Ars Technica
Wikipedia + AI = truth? DuckDuckGo hopes so with new answerbot
DuckAssist provides an AI-powered Wikipedia summary, hoping to avoid hallucinations.
SecurityWeek
Attackers Can Use Modified Wikipedia Pages to Mount Redirection Attacks on Slack
Researchers document the Wiki-Slack attack, a new technique that uses modified Wikipedia pages to target end users on Slack.
Ars Technica
AI-generated articles prompt Wikipedia to downgrade CNET’s reliability rating
Futurism report highlights the reputational cost of publishing AI-generated content.
The Hacker News
New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Installers
Malicious sites posing as legit Windows news portals spotted distributing malware disguised as CPU-Z.
Bleeping Computer
DuckDuckGo launches AI-powered search query answering tool
Privacy-focused search engine DuckDuckGo has launched the first beta version of DuckAssist, an AI-assisted feature that writes accurate summaries to answer users' search queries.
Latest Hacking News
After Bing, Brave And DuckDuckGo Also Integrate AI For Better Search
With a few days gap, the two privacy-focused search services, Brave and DuckDuckGo, have announced improving their search engines with AI tools. These announcements come soon after Microsoft disclosed integrating ChatGPT in Bing search. Brave And
SecurityWeek
New GPU Side-Channel Attack Allows Malicious Websites to Steal Data
GPUs from AMD, Apple, Arm, Intel, Nvidia and Qualcomm are vulnerable to a new type of side-channel attack named GPU.zip.
.webp)
Cyber Security News
New Breed of Romance Scams Employs Fake Cryptocurrency Exchanges
Romance scam schemes involve intricate manipulations, including using fake cryptocurrency exchanges to defraud victims.
CyberScoop
Largest-ever DDoS leverages zero-day vulnerability
A new zero-day led to the largest distributed denial of service attack ever seen on the internet, according to a group of tech companies.
Ars Technica
Massive Yandex code leak reveals Russian search engine’s ranking factors
Details show how the world's fourth-largest search engine ranks webpages.
CyberNews
Large online dictionary leaks nearly 7M records
Online dictionary Glosbe leaks user data.
CyberNews
Online images amplify gender biases, study finds
Big data analysis shows women to be starkly underrepresented in online images, where gender biases are stronger compared to text.
SecurityWeek
Sandwich Chain Subway Investigating Ransomware Group's Claims
The LockBit ransomware group claims to have stolen hundreds of gigabytes of data from US sandwich chain Subway.
DataBreaches
Cz: National library reports outage due to cyberattack
Last month, DataBreaches.net reported an attack on the municipality of Olomouc in the Czech Republic. This month, we report an attack on Národní knihovna...
Bleeping Computer
Hands on with GPT-4-powered Bing AI Chat's virtual search
Bing Chat continues to enrich its user experience by rolling out a new feature - Visual Search in Chat. This function combines the power of OpenAI's GPT-4 model with image search abilities to offer a more interactive way of browsing the web.
CSO
Microsoft Azure’s Russinovich sheds light on key generative AI threats
Generative AI models have a larger attack surface than many CSOs might think. Microsoft Azure’s CTO walked through some of the more significant challenges facing developers and defenders.
The Hacker News
Google Cloud Blocks Record DDoS attack of 46 Million Requests Per Second
Google says it has fended off the largest ever HTTPS-based distributed denial of service (DDoS) attack to date, which peaked at 46 million requests.
ZDNet
Wikimedia Foundation dumps ability to accept cryptocurrency for donations | ZDNet
Following a process that saw 71% of users vote on a request for Wikimedia to stop accepting cryptocurrency, the foundation has followed through.
PCMag
Pornhub Gets Pulled Into EU's Strict DSA Rules: Can It Comply?
Pornhub, Stripchat, and XVideos are now designated as 'very large online platforms' under the Digital Services Act alongside TikTok, Instagram, YouTube, and more.
The Record
New WikiLoader malware targets Italian organizations
Researchers at Proofpoint say the WikiLoader downloader has been aimed at organizations in Italy, to spread Ursnif malware and other malicious code.
Bleeping Computer
Cookware giant Meyer discloses cyberattack that impacted employees
Meyer Corporation, the largest cookware distributor in the U.S., and the second-largest globally, has informed U.S. Attorney General offices of a data breach affecting thousands of its employees.
