lugapelsiteadmin
Remote ID verification tech is often biased, bungling, and no good on its own
Only 2 out of 5 tested products were equitable across demographics A study by the US General Services Administration (GSA) has revealed that five remote identity verification (RiDV) technologies are unreliable, inconsistent, and marred by bias across different demographic groups.…
Cloud threats have execs the most freaked out because they’re not prepared
Ransomware? More like 'we don't care' for everyone but CISOs Efficiency and scalability are key benefits of enterprise cloud computing, but they come at a cost. Security threats specific to cloud environments are the leading cause of concern among top executives and they're also the ones organizations are…
AI code helpers just can’t stop inventing package names
LLMs are helpful, but don't use them for anything important AI models just can't seem to stop making things up. As two recent studies point out, that proclivity underscores prior warnings not to rely on AI advice for anything that really matters.…
Red team hacker on how she ‘breaks into buildings and pretends to be the bad guy’
Alethe Denis exposes tricks that made you fall for that return-to-office survey Interview A hacker walked into a "very big city" building on a Wednesday morning with no keys to any doors or elevators, determined to steal sensitive data by breaking into both the physical space and the…
Feds charge 3 Iranians with ‘hack-and-leak’ of Trump 2024 campaign
Snoops allegedly camped out in inboxes well into September The US Department of Justice has charged three Iranians for their involvement in a "wide-ranging hacking campaign" during which they allegedly stole massive amounts of materials from Donald Trump's 2024 presidential campaign and then leaked the information to media…
Recall the Recall recall? Microsoft thinks it can make that Windows feature palatable
AI screengrab service to be opt-in, features encryption, biometrics, enclaves, more Microsoft has revised the Recall feature for its Copilot+ PCs and insists that the self-surveillance system is secure.…
That doomsday critical Linux bug: It’s CUPS. May lead to remote hijacking of devices
No patches yet, can be mitigated, requires user interaction Final update After days of anticipation, what was billed as one or more critical unauthenticated remote-code execution vulnerabilities in all Linux systems was today finally revealed.…
Ransomware gang using stolen Microsoft Entra ID creds to bust into the cloud
Defenders beware: Data theft, extortion, and backdoors on Storm-0501's agenda Microsoft's latest threat intelligence blog issues a warning to all organizations about Storm-0501's recent shift in tactics, targeting, and backdooring hybrid cloud environments.…
Patch now: Critical Nvidia bug allows container escape, complete host takeover
33% of cloud environments using the toolkit impacted, we're told A critical bug in Nvidia's widely used Container Toolkit could allow a rogue user or software to escape their containers and ultimately take complete control of the underlying host.…
HPE patches three critical security holes in Aruba PAPI
More 9.8 bugs? Ay, papi! Aruba access points running AOS-8 and AOS-10 need to be patched urgently after HPE emitted fixes for three critical flaws in its networking subsidiary's networking access points.…