Squire1039

joined 1 year ago
sorted by: new top controversial old
69
Guardio Uncovers Large-Scale "SubdoMailing" Campaign Abusing Well-known Brands (MSN, VMware, McAfee, etc.) (labs.guard.io)
 

Researchers at Guardio Labs discovered a vast campaign hijacking thousands of subdomains belonging to well-known brands (MSN, VMware, McAfee, The Economist, Cornell University, CBS, Marvel, eBay, etc.).

The attackers use these compromised subdomains to send millions of spammy and malicious emails daily, bypassing security measures by leveraging the trust associated with the hijacked brands.

Here's how it works:

  • Attackers hijack subdomains of established brands through various methods like complex DNS manipulation and exploiting abandoned domains.
  • They manipulate the hijacked subdomains' SPF records to make emails appear as if they originated from the legitimate brands.
  • These emails often contain deceptive content like fake cloud storage warnings, phishing attempts, or misleading advertisements.

The campaign is alarming for several reasons:

  • The scale: Over 8,000 domains have been compromised, and the number is growing.
  • The potential harm: Millions of spam and malicious emails are being sent daily.
60
MIT Researcher Creates Mind-Controlled Internet Search Headset (www.unilad.com)
 

Key Points

  • Arnav Kapur developed AlterEgo, a headset that allows users to search the internet using thought
  • The device picks up brain signals associated with words and uses them to query the internet
  • It can answer questions, solve math problems, and access information discreetly and silently.
  • Beyond personal use, it aims to help people with speech disorders like ALS (amyotrophic lateral sclerosis) and MS (multiple sclerosis).

Media Lab Links

Google has replaced the Google Assistant app on Android with Gemini by default in c/technology@lemmy.world
[–] Squire1039@lemm.ee 2 points 9 months ago

Lovely, that's a trick I haven't tried on Andorid.

Google has replaced the Google Assistant app on Android with Gemini by default in c/technology@lemmy.world
[–] Squire1039@lemm.ee 4 points 9 months ago (1 children)

Google assistant "app": https://play.google.com/store/apps/details?id=com.google.android.apps.googleassistant&hl=en&gl=US

I think once it's rolled out in your region, the assistant will pester you to switch to Gemini.

There is no Gemini app of any kind for me either.

Google has replaced the Google Assistant app on Android with Gemini by default in c/technology@lemmy.world
[–] Squire1039@lemm.ee 9 points 9 months ago

It looks like you can switch the assistant to the old one, and then turn that one off.

But just like Microsoft, Google is going to use this technology everywhere. If in the future (or now, if it is already available to you), you use features to describe images, summarize data, create texts, you probably will be using some form of Gemini.

328
Google has replaced the Google Assistant app on Android with Gemini by default (www.androidauthority.com)
 

This means:

  • Downloading or updating the Assistant app now gives you Gemini instead.
  • You can switch back to Assistant in the Gemini app settings.
  • This might be Google's first step towards replacing Assistant completely with Gemini.
  • Some users are unaware of the switch and see two Gemini apps on their phones.

Overall, this may suggest Google is phasing out Assistant and transitioning users to the newer Gemini AI technology.

Two Wi-Fi flaws expose Android, Linux devices to attacks in c/technology@lemmy.world
[–] Squire1039@lemm.ee 1 points 9 months ago

Considered it done. ;-)

Two Wi-Fi flaws expose Android, Linux devices to attacks in c/technology@lemmy.world
[–] Squire1039@lemm.ee 1 points 9 months ago (2 children)

The CVE-2023-52160, which applies to Android/linux/ChromeOS devices connecting to WPA2/WPA3 Enterprise, allows an attacker to fool the user to connect to a malicious SSID and intercept the traffic. So unencrypted traffic can be compromised. So, their listing of sensitive data, BEC, and password theft sound scary but probably affects very few services that don't encrypt the data.

Two Wi-Fi flaws expose Android, Linux devices to attacks in c/technology@lemmy.world
[–] Squire1039@lemm.ee 9 points 9 months ago (6 children)

Yeah, check out this link: https://www.top10vpn.com/research/wifi-vulnerabilities/ , it says any Linux device running Intel’s iNet Wireless Daemon in an AP mode.

100
[US] [EFF] NSA Spying Shirts Are Back Just In Time to Tell Congress to Reform Section 702 (www.eff.org)
 

The Electronic Frontier Foundation (EFF) is urging people to take action against the renewal of Section 702, a law that allows the NSA to conduct mass surveillance on US citizens.

Key points:

  • Section 702, originally intended for targeted overseas surveillance, is seen as enabling mass domestic spying.
  • EFF wants reforms and increased transparency before renewal.
  • They are selling "NSA Spying" shirts to raise awareness and funds for their fight.
  • You can also contact your representatives to oppose the renewal.