Cyber Security News
Over 1,300 Domains Used to Deliver Notorious Information Stealer Malware
The official AnyDesk website is being impersonated using more than 1,300 domains, all of which are linking to a Dropbox folder that delivers the malware that steals information, Vidar.
Ars Technica
GPUs from all major suppliers are vulnerable to new pixel-stealing attack
A previously unknown compression side channel in GPUs can expose images thought to be private.
Bleeping Computer
Animated QR codes: how do they work, and how to create your own?
Is there such a thing as animated QR codes? And could they work? Even those who may not know how exactly QR codes work have pretty much been exposed to them by now.
Bleeping Computer
University websites using MediaWiki, TWiki hacked to serve Fortnite spam
Websites of multiple U.S. universities are serving Fortnite and 'gift card' spam. Researchers observed Wiki and documentation pages being hosted by universities including Stanford, MIT, Berkeley, UMass Amherst, Northeastern, Caltech, among others, were compromised.
Bleeping Computer
UK retail chain The Works shuts down stores after cyberattack
British retail chain The Works announced it was forced to shut down several stores due to till issues caused by a cyber-security incident involving unauthorized access to its computer systems.
Bleeping Computer
Chase bank accidentally leaked customer info to other customers
Chase Bank has admitted to the presence of a technical bug on its online banking website and app that allowed accidental leakage of customer banking information to other customers.
CSO
Amazon, Facebook, Twitter on EU list of companies facing DSA content rules
The EU Commission has announced the 19 online companies and search engines, including Bing and Google, that will have to comply with new transparency and accountability regulations by August.
Bleeping Computer
Greece's public postal service offline due to ransomware attack
ELTA, the state-owned provider of postal services in Greece, has disclosed a ransomware incident detected on Sunday that is still keeping most of the organizations services offline.
Cyber Security News
New GPU Side Channel Vulnerability Impacts GPUs from Intel, AMD, Apple & Nvidia
A new research paper has been published that mentions a side-channel attack to leak sensitive visual data from modern GPU cards when visiting a malicious website.
SecurityWeek
QCT Servers Affected by 'Pantsdown' BMC Vulnerability
Eclypsium discovered that QCT servers are affected by the old BMC vulnerability identified as CVE-2019-6260 and Pantsdown.
Bleeping Computer
Malicious Notepad++ Google ads evade detection for months
A new Google Search malvertizing campaign targets users looking to download the popular Notepad++ text editor, employing advanced techniques to evade detection and analysis.
Bleeping Computer
Signal calls on users to run proxies for bypassing Iran blocks
Signal is urging its global community to help people in Iran stay connected with each other and the rest of the world by volunteering proxies to bypass the aggressive restrictions imposed by the Iranian regime.
CyberNews
Google blocks a record DDoS attack of 46 million requests per second | Cybernews
Distributed denial-of-service (DDoS) attacks are increasing in frequency and growing in size exponentially. Google Cloud Armor customer was recently hit with the largest Layer 7 DDoS attack to date.
The Hacker News
Cybercriminals Renting WikiLoader to Target Italian Organizations with Banking Trojan
A sophisticated malware called WikiLoader is being used to install banking trojan Ursnif and spyware.
Cyber Security News
Beware of New Phishing Attacks Mimicking Booking.com and Airbnb
Beware of attackers masquerading as well-known vacation rental websites such as Airbnb and Booking.com.
Latest Hacking News
Kevin Mitnick Dies Age 59
Kevin Mitnick dies at the age of 59 after a battle with pancreatic cancer. His life journey from a notorious hacker to a respected cybersecurity consultant is a tale of transformation and redemption. The Early Days
Cyber Security News
HTTPS DDOS Attack Recorded By Google with 46 Million Requests
It was reported that Google has been targeted with the largest DDoS attack in history against one of its customers. An attack on one of the Google Cloud Armor customers occurred on June 1st, during which 46 million requests were sent per second to a Google Cloud Armor customer by HTTPS DDoS attacks.
Security Affairs
Google blocked the largest Layer 7 DDoS reported to date
Google announced to have blocked the largest ever HTTPs DDoS attack, which reached 46 million requests per second (RPS). Google announced to have blocked the largest ever HTTPs DDoS attack that hit one of its Cloud Armor customers. The IT giant revealed that the attack reached 46 million requests per second (RPS). The attack took […]
Bleeping Computer
Privacy-focused search engine DuckDuckGo grew by 46% in 2021
The privacy-focused search engine DuckDuckGo continues to grow rapidly, with the company now averaging over 100 million daily search queries and growing by almost 47% in 2021.
