Subscribe

Biz & IT / Informed technology

  1. No, Okta, senior management, not an errant employee, caused you to get hacked

    If a transgression by a single employee breaches your network, you're doing it wrong.

  2. Okta hit by another breach, this one stealing employee data from 3rd-party vendor

    Threat actor gained access to vendor's IT environment and exfiltrated personal data.

  3. This tiny device is sending updated iPhones into a never-ending DoS loop

    No cure yet for a popular iPhone attack, except for turning off Bluetooth.

  4. “Catastrophic” AI harms among warnings in declaration signed by 28 nations

    "Bletchley Declaration" sums up first day of UK's international AI Safety Summit.

  5. Inserted AI-generated Microsoft poll about woman’s death rankles The Guardian

    Speculative AI news poll presented three choices: Murder, accident, or suicide.

  6. Windows CE, Microsoft’s stunted middle child, reaches end of support at 26 years

    From netbooks and PDAs to ATMs, voting kiosks, and ungainly presidential phones.

  7. “This vulnerability is now under mass exploitation.” Citrix Bleed bug bites hard

    By some estimates, 20,000 devices have already been hacked.

  8. Biden issues sweeping executive order that touches AI risk, deepfakes, privacy

    Order details US admin's approach to AI safety, media authenticity, job loss, and more.

  9. Microsoft profiles new threat group with unusual but effective practices

    Octo Tempest employs tactics that many of its targets aren't prepared for.

  10. People are speaking with ChatGPT for hours, bringing 2013’s Her closer to reality

    Long mobile conversations with the AI assistant using AirPods echo the sci-fi film.

  11. iPhones have been exposing your unique MAC despite Apple’s promises otherwise

    “From the get-go, this feature was useless,” researcher says of feature put into iOS 14.

  12. Pro-Russia hackers target inboxes with 0-day in webmail app used by millions

    Previously unknown XSS in Roundcube let Winter Vivern steal government emails.

  1. University of Chicago researchers seek to “poison” AI art generators with Nightshade

    Altered images could destroy AI model training efforts that scrape art without consent.

  2. Apple backs national right-to-repair bill, offering parts, manuals, and tools

    Repair advocates say Apple's move is beneficial, but also strategic.

  3. Hackers can force iOS and macOS browsers to divulge passwords and much more

    iLeakage is practical and requires minimal resources. A patch isn't (yet) available.

  4. “Do not open robots,” warns Oregon State amid college food delivery bomb prank

    OSU officials isolate food robots after bomb threat, later resolved with an arrest.

  5. US surprises Nvidia by speeding up new AI chip export ban

    Nvidia tried to end-run restrictions with new designs, but US govt said not so fast.

  6. 1Password detects “suspicious activity” in its internal Okta account

    1Password CTO says investigation found no compromise of user data or sensitive systems.

  7. Stanford researchers challenge OpenAI, others over AI transparency in new report

    Researchers say "most transparent" AI model scores only 54% on their index.

    Updated

  8. Eureka: With GPT-4 overseeing training, robots can learn much faster

    GPU-based physics simulator speeds up reality by "1,000x" while GPT-4 calls the shots.

  9. Feel-good story of the week: Two ransomware gangs meet their demise

    One is fatally hacked, the other shut down in international police dragnet.

  10. Okta says hackers breached its support system and viewed customer files

    Hackers obtained valid credentials, but Okta doesn't say how.

  11. Thanks to AI, the future of programming may involve YELLING IN ALL CAPS

    Politeness and emphasis play a surprising role in AI-model communications.

  12. RIP to my 8-port Unifi switch after years and years of Texas outdoor temps

    Turns out that only lightning could kill the otherwise-unkillable US-8-150W.

  1. The latest high-severity Citrix vulnerability under attack isn’t easy to fix

    If you run a Netscaler ADC or Gateway, assume it's compromised and take action... fast.

  2. There’s a new way to flip bits in DRAM, and it works against the latest defenses

    New technique produces lots of bitflips and could one day help form an attack.

  3. Google-hosted malvertising leads to fake Keepass site that looks genuine

    Google-verified advertiser + legit-looking URL + valid TLS cert = convincing lookalike.

  4. At TED AI 2023, experts debate whether we’ve created “the new electricity”

    Is AI going to replace us all, or is it just humanity's newest tool?

  5. AI chatbots can infer an alarming amount of info about you from your responses

    This troubling ability could be used by scammers or to target ads.

  6. Mazda’s DMCA takedown kills a hobbyist’s smart car API tool

    Financial risk too great for dev working "in my spare time to help others."

    Updated

  7. “Cisco buried the lede.” >10,000 network devices backdoored through unpatched 0-day

    An unknown threat actor is exploiting the vulnerability to create admin accounts.

  8. Google will shield AI users from copyright challenges, within limits

    New policy covers training data and AI output—but no mention of Bard.

  9. Biggest DDoSes of all time generated by protocol 0-day in HTTP/2

    More than 8 years after the adoption of HTTP/2, DDoSers devise rapid reset attack.

  10. Adobe launches new symbol to tag AI-generated content—but will anyone use it?

    New icon, metadata seek to illuminate origins of content—AI-generated or otherwise.

  11. CD-indexing cue files are the core of a serious Linux remote code exploit

    Yet another tiny, crucial piece of volunteer software begets a big problem.

  12. Adobe’s AI image generators get beefy updates, including vector graphics

    Firefly 2 improves detail, Firefly Vector generates scalable vectors from a prompt.

Load more stories...