Archive for the ‘cybercrime/malcode’ category: Page 20

Jun 27, 2023

Facebook users targeted in copyright infringement scam

Posted by in categories: cybercrime/malcode, policy

Shouldn’t Facebook have alerted us and not CBS News?

The fake notice went on to say that a photo uploaded to the account’s page violated Facebook’s copyright infringement policy and that the decision could be appealed within 24 hours.

Continue reading “Facebook users targeted in copyright infringement scam” »

Jun 26, 2023

How AI is reshaping demand for IT skills and talent

Posted by in categories: cybercrime/malcode, employment, ethics, governance, robotics/AI

AI is quickly becoming an essential part of daily work. It’s already being used to help improve operational processes, strengthen customer service, measure employee experience, and bolster cybersecurity efforts, among other applications. And with AI deepening its presence in daily life, as more people turn to AI bot services, such as ChatGPT, to answer questions and get help with tasks, its presence in the workplace will only accelerate.

Much of the discussion around AI in the workplace has been about the jobs it could replace. It’s also sparked conversations around ethics, compliance, and governance issues, with many companies taking a cautious approach to adopting AI technologies and IT leaders debating the best path forward.

While the full promise of AI is still uncertain, it’s early impact on the workplace can’t be ignored. It’s clear that AI will make its mark on every industry in the coming years, and it’s already creating a shift in demand for skills employers are looking for. AI has also sparked renewed interest in long-held IT skills, while creating entirely new roles and skills companies will need to adopt to successfully embrace AI.

Jun 25, 2023

NASA Hack Squeezes More Time Out of Dying Voyager 2 Probe

Posted by in categories: cybercrime/malcode, energy, space

It turns out that reports of its death were greatly exaggerated. NASA says it’s figured out a way to extend the mission of its interstellar Voyager 2 probe by another three years.

And that’s no easy feat, considering the probe has been screaming through the cosmos since 1977 and is currently more than 12 billion miles from Earth.

The probe recently switched to its backup power reserves, which were originally set aside as part of an onboard safety mechanism, according to an update by NASA’s Jet Propulsion Laboratory.

Jun 24, 2023

Hackers Leak Over 100,000 ChatGPT Credentials on the Dark Web

Posted by in category: cybercrime/malcode

The theft of the ChatGPT login credentials was orchestrated using the Raccoon Infostealer malware, said cybersecurity firm Group-IB.

Jun 24, 2023

Securing DevOps: How Hackers Access Cloud Production Systems

Posted by in category: cybercrime/malcode

Attackers are increasingly targeting vulnerable developer laptops to infiltrate production systems without directly attacking them, warned cloud security expert Lee Atchison.

Instead of waiting for an application to become fully functional, hackers target the development process used to bring an application to a state of operation, Atchison said, speaking at a recent Uptycs-sponsored Cybersecurity Standup, “Castles in the Sky – Secure Your App Dev Pipeline From Laptop to Cloud.”

“We focus so much attention on keeping data and cloud data centers secure. But we haven’t realized that all of this technology feeds into the data centers and that one of the primary drivers of that is developers, the source code they develop, and the machines that they develop the source code on,” Atchison said. “Those DevOps machines feed into the production systems but have nowhere near the level of protection behind them that the production data centers do.”

Jun 22, 2023

Code Gets ‘God Mode’: GitHub Copilot X GPT-4

Posted by in categories: cybercrime/malcode, internet, robotics/AI, space travel

Chat gpt 4 has near limitless potential for AI good and it helping so many coders already. It is much like the beginning of the star trek computer and Jarvis from Ironman. It is actually making quick work of all the coding tasks. The real potential is full automation where even work and society could evolve millions of years in seconds. For space exploration we could see it implemented for information of all kinds that is accurate. Eventually it really could be a star trek computer for space exploration. This will only get smarter and Eventually gaps of knowledge even from college level tasks can be easily done and beyond. Along with neuralink even humans could have accurate knowledge with chat gpt 4 including all known knowledge like the entire internet inside neuralink eventually. This could even help with guarding against the superintelligence if that were to happen. Also can even guard nations eventually from polymorphic malware. This tool is a definite force of AI good so stay tuned to chat gpt 4 and beyond.

