-
+30 +1
Why it's hard to defend against AI prompt injection attacks
In the rush to commercialize LLMs, security got left behind
-
+22 +1
Need to charge your phone? Think twice — 'juice jackers' might come for you
The U.S. government is warning of the dangers of using public, free cellphone charging stations, such as airports, hotels and shopping centers. The FCC put out a statement, and local branches of the FBI are also expressing concern. That's because cybercriminals are using the USB cables at these charging stations to hack into phones while they're charging.
-
+15 +1
FBI warns against using public phone charging stations
The FBI recently warned consumers against using free public charging stations, saying crooks have managed to hijack public chargers that can infect devices with malware, or software that can give hackers access to your phone, tablet or computer.
-
+13 +1
Open garage doors anywhere in the world by exploiting this “smart” device
A market-leading garage door controller is so riddled with severe security and privacy vulnerabilities that the researcher who discovered them, Sam Sabetan, is advising anyone using one to immediately disconnect it until they are fixed.
-
+21 +1
Three ways AI chatbots are a security disaster
AI language models are the shiniest, most exciting thing in tech right now. But they’re poised to create a major new problem: they are ridiculously easy to misuse and to deploy as powerful phishing or scamming tools. No programming skills are needed. What’s worse is that there is no known fix.
-
+14 +1
200 malicious Android and iOS apps draining bank accounts — check your phone now
If you need another reminder to be careful when downloading new apps for your devices, a new batch of malicious apps has been discovered stealing both data and money from unsuspecting users. As reported by Laptop Mag(opens in new tab), these 203 malicious iOS and Android apps were first discovered by Thailand’s Ministry of Digital Economy and Society (DES) and the UK’s National Cyber Security Centre (NCSC).
-
+21 +1
US federal agencies required to adopt post-quantum security, private sector advised to follow
In an era of quantum computing "arms race", it is time to transition to quantum-safe systems.
-
+24 +1
Redis Cloud Introduces Short-Lived TLS Certificates
We’re changing some of our security practices. Here is what you need to know to ensure a smooth transition.
-
+21 +1
Google tells users of some Android phones: Nuke voice calling to avoid infection
Google is urging owners of certain Android phones to take urgent action to protect themselves from critical vulnerabilities that give skilled hackers the ability to surreptitiously compromise their devices by making a specially crafted call to their number. It’s not clear if all actions urged are even possible, however, and even if they are, the measures will neuter devices of most voice-calling capabilities.
-
+9 +1
The US government is once again threatening to ban TikTok. What you should know
Nearly two-and-a-half years after the Trump administration threatened to ban TikTok in the United States if it didn't divest from its Chinese owners, the Biden administration is now doing the same.
-
+22 +1
Voice system used to verify identity by Centrelink can be fooled by AI
A voice identification system used by the Australian government for millions of people has a serious security flaw, a Guardian Australia investigation has found. Centrelink and the Australian Taxation Office (ATO) both give people the option of using a “voiceprint”, along with other information, to verify their identity over the phone, allowing them to then access sensitive information from their accounts.
-
+4 +1
A ransomware gang claims it has breached Ring and is threatening to leak data
A popular ransomware operator claims to have compromised Ring, the Amazon-owned company that builds smart doorbells with cameras. A new report on Vice’s Motherboard states that the group known as ALPHV, popular for its use of the BlackCat encryptor malware, added a new entry to its leak site, next to which is Ring’s logo.
-
+16 +1
A Developer's Guide to Blocking Fraud Threats | Redis
Developers are expected to level-up their baked-in security measures, but that’s easier said than done. Here are some helpful tips.
-
+4 +1
The UK is banning TikTok on government devices — joining the US, Canada, and the EU — despite a charm offensive dubbed 'Project Clover,' report says
TikTok executives met with British policy advisers last Monday, but attendees told the WSJ they remained skeptical of its ability to protect data.
-
+31 +1
Opinion: My data got leaked in Indigo’s ransomware attack, years after I left. We need better cybersecurity rules
It has become clear that there is little clarity in the law about the obligations an employer owes to its current and former employees
-
+4 +1
Chinese city claims to have destroyed 1 billion pieces of personal data collected for Covid control | CNN
A Chinese city says it has destroyed a billion pieces of personal data collected during the pandemic, as local governments gradually dismantle their coronavirus surveillance and tracking systems after abandoning the country's controversial zero-Covid policy.
-
+4 +1
China Is Relentlessly Hacking Its Neighbors
New details reveal that Beijing-backed hackers targeted the Association of Southeast Asian Nations, adding to a string of attacks in the region.
-
+4 +1
White House releases ambitious cyber strategy calling for more regulation of vulnerable sectors
The White House on Thursday released an ambitious national cybersecurity strategy that calls for new federal regulation of vulnerable critical infrastructure firms and for software makers to be held liable when their products leave gaping holes for hackers to exploit.
-
+32 +1
Reddit Says It Was Hacked But That You Don't Need to Worry. Probably.
The social media site says that a phishing incident led to the theft of company data but that user data is safe. Reddit says that it was hacked earlier this month, in a security incident that compromised some company data. However, the company says that Redditors have no need to fear because user data was not impacted by the episode—at least, that the company knows of...“so far.”
-
+16 +1
Reddit says hackers accessed internal data following employee phishing attack
Reddit has confirmed hackers accessed internal documents and source code following a “highly-targeted” phishing attack. A post by Reddit CTO Christopher Slowe, or KeyserSosa, explained that on February 5 the company became aware of the “sophisticated” attack targeting Reddit employees. He says that an as-yet-unidentified attacker sent “plausible-sounding prompts,” which redirected employees to a website masquerading as Reddit’s intranet portal in an attempt to steal credentials and two-factor authentication tokens.
Submit a link
Start a discussion