News

CEO says if you buy all your infosec stuff from him, life under assault from bots will be less painful

Brace for a new round of browser wars, according to Palo Alto Networks CEO Nikesh Arora.…

High accuracy scores come from conditions that don't reflect real-world usage

Facial recognition technology has been deployed publicly on the basis of benchmark tests that reflect performance in laboratory settings, but some academics are saying that real-world performance doesn't match up.…

Spy vs spy in the chips

Comment  Chinese state media called the US an aspiring "surveillance empire" over its proposed use of asset tracking tags to crack down on black-market GPU shipments to the Middle Kingdom.…

Supply chain breach has been a major target of legal action

Microsoft-owned talk-to-text outfit Nuance has agreed to cough up $8.5 million to settle a class action lawsuit over the sprawling MOVEit Transfer mega-breach – although it admits no liability.…

HR SaaS giant insists core systems untouched

Workday has admitted that attackers gained access to one of its third-party CRM platforms, but insists its core systems and customer tenants are untouched.…

Sni5Gect research crew targets sweet spot during device / network handshake pause

Security boffins have released an open source tool for poking holes in 5G mobile networks, claiming it can do up- and downlink sniffing and a novel connection downgrade attack - plus "other serious exploits" they're keeping under wraps, for now.…

When you're asking AI chatbots for answers, they're data-mining you

Opinion  Recently, OpenAI ChatGPT users were shocked – shocked, I tell you! – to discover that their searches were appearing in Google search. You morons! What do you think AI chatbots are doing? Doing all your homework for free or a mere $20 a month? I think not!…

If you wanted to hurt Putin’s ransomware racketeers, these info-stealing npm packages are one way to do it

Researchers at software supply chain security outfit Safety think they’ve found malware that targets Russian cryptocurrency developers, and perhaps therefore Russia’s state-linked ransomware crews…

PLUS: Kryptos solution up for auction; Canadian parliament springs a leak; Fake crypto lawyers; And more

Infosec In Brief  New York State is suing bank-owned peer-to-peer payment app Zelle, claiming that the banks behind it knew fraud was rampant on the platform but allowed scammers to conduct business with impunity.…