NIST standards proposal looks to retire outdated requirements like mandatory password resets
Rules regarding the use or limitation of specific characters are also on the chopping block
Consultant behind deepfake Biden robocalls hit with $6 million fine, faces criminal charges
A tale involving deepfakes, politics, and a magician
ChatGPT vulnerability allows hackers to record your sessions indefinitely
GPT's "long-term memory" allows prompt injections to become permanent
Facepalm: "The code is TrustNoAI." This is a phrase that a white hat hacker recently used while demonstrating how he could exploit ChatGPT to steal anyone's data. So, it might be a code we should all adopt. He discovered a way hackers could use the LLM's persistent memory to exfiltrate data from any user continuously.
Firefox's upcoming "cookie-less" tracking comes under fire by Austrian privacy watchdog
"It's a shame that an organization like Mozilla believes that users are too dumb to say yes or no"
California governor demonstrates wishy-washy stance on digital consumer rights
Signs law to ease subscription cancelation, while vetoing a bill to allow consumers to opt-out of data collection
Telegram will provide authorities with IP addresses, phone numbers of suspects
The service is trying to change its reputation as a safe haven for criminals
Kaspersky customers in the US complain about receiving unsolicited security software replacement
The Russian software company has been forced to retire from the US market
Windows Server Update Services put on ice as Microsoft pushes for the cloud
WSUS will continue to work, but will see no new features
Necro Trojan resurfaces on Android, infects 11 million devices via popular apps
The latest version has new features and infiltration methods
Apple's latest macOS update is causing headaches for security programs
Break different: Apple recently released the latest version of macOS, but things aren't going smoothly for Sequoia. The operating system is reportedly causing serious compatibility issues for security tool vendors, and it appears Cupertino was aware that the OS wasn't fully ready for prime time.
German investigators successfully tracked suspects inside the Tor network
Tor Browser developers say the program is still safe to use
International law enforcement shuts down cybercrime communication platform Ghost
A major blow to digitally-adapted organized crime
PKfail security flaw is far more extensive than initially thought
Facepalm: Binarly analysts have issued a new warning just a couple of months after unveiling a security issue related to compromised platform keys used to enforce Secure Boot protection. The PKfail problem affects a significantly larger pool of devices and brands, and is not limited to firmware products developed by AMI.
Novel phishing attack uses "no-escape" kiosk mode in Chrome to extract passwords
The quick fix is Control-Alt-Delete
Discord introduces passwordless logins, end-to-end encryption for calls
Discord is introducing passwordless login through biometric passkeys, such as Face ID and Touch ID. Also, Discord is migrating audio and video calls (but not text messaging) to a new system that features end-to-end encryption by default.
Malware has infected 1.3 million Android TV boxes in 197 countries
The backdoor can download and install additional malware
This AI claims to predict crimes before they happen based on real-time CCTV analysis
Is this the future of crime prevention?
Microsoft plans to move security software out of the Windows kernel
Significant changes could be coming in the not-so-distant future
Ford's advertising patent suggests listening to in-car conversations for personalized ads
It's not the first controversial patent Ford (or many large companies) has pursued
What now? Ransomware victim pays hacker, but decryption key fails
Hazard ransomware is good at encrypting files, less so at decrypting them
Russia is willing to spend some $660 million to bolster internet censorship
The system mainly targets VPN services that Russians use to access the internet
Lawmakers ask FTC to determine if AI generated article summaries are anti-competitive
Data collection has never been as powerful or lucrative as it is right now
A hot potato: Currently, the AI industry is the Wild West. There are very few laws on the books that govern the market. This lack of formal regulation has led to AI firms operating on the honor system, promising to effectively self-regulate, but democrats in the US Senate believe the self-regulation experiment has failed. They're now asking trade regulators to see if they can find any antitrust violations, especially in AI-generated content summaries.
FBI says Americans lost $5.6 billion to crypto scams only in the last year
A 45% increase from 2022 from nearly 70,000 victim complaints
Two ex-Samsung executives arrested for stealing chip technology to build factory in China
The stolen technology has been valued at $3.2 billion
Major TSA security flaw exposed, simple SQL vulnerability could have allowed access to airplane cockpits
An attacker could have added fake pilots to the roster using SQL injection