The generative AI movement relies on large language models (LLMs) to interpret and create human-language texts from simple prompts, such as summarizing a document, writing a poem, or answering a question using data from multiple sources. Bad actors can use “prompt injection” to trick an LLM-powered chatbot into giving unauthorized …
Read More »Search Results for: leak
After a federal search of a passenger’s phone at an airport, a security expert warns of a chilling effect
After being detained upon arrival at a U.S. airport, having his phone searched, and being ordered to testify before a grand jury, only to have prosecutors backtrack and drop the investigation, a U.S. security researcher is warning of a chilling effect. After returning from a trip to Japan on September …
Read More »Meta targeted for new UK government warning on Messenger, Instagram E2E encryption
Prepare for another encryption battle: After parliament approved its Online Safety Bill yesterday, the U.K. government is pressuring Meta not to roll out end-to-end encryption (E2EE) on Facebook Messenger and Instagram unless it applies unspecified “safety measures” that the Home Secretary said should allow law enforcement to continue to detect …
Read More »MOVEit, the year’s biggest hack, by numbers
The largest hack of the year is the mass-exploitation of MOVEit Transfer software. According to Emsisoft, the MOVEit breach has affected more than 1,000 people. The full impact of the attack will likely not be known for months. This makes the MOVEit hack the largest of 2023 and recent history. …
Read More »Threads launches its anticipated web app
Instagram Threads will launch one of its most requested features today: web access while logged in. The company says Threads users can post, view their feed, and interact with posts from the desktop at launch, but the experience won’t be identical to the mobile app. Web users cannot edit their …
Read More »Tesla claims insiders caused 75,000 employee data breach
Tesla blamed insider wrongdoing for a data breach that affected over 75,000 employees. Tesla, owned by Elon Musk, filed a data breach notice with Maine‘s attorney general after an investigation found that two former employees leaked over 75,000 personal data to a foreign media outlet. In the notice, Tesla data …
Read More »Cellebrite asks police to keep phone hacking tech a secret
Cellebrite phone hacking technology has been used by police and other government agencies worldwide for years to unlock phones and steal data. The company has been careful to use its technology secretly. Has learned that Cellebrite requires users to keep its tech and use of it secret as part of …
Read More »NY City bans TikTok on government-issued devices
New York City is the latest city to ban TikTok to prevent Chinese security threats. The Verge reported the immediate ban, which requires agencies to remove the app from city-owned hardware within 30 days. NYC Cyber Command, which tracks cyber threats for the NYC Office of Technology and Innovation, recommended …
Read More »Cyber agencies in the US and Australia warn that IDOR security flaws can be exploited “at scale”
U.S. and Australian government cybersecurity agencies warn that common security vulnerabilities in websites and web apps can be exploited to commit large-scale data breaches. CISA, the National Security Agency, and the Australian Cyber Security Centre warned Thursday that insecure direct object references (IDORs) allow hackers to access or modify sensitive …
Read More »TheTruthSpy’s millions from fake passports and real bank accounts
Benjamin, 44, lives near the park in a trendy downtown Dallas neighborhood. He avoids social media. Fort Worth neighbor Dulce, 42, lives in a gated community with terraced houses and green lawns. They look like online entrepreneurs with modest incomes. The two make huge profits by selling access to TheTruthSpy, …
Read More »