CyberNews
Russia leads in content removal requests to Google
Russia accounts for two thirds of 355,000 content removal requests Google received from various governments over the last decade.
Bleeping Computer
Verizon digital carrier Visible customer accounts were hacked
Visible, a US digital wireless carrier owned by Verizon, admitted that some customer accounts were hacked after dealing with technical problems in the past couple of days.
Bleeping Computer
Massive phishing campaign uses 6,000 sites to impersonate 100 brands
A widespread brand impersonation campaign targeting over a hundred popular apparel, footwear, and clothing brands has been underway since June 2022, tricking people into entering their account credentials and financial information on fake websites.
Bleeping Computer
University of Sunderland announces outage following cyberattack
The University of Sunderland in the UK has announced extensive operational issues that have taken most of its IT systems down, attributing the problem to a cyber-attack.
Bleeping Computer
Nigerian hacker pleads guilty to stealing payroll deposits
A Nigerian national named Charles Onus has pled guilty in the District Court of the Southern District of New York to hacking into a payroll company's user accounts and stealing payroll deposits.
Security Affairs
WikiLoader malware-as-a-service targets Italian organizations
Threat actors are targeting Italian organizations with a phishing campaign aimed at delivering a new malware called WikiLoader. WikiLoader is a new piece of malware that is employed in a phishing campaign that is targeting Italian organizations. Threat actors behind the campaign are using WikiLoader to deliver a banking trojan, stealer, and malware such as Ursnif to the […]
Bleeping Computer
Over 1,300 fake AnyDesk sites push Vidar info-stealing malware
A massive campaign using over 1,300 domains to impersonate the official AnyDesk site is underway, all redirecting to a Dropbox folder recently pushing the Vidar information-stealing malware.
Bleeping Computer
DarkSide ransomware gang returns as new BlackMatter operation
Encryption algorithms found in a decryptor show that the notorious DarkSide ransomware gang has rebranded as a new BlackMatter ransomware operation and is actively performing attacks on corporate entities.
HACKRead
NSA Admits Buying American Browsing Records From Shady Markets
The US National Security Agency (NSA) has confirmed purchasing American users' internet browsing records without warrants.
Cyber Security News
Google Researchers Find Out How ChatGPT Queries Can Collect Personal Data
Recently, cybersecurity researchers at Google discovered how threat actors can exploit ChatGPT queries to collect personal data.
DarkReading
Hackers Posing as Law Firms Phish Global Orgs
Companies trust lawyers with the most sensitive information they've got. Attackers are aiming to exploit that bond to deliver malware.
Ars Technica
Meta unveils a new large language model that can run on a single GPU
LLaMA-13B reportedly outperforms ChatGPT-like tech despite being 10x smaller.
Bleeping Computer
Google blocks largest HTTPS DDoS attack 'reported to date'
A Google Cloud Armor customer was hit with a distributed denial-of-service (DDoS) attack over the HTTPS protocol that reached 46 million requests per second (RPS), making it the largest ever recorded of its kind.
The Hacker News
Italian Watchdog Bans OpenAI's ChatGPT Over Data Protection Concerns
Italy's data protection watchdog, Garante, temporarily bans OpenAI's ChatGPT, citing data protection concerns and potential violation of GDPR laws
Ars Technica
“A really big deal”—Dolly is a free, open source, ChatGPT-style AI model
Dolly 2.0 could spark a new wave of fully open source LLMs similar to ChatGPT.
Bleeping Computer
Atlassian asks customers to patch critical Jira vulnerability
Atlassian is prompting its enterprise customers to patch a critical vulnerability in multiple versions of its Jira Data Center and Jira Service Management Data Center products. The vulnerability tracked as CVE-2020-36239 can give remote attackers code execution abilities, due to a missing authentication flaw in Ehcache RMI.
Ars Technica
Report: OpenAI holding back GPT-4 image features on fears of privacy issues
GPT-4's image capabilities can recognize certain individuals, according to NYT.
The Hacker News
Researchers Uncover New GPU Side-Channel Vulnerability Leaking Sensitive Data
Your GPU might be leaking data. GPU Side-Channel Vulnerability Exposes Modern GPUs to Data Leakage. Learn how this could impact your online privacy.
