Saturday, June 25, 2022

How to get started with machine learning and AI

Enlarge / "It's a cookbook?!" (credit: Aurich Lawson | Getty Images) "Artificial Intelligence" as we know it today is, at best, a misnomer. AI is in no way intelligent, but...

Mega says it can’t decrypt your files. New POC exploit shows otherwise

Enlarge In the decade since larger-than-life character Kim Dotcom founded Mega, the cloud storage service has amassed 250 million registered users and stores a whopping 120 billion files that...

High fossil fuel prices are good for the planet—here’s how to keep it that way

Enlarge (credit: MCCAIG/Getty) In the UK, it now costs more than 100 pounds to fill up a typical family car with petrol, and oil prices could rise even further. But...

Police linked to hacking campaign to frame Indian activists

Enlarge / Bike rally by police personnel during "We Make Pune City Safe" awareness campaign on October 3, 2017, in Pune, India. (credit: Pratham Gokhale/Getty) Police forces around the world...

Tsunami of junk traffic that broke DDoS records delivered by tiniest of botnets

Enlarge (credit: Aurich Lawson | Getty Images) A massive flood of malicious traffic that recently set a new distributed denial-of-service record came from an unlikely source. A botnet of just...

Botched and silent patches from Microsoft put customers at risk, critics say

Enlarge (credit: Drew Angerer | Getty Images) Blame is mounting on Microsoft for what critics say is a lack of transparency and adequate speed when responding to reports of vulnerabilities...

A new vulnerability in Intel and AMD CPUs lets hackers steal encryption keys

Enlarge Microprocessors from Intel, AMD, and other companies contain a newly discovered weakness that remote attackers can exploit to obtain cryptographic keys and other secret data traveling through the...

Coinbase lays off 18 percent of staff as CEO says, “We grew too quickly”

Enlarge / Coinbase CEO Brian Armstrong speaks during the Milken Institute Global Conference on May 2, 2022 in Beverly Hills, California. (credit: Getty Images | Patrick T. Fallon ) Cryptocurrency...

Credentials for thousands of open source projects free for the taking—again!

Enlarge (credit: Getty Images) A service that helps open source developers write and test software is leaking thousands of authentication tokens and other security-sensitive secrets. Many of these leaks allow...

New ultra-stealthy Linux backdoor isn’t your everyday malware discovery

Enlarge (credit: Getty Images / iStock) Researchers have unearthed a discovery that doesn’t occur all that often in the realm of malware: a mature, never-before-seen Linux backdoor that uses novel...

Gone in 130 seconds: New Tesla hack gives thieves their own personal key

Enlarge (credit: Getty Images) Last year, Tesla issued an update that made its vehicles easier to start after being unlocked with their NFC Key Cards. Now, a researcher has shown...

Feds seize SSNDOB marketplace that listed personal data of 24 million people

Enlarge / Seizure notice on ssndob.ws. Federal law enforcement agencies say they shut down a group of websites that made over $19 million selling Social Security numbers and other...

$10 billion fund starts giving US states money for broadband expansions

Enlarge (credit: Getty Images | Alan Schein) The US Treasury Department has started approving broadband grants to states from a $10 billion fund created to expand access to Internet service...

Microsoft won’t say if it will patch critical Windows vulnerability under exploit

Enlarge (credit: Getty Images) As hacker groups working continue to hammer a former Windows zero-day that makes it unusually easy to execute malicious code on target computers, Microsoft is keeping...

An actively exploited Microsoft 0-day flaw still doesn’t have a patch

Enlarge (credit: mturhanlar | Getty Images) Researchers warned last weekend that a flaw in Microsoft's Support Diagnostic Tool could be exploited using malicious Word documents to remotely take control of...
Security Affairs

Multiple malicious packages in PyPI repository found stealing AWS secrets

Researchers discovered multiple malicious Python packages in the official PyPI repository stealing AWS credentials and other info. Sonatype researchers discovered multiple Python packages in the official PyPI repository that have been developed to steal secrets (i.e. AWS credentials and environment...

The Post-Roe Privacy Nightmare Has Arrived

Plus: Microsoft details Russia’s Ukraine hacking campaign, Meta’s election integrity efforts dwindle, and more.

How to Move Your WhatsApp Chats Across Devices and Apps

It's never been easier to switch between iPhone and Android—and to get your messages out of the Meta ecosystem entirely.
The Register

We’re now truly in the era of ransomware as pure extortion without the encryption

Why screw around with cryptography and keys when just stealing the info is good enough Feature  US and European cops, prosecutors, and NGOs recently convened a two-day workshop in the Hague to discuss how to respond to the growing...
The Hacker News

Learn NIST Inside Out With 21 Hours of Training @ 86% OFF

In cybersecurity, many of the best jobs involve working on government projects. To get a security clearance, you need to prove that you meet NIST standards. Cybersecurity firms are particularly interested in people who understand the RMF, or Risk Management...