News

ChatGPT side-channel attack has easy fix: token obfuscation

The Register - Mon, 18/03/2024 - 02:31
ALSO: Roblox-themed infostealer on the prowl, telco insider pleads guilty to swapping SIMs, and some crit vulns

in brief  Almost as quickly as a paper came out last week revealing an AI side-channel vulnerability, Cloudflare researchers have figured out how to solve it: just obscure your token size.…

Categories: News

In the rush to build AI apps, please, please don't leave security behind

The Register - Sun, 17/03/2024 - 11:04
Supply-chain attacks are definitely possible and could lead to data theft, system hijacking, and more

Feature  While in a rush to understand, build, and ship AI products, developers and data scientists are being urged to be mindful of security and not fall prey to supply-chain attacks.…

Categories: News

As if working at Helldesk weren't bad enough, IT helpers now targeted by cybercrims

The Register - Fri, 15/03/2024 - 19:00
Wave of Okta attacks mark what researchers are calling the biggest security trend of the year

IT helpdesk workers are increasingly the target of cybercriminals – a trend researchers have described as "the most noteworthy" of the past year.…

Categories: News

Cop shop rapped for 'completely avoidable' web form blunder

The Register - Fri, 15/03/2024 - 11:34
Made public highly sensitive data on complaints about Metropolitan Police Service

The London Mayor's Office for Policing and Crime is being rapped by regulators for untidy tech practices that made public the personal data of hundreds of people who filed complaints against the Metropolitan Police Service.…

Categories: News

Forget TikTok – Chinese spies want to steal IP by backdooring digital locks

The Register - Thu, 14/03/2024 - 23:35
Uncle Sam can use this snooping tool, too, but that's beside the point

There's another Chinese-manufactured product – joining the likes of TikTok, cars and semiconductors – that poses a national security risk to Americans: electronic locks, such as those used in safes.…

Categories: News

FTC goes undercover to probe suspected antivirus scam, scores $26M settlement

The Register - Thu, 14/03/2024 - 20:24
Imagine trying to trick folks into buying $500 of unnecessary repairs – and they turn out to be federal agents

A pair of tech support businesses accused of swindling marks out of their hard-earned cash have agreed to cough up a $26 million settlement following an undercover probe by the FTC.…

Categories: News

LockBit ransomware kingpin gets 4 years behind bars

The Register - Thu, 14/03/2024 - 18:26
Canadian-Russian said to have turned to a life of cybercrime during pandemic, now must pay the price – literally

A LockBit ransomware kingpin has been sentenced to almost four years behind bars and ordered to pay more than CA$860,000 ($635,000, £500,000) in restitution to some of his victims by a Canadian court as he awaits extradition to the US.…

Categories: News

Google gooses Safe Browsing with real-time protection that doesn't leak to ad giant

The Register - Thu, 14/03/2024 - 17:58
Rare occasion when you do want Big Tech to make a hash of it

Google has enhanced its Safe Browsing service to enable real-time protection in Chrome for desktop, iOS, and soon Android against risky websites, without sending browsing history data to the ad biz.…

Categories: News

Record breach of French government exposes up to 43 million people's data

The Register - Thu, 14/03/2024 - 16:06
Zut alors! Department for registering and helping unemployed people broken into

A French government department - responsible for registering and assisting unemployed people - is the latest victim of a mega data breach that compromised the information of up to 43 million citizens.…

Categories: News

International effort to disrupt cybercrime moves into operational phase

The Register - Thu, 14/03/2024 - 15:00
Will the WEF experiment work?

The Cybercrime Atlas, a massive undertaking that aims to disrupt cybercriminals across the globe, enters its operational phase in 2024, two years after organizers laid the groundwork at the RSA Conference.…

Categories: News

US to probe Change Healthcare's data protection standards as lawsuits mount

The Register - Thu, 14/03/2024 - 14:03
Services slowly coming back online but providers still struggling

Change Healthcare is being investigated over the alleged 6 TB data theft by the ALPHV ransomware group as it continues recovery efforts.…

Categories: News

US Congress goes bang, bang, on TikTok sale-or-ban plan

The Register - Thu, 14/03/2024 - 01:46
Bill proposes to do to China what China already does to the US – make life hard for foreign social networks

The United States House of Representatives on Wednesday passed the Protecting Americans from Foreign Adversary Controlled Applications Act – a law aimed at forcing TikTok's Chinese parent ByteDance to sell the app's US operations or face the prospect of a ban.…

Categories: News

Nissan to alert 100,000 Aussies and Kiwis about data loss incident

The Register - Thu, 14/03/2024 - 00:32
Akira ransomware crooks brag of stealing thousands of ID documents during break-in

Over the next few weeks, Nissan Oceania will make contact with around 100,000 people in Australia and New Zealand whose data was pilfered in a December 2023 attack on its systems – perhaps by the Akira ransomware gang.…

Categories: News

Poking holes in Google tech bagged bug hunters $10M

The Register - Wed, 13/03/2024 - 18:00
A $2M drop from previous year. So … things are more secure?

Google awarded $10 million to 632 bug hunters last year through its vulnerability reward programs.…

Categories: News

Cryptocurrency laundryman gets hung out to dry

The Register - Wed, 13/03/2024 - 16:45
Bitcoin Fog washed hundreds of millions for criminals

The operator of the world's longest-running Bitcoin money laundering service faces a 50-year prison sentence after being found guilty in a US court.…

Categories: News

Microsoft Copilot for Security prepares for April liftoff

The Register - Wed, 13/03/2024 - 16:00
Automated AI helper intended to make security more manageable

Microsoft Copilot for Security, a subscription AI security service, will be generally available on April 1, 2024, the company announced on Wednesday.…

Categories: News

Stanford University failed to detect ransomware intruders for 4 months

The Register - Wed, 13/03/2024 - 12:05
27,000 individuals had data stolen, which for some included names and social security numbers

Stanford University says the cybersecurity incident it dealt with last year was indeed ransomware, which it failed to spot for more than four months.…

Categories: News

Reducing the cloud security overhead

The Register - Wed, 13/03/2024 - 08:51
Why creating a layered defensive strategy that includes security by design can help address cloud challenges

Sponsored Feature  The world is filled with choices. Whether it's the 20 different types of shampoo on offer at the grocery store, or the dozens of Linux distros you can try for free, you can have it all.…

Categories: News

Researchers jimmy OpenAI's and Google's closed models

The Register - Wed, 13/03/2024 - 08:34
Infosec folk aren’t thrilled that if you poke APIs enough, you learn AI's secrets

Boffins have managed to pry open closed AI services from OpenAI and Google with an attack that recovers an otherwise hidden portion of transformer models.…

Categories: News

March Patch Tuesday sees Hyper-V join the guest-host escape club

The Register - Wed, 13/03/2024 - 00:16
Critical bugs galore among 61 Microsoft fixes, 56 from Adobe, a dozen from SAP, and a fistful from Fortinet

Patch Tuesday  Microsoft's monthly patch drop has arrived, delivering a mere 61 CVE-tagged vulnerabilities – none listed as under active attack or already known to the public.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News