News

Whoever gets it will steer UK department's IT, AI strategy, and megabucks vendor deals

The UK Ministry of Defence (MoD) is offering between £270,000 to £300,000 for a senior digital leader who will oversee more than £4.6 billion in spending and more than 3,000 specialist staff.…

Meanwhile, IP-stealing 'distillation attacks' on the rise

A Chinese government hacking group that has been sanctioned for targeting America's critical infrastructure used Google's AI chatbot, Gemini, to auto-analyze vulnerabilities and plan cyberattacks against US organizations, the company says.…

Businesses are embedding prompts that produce content they want you to read, not the stuff AI makes if left to its own devices

Amid its ongoing promotion of AI’s wonders, Microsoft has warned customers it has found many instances of a technique that manipulates the technology to produce biased advice.…

Add-ons with 37M installs leak visited URLs to 30+ recipients, researcher says

They know where you've been and they're going to share it. A security researcher has identified 287 Chrome extensions that allegedly exfiltrate browsing history data for an estimated 37.4 million installations.…

The more you share online, the more you open yourself to social engineering

If you've seen the viral AI work pic trend where people are asking ChatGPT to "create a caricature of me and my job based on everything you know about me" and sharing it to social, you might think it's harmless. You'd be wrong.…

Curious port filtering and traffic patterns suggest advisories weren’t the earliest warning signals sent

Telcos likely received advance warning about January's critical Telnet vulnerability before its public disclosure, according to threat intelligence biz GreyNoise.…

Attackers using social engineering to exploit business processes, rather than tunnelling in via tech

Exclusive  When fraudsters go after people's paychecks, "every employee on earth becomes a target," according to Binary Defense security sleuth John Dwyer.…

Smug faces across all those who opposed the WordPad-ification of Microsoft's humble text editor

Just months after Microsoft added Markdown support to Notepad, researchers have found the feature can be abused to achieve remote code execution (RCE).…

UK government grilled over progress made to prevent a second life-threatening leak

Legacy IT issues are hampering key technical measures designed to prevent highly sensitive data leaks, UK government officials say.…

Roses are red, violets are blue ... now get patching

What better way to say I love you than with an update? Attackers exploited a whopping six Microsoft bugs as zero-days prior to Redmond releasing software fixes on February's Patch Tuesday.…