Pulse of Truth

Cloudflare recently mitigated another record-breaking DDoS attack, peaking at 3.8 Tbps and 2.14 billion Pps.  The post Record-Breaking DDoS Attack Peaked at 3.8 Tbps, 2.14 Billion Pps appeared first on SecurityWeek.

The threat actors behind the Rhadamanthys information stealer have added new advanced features to the malware, including using artificial intelligence (AI) for optical character recognition (OCR) as part of what's called "Seed Phrase Image Recognition." "This allows Rhadamanthys to extract cryptocurrency wallet seed phrases from images, making it a highly potent threat for anyone dealing in

And what looks like proof stolen data was never deleted even after ransom paid Building on the success of what's known around here as LockBit Leak Week in February, the authorities say they've arrested a further four individuals with ties to the now-scuppered LockBit ransomware empire.…

Illustration by Alex Castro / The Verge

T-Mobile is investing millions of dollars into revamping its cybersecurity practices as part of a settlement with the US Federal Communications Commission. The company will also need to pay the US Treasury $15.75 million in civil penalties — the same amount as its internal cybersecurity investment. The commission says this “groundbreaking” settlement will serve as a model for the industry. Data breaches at T-Mobile in the last few years have leaked social security numbers, addresses, and driver’s license numbers for millions of people. The settlement clears up several T-Mobile investigations involving cybersecurity incidents in 2021, 2022, and 2023. The FCC press release says, “...these investigations developed evidence that the breaches...

Continue reading…

Illustration by Alex Castro / The Verge

Gamers hoping to spend an evening in front of their PlayStation 5 or PlayStation 4 may be out of luck unless they enjoy single-player experiences (have you tried Astro Bot?). Sony’s gaming network is suffering a massive outage on Monday night. The official PSN Service Status page confirms problems affecting everything, “Other, PS Vita, PS3, PS4, PS5, Web.” If it’s PlayStation — it’s not working. The most recent update tagged 9:21PM ET says that for gaming, “You might have difficulty launching games, apps, or network features. We’re working to resolve the issue as soon as possible. Thank you for your patience.” On my end, attempting to launch a game brought up “PS5 error Code WS-116522-7,” and the associated webpage from Sony tells me...

Continue reading…

Intruders accessed machines via tool bundled with ScienceLogic, 'limited' info taken, customers told not to worry Exclusive  Rackspace has told customers intruders exploited a zero-day bug in a third-party application it was using, and abused that vulnerability to break into its internal performance monitoring environment.…

The U.S. government has indicted a co-owner of a Minnesota IT company for his participation in an international conspiracy to sell forged license keys for networking devices. [...]

Microsoft has introduced an updated version of the "Publish API for Edge extension developers" that increases the security for developer accounts and the updating of browser extensions. [...]

LLMs are helpful, but don't use them for anything important AI models just can't seem to stop making things up. As two recent studies point out, that proclivity underscores prior warnings not to rely on AI advice for anything that really matters.…

Alethe Denis exposes tricks that made you fall for that return-to-office survey Interview  A hacker walked into a "very big city" building on a Wednesday morning with no keys to any doors or elevators, determined to steal sensitive data by breaking into both the physical space and the corporate Wi-Fi network.…

It’s a well-known secret that inkjet ink is being kept at artificially high prices, which is why many opt to forego ‘genuine’ manufacturer cartridges and get third-party ones instead. Many …read more

Researchers from ETH Zurich have devised a machine learning program that can solve Google reCAPTCHA v2 image recognition challenges with perfect accuracy. Although these often-maligned tests are becoming obsolete, they still play an important role in internet security.Read Entire Article

If your memory of slot cars as a childhood toy is of lightweight controllers with wire-wound rheostats inside, then you’re many years behind the state of the art when it …read more

See that little circle? That’s a camera. | Photo by Vjeran Pavic / The Verge

All around Meta’s Menlo Park campus, cameras stared at me. I’m not talking about security cameras or my fellow reporters’ DSLRs. I’m not even talking about smartphones. I mean Ray-Ban and Meta’s smart glasses, which Meta hopes we’ll all — one day, in some form — wear. I visited Meta for this year’s Connect conference, where just about every hardware product involved cameras. They’re on the Ray-Ban Meta smart glasses that got a software update, the new Quest 3S virtual reality headset, and Meta’s prototype Orion AR glasses. Orion is what Meta calls a “time machine”: a functioning example of what full-fledged AR could look like, years before it will be consumer-ready. But on Meta’s campus, at least, the Ray-Bans were already everywhere. It...