Call to action:

  • Buy a shirt to show support.
  • Contact your representatives.
  • Donate to EFF.
277
Two Wi-Fi flaws expose Android, Linux devices to attacks (thehackernews.com)
submitted 9 months ago* (last edited 9 months ago) by Squire1039@lemm.ee to c/technology@lemmy.world
19 comments fedilink
 

Vulnerabilities:

CVE-2023-52160 (wpa_supplicant) and CVE-2023-52161 (Intel's iNet Wireless Daemon) allow attackers to:

  • Trick users into joining fake Wi-Fi networks: Attackers can create malicious clones of legitimate networks and steal user data.
  • Gain unauthorized access to secure Wi-Fi networks: Attackers can join password-protected networks without needing the password, putting devices and data at risk.

Affected devices:

  • CVE-2023-52160: Android devices using wpa_supplicant versions 2.10 and prior (requires specific configuration).
  • CVE-2023-52161: Linux devices using iNet Wireless Daemon versions 2.12 and lower (any network using a Linux access point).

Mitigation:

  • Update your Linux distribution and ChromeOS (version 118 or later).
  • Android fix not yet available, but manually configure CA certificate for any saved enterprise networks as a temporary workaround.

Exploitation:

  • Attacker needs SSID and physical proximity for CVE-2023-52160.
  • CVE-2023-52161 requires no special knowledge, affecting any vulnerable network.

Links:

50
Phishing credential campaigns via Email Service Providers (ESPs): a dangerous tactic (www.kaspersky.com)
 

Target: Businesses using Email Service Providers (ESPs) like SendGrid to send email campaigns, and the receivers of the emails

Method:

  • Gain access to an ESP account: This could be through hijacking a legitimate account or other means.
  • Send phishing emails through the ESP: These emails pose as legitimate messages from the ESP, urging users to update security settings (e.g., enable 2FA).
  • Use spoofed links: The links in the email appear to point to the ESP's domain, bypassing usual phishing red flags.
  • Redirect to fake login page: Clicking the link leads to a website resembling the ESP's login page, designed to steal user credentials.

Why it's dangerous:

  • Increased trust: Users are more likely to open emails appearing to come from a familiar ESP.
  • Bypassing safeguards: Spoofed links and redirection make it harder to detect the scam.
AI Breakthrough Predicts and Prevents Plasma Disruptions in Fusion Reactors, Scientists Claims in c/technology@lemmy.world
[–] Squire1039@lemm.ee 9 points 9 months ago

AI is most likely here to stay, so if you have it do "good" things effectively, then's it's a good boi. If it is ineffective or you have it do "bad" things, then it's a bad boy.

238
AI Breakthrough Predicts and Prevents Plasma Disruptions in Fusion Reactors, Scientists Claims (www.vice.com)
 

Scientists at Princeton University have developed an AI model that can predict and prevent plasma instabilities, a major hurdle in achieving practical fusion energy.

Key points:

  • Problem: Plasma escaping containment in donut-shaped tokamak reactors disrupts fusion reactions and damages equipment.
  • Solution: AI model predicts instabilities 300 milliseconds before they happen, allowing for adjustments to keep plasma contained.
  • Significance: This is the first time AI has been used to proactively prevent tearing instabilities in fusion experiments.
  • Future: Researchers hope to refine the model for other reactors and optimize fusion reactions.
50
1Password Acquires Kolide to Strengthen Endpoint Security (techcrunch.com)
 

Key Points:

  • 1Password, a password management software company, has acquired Kolide, an endpoint security platform.
  • This move expands 1Password's security offerings beyond passwords, addressing the challenges of securing devices in a hybrid work environment.
  • Kolide's platform uses real-time device health checks to grant or block access to company applications, preventing unauthorized access attempts.
  • The acquisition strengthens 1Password's position in the growing endpoint security market
  • This is 1Password's third acquisition in recent years

Additional Details:

  • Kolide boasts customers like Databricks, Robinhood, and Discord.
  • This acquisition follows 1Password's successful 2023, exceeding $250 million in annual recurring revenue and a multibillion-dollar valuation.
  • 1Password plans to add 250 jobs this year

“1Password has focused on giving businesses the tools they need to make it easy for employees to keep their passwords secure,” Shiner added. “Kolide extends this ability further to make it easy for employees to keep their devices secure.

76
Threat Actors Exploring Large Language Models for Cyberattacks, Microsoft and OpenAI Report (www.microsoft.com)
 

Summary

This research, conducted by Microsoft and OpenAI, focuses on how nation-state actors and cybercriminals are using large language models (LLMs) in their attacks.

Key findings:

  • Threat actors are exploring LLMs for various tasks: gathering intelligence, developing tools, creating phishing emails, evading detection, and social engineering.
  • No major attacks using LLMs were observed: However, early-stage attempts suggest potential future threats.
  • Several nation-state actors were identified using LLMs: Including Russia, North Korea, Iran, and China.
  • Microsoft and OpenAI are taking action: Disabling accounts associated with malicious activity and improving LLM safeguards.