The Cyber Express
Infiniti USA Cyberattack Reveals New Dark Web Threat: The Mogilevich Ransomware Group
Infiniti USA, the luxury vehicle division of the Japanese automaker Nissan, became the alleged target of a sophisticated cyberattack by
Ars Technica
New AI assistant can browse, search, and use web apps like a human
Adept's ACT-1 has learned how to automate complex UI tasks in web apps using an AI model.
Ars Technica
Stanford researchers challenge OpenAI, others on AI transparency in new report
Researchers say "most transparent" AI model scores only 54% on their index.
Ars Technica
Meta’s “massively multilingual” AI model translates up to 100 languages, speech or text
Meta aims for a universal translator like "Babel Fish" from Hitchhiker’s Guide.
The Record
New technique leads to largest DDoS attacks ever, Google and Amazon say
The companies said that a bug in the HTTP/2 protocol allowed threat actors a fresh angle for overwhelming websites with a flood of traffic, making them temporarily unavailable to users.
Bleeping Computer
Modern GPUs vulnerable to new GPU.zip side-channel attack
Researchers from four American universities have developed a new GPU side-channel attack that leverages data compression to leak sensitive visual data from modern graphics cards when visiting web pages.
Ars Technica
New Bluetooth hack can unlock your Tesla—and all kinds of other devices
All it takes to hijack Bluetooth-secured devices is custom code and $100 in hardware.
SC Magazine
What can you get for $200? Several megabytes of ChatGPT training data
The DeepMind researchers it was possible to launch a “Prompt Injection Attack” to extract more training data by spending more money querying the model.
Bleeping Computer
Hackers abuse Google Ads to spread malware in legit software
Malware operators have been increasingly abusing the Google Ads platform to spread malware to unsuspecting users searching for popular software products.
The Cyber Express
Lighttpd Bug Continues to Expose Vulnerabilities in End-of-Life Intel and Lenovo Hardware Firmware
A vulnerability had been discovered in the devices of several prominent manufacturers within the Lighttpd open-web server component. Lighttpd is
Ars Technica
Indigenous tech group asks Apache Foundation to change its name
Identity as a "last tribe" is simplification and erasure, indigenous group says.
Bleeping Computer
Monero hard fork makes hackers' favorite coin even more private
Monero, the privacy-oriented decentralized cryptocurrency project, underwent a planned hard fork event on Saturday, introducing new features to boost its privacy and security.
The Hacker News
W3LL Store: How a Secret Phishing Syndicate Targets 8,000+ Microsoft 365 Accounts
A hidden "phishing empire" dubbed W3LL Store has compromised 8,000+ Microsoft 365 business email accounts!
ThreatPost
Bluetooth Signals Can Be Used to Track Smartphones, Say Researchers
Researchers demonstrated a possible way to track individuals via Bluetooth signals.
Bleeping Computer
Ukrainian activists hack Trigona ransomware gang, wipe servers
A group of cyber activists under the Ukrainian Cyber Alliance banner has hacked the servers of the Trigona ransomware gang and wiped them clean after copying all the information available.
Ars Technica
Playboy image from 1972 gets ban from IEEE computer journals
Use of "Lenna" image in computer image processing research stretches back to the 1970s.
The Record
Palo Alto warns of firewall vulnerability used in DDoS attack on service provider
Palo Alto Networks is urging customers to patch a line of firewall products after finding that the vulnerability was used in a DDoS attack.
Security Affairs
Alarming lack of cybersecurity practices on world’s most popular websites
The world’s most popular websites lack basic cybersecurity hygiene, an investigation by Cybernews shows. Do you happen to love exploring DIY ideas on Pinterest? Scrolling through IMDB to pick the next movie to watch? Or simply scrolling through Facebook to see what your friends and enemies have been up to? The Cybernews research team has […]
Security Affairs
<strong>How hackers might be exploiting ChatGPT</strong>
The popular AI chatbot ChatGPT might be used by threat actors to hack easily hack into target networks. Original post at https://cybernews.com/security/hackers-exploit-chatgpt/ Cybernews research team discovered that the AI-based chatbot ChatGPT – a recently launched platform that caught the online community’s attention – could provide hackers with step-by-step instructions on how to hack websites. Cybernews […]
The Record
International conflicts driving increased strength of DDoS attacks: report
Wars and regional disputes are fueling an increase in distributed denial-of-service attacks, according to cybersecurity firm NETSCOUT.