Hold onto your hats! Microsoft has done it again with the announcement of GitHub Copilot X powered by GPT-4. This shiny new iteration offers many features that will make your pair programming experience feel like a walk in the park.

Jun 20, 2023

Easily hack into Azure Bastion and Azure Container Registry via XSS vulnerabilities

Posted by in category: cybercrime/malcode

Microsoft Azure Bastion and Azure Container Registry have each been found to have one potentially “dangerous” security flaw that, if taken advantage of, may have resulted in a cross-site scripting (XSS) attack being carried out on the affected service. XSS attacks take occur when threat actors insert arbitrary code into a website that would otherwise be trusted. This code is then run each time visitors who are not aware of the attack visit the website.

Both of the vulnerabilities that Orca found take use of a vulnerability in the postMessage iframe, which makes it possible for Window objects to communicate with one another across domains. The vulnerabilities allowed for illegal access to the victim’s session inside the compromised Azure service iframe. This may result in serious repercussions, such as unauthorized data access, unauthorized alterations, and interruption of the Azure services iframes, among other things. This meant that the vulnerability could be exploited to embed endpoints into remote servers by utilizing the iframe element. This would eventually result in the execution of malicious JavaScript code, which would compromise sensitive data.

However, in order to take advantage of these vulnerabilities, a threat actor would first need to undertake reconnaissance on various Azure services in order to identify vulnerable endpoints contained inside the Azure interface. These endpoints may be missing X-Frame-Options headers or have Content Security Policies (CSPs) that are inadequate.

Jun 19, 2023

DIY Picosatellites Hack Chat

Posted by in categories: cybercrime/malcode, satellites

Join us on Wednesday, June 21 at noon Pacific for the DIY Picosatellites Hack Chat with Nathaniel Evry!

Building a satellite and putting it in orbit was until very recently something only a nation had the resources to accomplish, and even then only a select few. Oh sure, there were a few amateur satellites that somehow managed to get built on a shoestring budget and hitch a ride into space, and while their stories are deservedly the stuff of legends, satellite construction took a very long time to be democratized.

Fast forward a half-dozen or so decades, and things have changed dramatically. Satellite launches are still complex affairs — it’s still rocket science, after all — but the advent of the CubeSat format and the increased tempo of launches, both national and commercial, has pushed the barriers to private, low-budget launches way, way down. So much so, in fact, that the phrase “space startup” is no longer something to snicker about.

Jun 19, 2023

Starlink is One Among Many LEO Constellations Affected by Satellite Signal Jamming

Posted by in categories: cybercrime/malcode, Elon Musk, internet, satellites

After Russian hackers destroyed Viasat satellite ground receivers spanning Europe, SpaceX provided coverage via Starlink, its Lower Earth Orbit satellite constellation, and soon began noticing cyberattacks and software interferences. Now, a year later, the U.S. Department of Defense announced Russia is still attempting to complicate connections within the satellite constellation and others like it.

Documents were leaked by U.S. National Guard airman Ryan Teixeira, as reported by The Washington Post back in April of 2023. Ukraine has also stated it is experiencing similar security issues.

“Russia’s quest to sabotage Ukrainian forces’ internet access by targeting the Starlink satellite operations that billionaire Elon Musk has provided to Kyiv since the war’s earliest days appear to be more advanced than previously known, according to a classified U.S. intelligence report.”

Jun 18, 2023

Cybersecurity in the Era of Generative AI

Posted by in categories: business, cybercrime/malcode, government, information science, robotics/AI

There’s no shortage of emerging applications and projects that promise increased productivity, new levels of automation, and cutting-edge innovation. But all too often, AI initiatives within the enterprise fail to get off the ground, and there can be vast and costly unintended consequences when this technology is applied to the wrong use cases or falls into the wrong hands.

In the case of cyber defense, widespread accessibility to generative AI tools, as well as the increasing sophistication of nation-state actors, means that threats are more personalized and convincing than ever. In an era of algorithms fighting algorithms, human defenders must effectively team up with AI to build cyber resiliency and prevent business disruption.

Presented by expert stakeholders from industry, academia, and government, this event is designed to offer practical guidance for security teams to cut through the noise and unleash the power of AI responsibly and effectively.

Page 20 of 194First1718192021222324Last