Specific examples:

  • Russia (Forest Blizzard): Used LLMs to research satellite and radar technologies, and for basic scripting tasks.
  • North Korea (Emerald Sleet): Used LLMs for research on experts and think tanks related to North Korea, phishing email content, and understanding vulnerabilities.
  • Iran (Crimson Sandstorm): Used LLMs for social engineering emails, code snippets, and evading detection techniques.
  • China (Charcoal Typhoon): Used LLMs for tool development, scripting, social engineering, and understanding cybersecurity tools.
  • China (Salmon Typhoon): Used LLMs for exploratory information gathering on various topics, including intelligence agencies, individuals, and cybersecurity matters.

Additional points:

  • The research identified eight LLM-themed TTPs (Tactics, Techniques, and Procedures) for the MITRE ATT&CK® framework to track malicious LLM use.
178
Rakuten launches cloud storage with unlimited file transfers, targets businesses and individuals, with free 10GB storage (www.techradar.com)
 

Highlights:

  • Rakuten Drive offers free 10GB storage and unlimited file transfers, unlike competitors.
  • Integrates with Microsoft 365 for document viewing and editing.
  • Targets both individuals and businesses with separate plans.
  • Paid "PRO" version increases storage to 1TB, allows bigger file uploads, and extends transfer link expiration.
  • Future integration with Rakuten's loyalty program planned.
U.S. Internet Leaked Years of Customer Emails in Major Security Blunder in c/technology@lemmy.world
[–] Squire1039@lemm.ee 1 points 9 months ago

No problem. Your question didn't other me at all. Cheers.

U.S. Internet Leaked Years of Customer Emails in Major Security Blunder in c/technology@lemmy.world
[–] Squire1039@lemm.ee 2 points 9 months ago (2 children)

I put it to the LLM manually. I end up reading articles by summaries first nowadays, and the real articles if interesting enough, so I typically share a summary I agree with.

Don't tell your AI anything personal, Google warns in new Gemini privacy notice in c/technology@lemmy.world
[–] Squire1039@lemm.ee 9 points 9 months ago

Love it! 😍 Hope somebody makes a cartoon out of it.

Don't tell your AI anything personal, Google warns in new Gemini privacy notice in c/technology@lemmy.world
[–] Squire1039@lemm.ee 7 points 9 months ago

Heck, these LLMs are really good at summary. Now, they can now summarize all your disparate data, including your weird interactions with Gemini (and associated apps), for advertisers' and governments' conveniences!

132
U.S. Internet Leaked Years of Customer Emails in Major Security Blunder (krebsonsecurity.com)
 

Comments

I guess "secure" doesn't mean what it means. Maybe secure, open, audited, and transparent would be better.

Key Points:

  • U.S. Internet, an internet service provider with a secure email service offering, exposed years of internal and customer emails online.
  • The leak included emails dating back to 2008, affecting thousands of customers and employees, including government agencies.
  • The cause was a misconfigured security setting, reportedly due to a mistake by a former employee.
  • The company has not disclosed the duration of the leak or how many users were affected.
  • Security experts criticize the lack of transparency and urge regulators to investigate.

Additional Information:

  • The leak include internal emails of every U.S. Internet and subsidiary USI Wireless employees.
  • Hackers exploited a U.S. Internet service to redirect users to malicious websites.
  • U.S. Internet hasn't responded to inquiries about the incident or implemented public disclosures.

Overall:

This data breach highlights the importance of robust security measures and transparency in protecting sensitive information. The large-scale exposure of emails raises concerns about potential damage to individuals and organizations, while the company's response is seen as inadequate by experts. Further investigation and stricter regulations may be necessary to address such security failures.

Don't tell your AI anything personal, Google warns in new Gemini privacy notice in c/technology@lemmy.world
[–] Squire1039@lemm.ee 4 points 9 months ago

Yes, especially because Gemini is used (now, optionally) in place of Google assistant. You give personal information to Google assistant for convenience, but Gemini would use the information more, most likely in unexpected ways too.

215
Don't tell your AI anything personal, Google warns in new Gemini privacy notice (www.zdnet.com)
 

Google Warns of Privacy Risks with New AI Assistant "Gemini"

Key Points:

  • Google's new AI assistant, Gemini, collects your conversations, location, feedback, and usage information.
  • Be cautious: This includes your actual conversations, not just summaries. They are stored for 3 years, even after deleting activity.
  • Don't share sensitive information: Google may use it to improve AI and might share it with human reviewers.
  • Even turning off activity tracking doesn't prevent conversations from being saved for 72 hours.

Additional Notes:

  • This applies to all Gemini apps, not just the main assistant.
  • Google claims they don't sell your information but use it for internal purposes.
view more: ‹ prev next ›