerable communities at risk

A database containing sensitive information from the UN Trust Fund to End Violence Against Women was found exposed online, revealing over 115,000 files related to organizations working with UN Women. Security researcher Jeremiah Fowler discovered the flaw and notified the UN, which secured the data. The exposed UN Women database could compromise sensitive information, including financial details, staffing, and personal stories of vulnerable individuals. This data could be used to target organizations, expose at-risk individuals, or fuel scams. Affected parties are being notified, and measures are being taken to prevent future incidents.

Pygmy Goat malware targeted government networks via Sophos firewall

The UK's National Cyber Security Centre (NCSC) analyzed "Pigmy Goat," a Linux malware used to backdoor Sophos XG firewalls in recent cyberattacks. This malware, resembling Sophos file naming conventions, is a rootkit with advanced evasion and remote access capabilities. The malware is designed for persistence, evasion, and remote access, and can operate on a wide range of Linux systems, not limited to specific devices. It was likely developed for FortiGate devices first before being adapted for Sophos systems. Sophos has been dealing with hacker campaigns since 2018, deploying custom implants to monitor the attackers and uncover previously unknown exploits.