Continue reading…

Comments

LinkedIn’s AI-training kerfuffle is a stark reminder that telling users they can “opt out” of something is mostly meaningless. But first...

A few days ago the source code for the popular Winamp music player was released into the world, with as we reported at the time, a licence that left a …read more

AI screengrab service to be opt-in, features encryption, biometrics, enclaves, more Microsoft has revised the Recall feature for its Copilot+ PCs and insists that the self-surveillance system is secure.…

You may have arrived at this post because you received an email with an attached PDF from a purported hacker who is demanding payment or else they will send compromising information—such as pictures sexual in nature—to all your friends and family. You’re searching for what to do in this frightening situation, and how to respond to an apparently personalized threat that even includes your actual “LastNameFirstName.pdf” and a picture of your house. Don’t panic. Contrary to the claims in your email, you probably haven't been hacked (or at least, that's not what prompted that email). This is merely a new variation on an old scam —actually, a whole category of scams called "sextortion." This is a type of online phishing that is targeting people around the world and preying on digital-age fears. It generally uses publicly available information or information from data breaches, not information obtained from hacking the recipients of the emails specifically, and therefore it is very unlikely the sender has any "incriminating" photos or has actually hacked your accounts or devices. They begin the emails showing you your address, full name, and possibly a picture of your house.  We’ll talk about a few steps to take to protect yourself, but the first and foremost piece of advice we have: do not pay the ransom. We have pasted an example of this email scam at the bottom of this post. The general gist is that a hacker claims to have compromised your computer and says[...]

Google has revealed that its transition to memory-safe languages such as Rust as part of its secure-by-design approach has led to the percentage of memory-safe vulnerabilities discovered in Android dropping from 76% to 24% over a period of six years. The tech giant said focusing on Safe Coding for new features not only reduces the overall security risk of a codebase, but also makes the switch

The European privacy rights organization noyb has filed a formal complaint against Mozilla for enabling a new feature in its Firefox browser that allegedly tracks users without their consent. The feature in question, called Privacy-Preserving Attribution (PPA), is designed to measure the effectiveness of online advertisements while minimizing data collection, but noyb claims it violates … The post Mozilla Faces GDPR Complaint Over Firefox Tracking Users Without Consent appeared first on RestorePrivacy.

Quick fix: Remove cups-browsed, block UDP port 631 Updated  After days of waiting and anticipation, what was billed as one or more critical unauthenticated remote-code execution vulnerabilities in all Linux systems was today finally revealed.…

Ian King / Bloomberg: Source: Arm approached Intel about potentially buying Intel's product group, but not factory operations; Intel declined, saying the division isn't for sale  —  - Intel's rapid decline has spurred takeover speculation  — Arm is interested in product group, not factory operations

What happens when a small business can’t afford a ransomware payment? But first…

A group of security researchers discovered critical flaws in Kia's dealer portal that could let hackers locate and steal millions of Kia cars made after 2013 using just the targeted vehicle's license plate. [...]

Meta announced that it's ending its direct peering relationship with Deutsche Telekom following a court's ruling earlier this year that would oblige the tech firm to pay the telecom €20,000,000 to continue using its network. [...]

The technique leverages quantum properties of light to guarantee security while preserving the accuracy of a deep-learning model.

Four Chocolate Factory trackers cracked the Top 25 in all regions Google, once again, is the "undisputed leader" when it comes to monitoring people's behavior on the internet, according to Kaspersky's annual web tracking report.…

Arkansas City, a small city in Cowley County, Kansas, was forced to switch its water treatment facility to manual operations over the weekend to contain a cyberattack detected on Sunday morning. [...]