Cybersecurity
Meta’s pay-or-consent model hides ‘massive illegal data processing ops’: lawsuit
GDPR claim alleges Facebook parent's 'commercial surveillance practices are fundamentally illegal' Consumer groups are filing legal complaints in the EU in a coordinated attempt to use data protection law to stop Meta from giving local users a "fake choice" between paying up and consenting to being profiled and…
Chinese PC-maker Acemagic customized its own machines to get infected with malware
Tried to speed boot times, maybe by messing with 'Windows source code', ended up building a viral on-ramp Chinese PC maker Acemagic has admitted some of its products shipped with pre-installed malware.…
Australian spy chief fears sabotage of critical infrastructure
And accuses a former Australian politician of having 'sold out their country' The director general of security at Australia's Security Intelligence Organisation (ASIO) has delivered his annual threat assessment, revealing ongoing attempts by adversaries to map digital infrastructure with a view to disrupting important services at delicate moments.…
ALPHV/BlackCat claims responsibility for Change Healthcare attack
Brags it lifted 6TB of data, but let's remember these people are criminals and not worthy of much trust The ALPHV/BlackCat cybercrime gang has taken credit – if that's the word – for a ransomware infection at Change Healthcare that has disrupted thousands of pharmacies and hospitals across…
BEAST AI needs just a minute of GPU time to make an LLM fly over its safety guardrails
Talk about gone in 60 seconds Computer scientists at the University of Maryland have developed an efficient way to craft prompts that elicit harmful responses from large language models (LLMs).…
Palo Alto investor sues over 28% share tumble
Lawsuit alleges it misled investors with claims new AI products were 'facilitating greater platformization' and more Palo Alto Networks (PAN) is facing a proposed class action lawsuit that alleges investors were deceived about the traction of its platform tactics and hurt by an unexpectedly low billings forecast that…
Uncle Sam tells nosy nations to keep their hands off Americans’ personal data
Biden readies executive order targeting China, Russia, and pals US President Joe Biden is expected to sign an executive order today that aims to prevent the sale or transfer of Americans' sensitive personal information and government-related data to adversarial countries including China and Russia.…
That home router botnet the Feds took down? Moscow’s probably going to try again
Non-techies told to master firmware upgrades and firewall rules. For the infosec hardheads: have some IOCs Authorities from eleven nations have delivered a sequel to the January takedown of a botnet run by Russia on compromised Ubiquiti Edge OS routers – in the form of a warning that…
Sandvine put on America’s export no-fly list after Egypt used network tech for spying
Canadian network box maker floats in denial The US Commerce Department has blacklisted Sandvine for selling its networking monitoring technology to Egypt, where the Feds say the gear was used to spy on political and human-rights activists.…
NIST updates Cybersecurity Framework after a decade of lessons
The original was definitely getting a bit long in the tooth for modern challenges After ten years operating under the original model, and two years working to revise it, the National Institute of Standards and Technology (NIST) has released version 2.0 of its Cybersecurity Framework (CSF).…