Blog

MINJA sneak attack poisons AI models for other chatbot users

Nothing like an OpenAI-powered agent leaking data or getting confused over what someone else whispered to it AI models with memory aim to enhance user interactions by recalling past engagements. However, this feature opens the door to manipulation.…

Allstate Insurance sued for delivering personal info on a platter, in plaintext, to anyone who went looking for it

Crooks built bots to exploit astoundingly bad quotation website and made off with data on thousands New York State has sued Allstate Insurance for operating websites so badly designed they would deliver personal information in plain-text to anyone that went looking for it.…

Google begs owners of crippled Chromecasts not to hit factory reset

Expired SSL cert kerfuffle leaves second-gen, Audio gadgets useless Google's second-generation Chromecast and its Chromecast Audio are suffering a major ongoing outage, with devices failing to cast due to an expired security certificate. The web giant is aware of the breakdown and says a fix is in the…

Sidewinder goes nuclear, charts course for maritime mayhem in tactics shift

Phishing and ancient vulns still do the trick for one of the most prolific groups around Researchers say the Sidewinder offensive cyber crew is starting to target maritime and nuclear organizations.…

Rhysida pwns two US healthcare orgs, extracts over 300K patients’ data

Terabytes of sensitive info remain available for download Break-ins to systems hosting the data of two US healthcare organizations led to thieves making off with the personal and medical data of more than 300,000 patients.…

Consumer Reports calls out slapdash AI voice-cloning safeguards

Study finds 4 out of 6 providers don't do enough to stop impersonation Four out of six companies offering AI voice cloning software fail to provide meaningful safeguards against the misuse of their products, according to research conducted by Consumer Reports.…

How NOT to f-up your security incident response

Experts say that the way you handle things after the criminals break in can make things better or much, much worse Feature  Experiencing a ransomware infection or other security breach ranks among the worst days of anyone's life — but it can still get worse.…

The NHS security culture problem is a crisis years in the making

Insiders say board members must be held accountable and drive positive change from the top down Analysis  Walk into any hospital and ask the same question – "Which security system should we invest in?" – to both a doctor and a board member, and you may get different…

Kernel saunters – How Apple rearranged its XNU kernel with exclaves

iPhone giant compartmentalizes OS for the sake of security Apple has been working to harden the XNU kernel that powers its various operating systems, including iOS and macOS, with a feature called "exclaves."…

Developer sabotaged ex-employer with kill switch activated when he was let go

IsDavisLuEnabledInActiveDirectory? Not any more. IsDavisLuGuilty? Yes. IsDavisLuFacingJail? Also yes A federal jury in Cleveland has found a senior software developer guilty of sabotaging his employer's systems – and he's now facing a potential ten years behind bars.…

Copyright © 2024 Lugapel