DarkReading
Internet-Wide Zero-Day Bug Fuels Largest-Ever DDoS Event
Ongoing Rapid Reset DDoS flood attacks exposed organizations need to patch CVE-2023-44487 immediately to head off crippling outages and business disruption.
Bleeping Computer
German government advises against using Kaspersky antivirus
BSI, the federal cybersecurity authority in Germany, has issued a public statement to warn critical entities in the country against using Kaspersky antivirus software products.
Ars Technica
Limited data sets a hurdle as China plays catch-up to ChatGPT
Lack of high-quality Chinese texts on Internet a barrier to training AI models.
Ars Technica
AI is changing scientists’ understanding of language learning
And it is also raising questions about innate grammar.
Ars Technica
The BASIC programming language turns 60
Easy-to-use language that drove Apple, TRS-80, IBM, and Commodore PCs debuted in 1964.
Bleeping Computer
An encrypted ZIP file can have two correct passwords — here's why
Password-protected ZIP archives are common means of compressing and sharing sets of files—from sensitive documents to malware samples to even malware (phishing "invoices" in emails). But, did you know it is possible for an encrypted ZIP file to have two correct passwords, with both producing the same outcome on extraction?
Ars Technica
A root-server at the Internet’s core lost touch with its peers. We still don’t know why.
For 4 days, the c-root server maintained by Cogent lost touch with its 12 peers.
Naked Security
Atlassian announces 0-day hole in Confluence Server – update now!
Zero-day announced – here’s what you need to know
Ars Technica
Bing outage shows just how little competition Google search really has
Opinion: Actively searching without Google or Bing is harder than it looks.
CyberNews
Anonymous: a cult of personality that could soon fail
Is Anonymous a cult of personality and could it soon fail.
The Hacker News
The Business of Hackers-for-Hire Threat Actors
Hackers-for-hire are secret cyber experts or groups who specialize in infiltrating organizations to acquire intelligence in one way or another.
Trend Micro
Codex Exposed Exploring the Capabilities and Risks of OpenAIs Code Generator
The first of a series of blog posts examines the security risks of Codex, a code generator powered by the GPT-3 engine.
Bleeping Computer
Firefox now shows ads as sponsored address bar suggestions
Mozilla is now showing ads in the form of sponsored Firefox contextual suggestions when U.S. users type in the URL address bar.
Cyber Security News
Top 10 Best Google Alternatives in 2024
Best Google Alternatives: 1. DuckDuckGo 2. Search Encrypt 3. Qwant 4. Startpage 5. Mojeek 6. Bing 7. Gibiru 8. Ask 9. SearX 10. Yahoo!
Naked Security
Dangerous Android phone 0-day bugs revealed – patch or work around them now!
Despite its usually inflexible 0-day disclosure policy, Google is keeping four mobile modem bugs semi-secret due to likely ease of exploitation.
Ars Technica
Incomplete disclosures by Apple and Google create “huge blindspot” for 0-day hunters
No one mentioned that libwebp, a library found in millions of apps, was a 0-day origin.
Ars Technica
AI in space: Karpathy suggests AI chatbots as interstellar messengers to alien civilizations
Andrej Karpathy muses about sending a LLM binary that could "wake up" and answer questions.
The Hacker News
How to Prevent ChatGPT From Stealing Your Content & Traffic
ChatGPT and similar AI models are empowering cybercriminals to launch damaging attacks on online businesses. Learn how they're leveraging these tools
Ars Technica
Google’s “AI Overview” can give false, misleading, and dangerous answers
From glue-on-pizza recipes to recommending "blinker fluid," Google's AI sourcing needs work.
Naked Security
S3 Ep105: WONTFIX! The MS Office cryptofail that “isn’t a security flaw” [Audio + Text]
The coolest video game ever! And lots of solid cybersecurity advice – listen now!
Naked Security
Serious Security: Browser-in-the-browser attacks – watch out for windows that aren’t!
Simple but super-sneaky – use a picture of a browser, and convince people it’s real…
Krebs on Security
The Not-so-True People-Search Network from China
It's not unusual for the data brokers behind people-search websites to use pseudonyms in their day-to-day lives (you would, too). Some of these personal data purveyors even try to reinvent their online identities in a bid to hide their conflicts…
Loading more articles....