Independent – Page 26 – Computer Security Articles

Why and how to create corporate genAI policies

August 21, 2023 admin Artificial Intelligence, chatbots, Data Privacy, Emerging Technology, generative ai, Security

As a large number of companies continue to test and deploy generative artificial intelligence (genAI) tools, many are at risk of AI errors, malicious attacks, and running afoul of regulators — not to mention the potential exposure of sensitive data.

For example, in April, after Samsung’s semiconductor division allowed engineers to use ChatGPT, workers using the platform leaked trade secrets on least three instances, according to published accounts. One employee pasted confidential source code into the chat to check for errors, while another worker shared code with ChatGPT and “requested code optimization.”

To read this article in full, please click here

Independent Krebs

Karma Catches Up to Global Phishing Service 16Shop

August 17, 2023 admin 16shop, Akamai, bandungxploiter, Breadcrumbs, constella intelligence, cyberthread.id, devilscream, FBI, Interpol, McAfee, Ne'er-Do-Well News, riswanda noor supatra, rizky mauluna sidik, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Thu, 17 Aug 2023 19:58:56 +0000

You’ve probably never heard of “16Shop,” but there’s a good chance someone using it has tried to phish you. Last week, the international police organization INTERPOL said it had shuttered the notorious 16Shop, a popular phishing-as-a-service platform launched in 2017 that made it simple for even complete novices to conduct complex and convincing phishing scams. INTERPOL said authorities in Indonesia arrested the 21-year-old proprietor and one of his alleged facilitators, and that a third suspect was apprehended in Japan.

ComputerWorld Independent

Zoom goes for a blatant genAI data grab; enterprises, beware (updated)

August 17, 2023 admin analytics, Data Privacy, generative ai, videoconferencing, zoom video communications

Credit to Author: eschuman@thecontentfirm.com| Date: Thu, 17 Aug 2023 07:06:00 -0700

When Zoom amended its terms of service earlier this month — a bid to make executives comfortable that it wouldn’t use Zoom data to train generative AI models — it quickly stirred up a hornet’s nest. So the company “revised” the terms of service, and left in place ways it can still get full access to user data.

Computerworld repeatedly reached out to Zoom without success to clarify what the changes really mean.

Editor’s note: Shortly after this column was published, Zoom again changed its terms and conditions. We’ve added an update to the end of the story covering the latest changes.

Before I delve into the legalese — and Zoom’s weasel words to falsely suggest it was not doing what it obviously was doing — let me raise a more critical question: Is there anyone in the video-call business not doing this? Microsoft? Google? Those are two firms that never met a dataset that they didn’t love.

To read this article in full, please click here

ComputerWorld Independent

China hacks the US military and government — the Feds blame Microsoft

August 17, 2023 admin Government IT, microsoft, Security

Hidden in the basic infrastructure that runs the US military is a powerful piece of Windows-borne Chinese malware that can disrupt the communications systems, power grids, and water supplies at the military’s bases around the world. One US congressional aide calls it a “ticking time bomb” that as The New York Times put it, “could give China the power to interrupt or slow American military deployments or resupply operations by cutting off power, water and communications to US military bases.”

To read this article in full, please click here

ComputerWorld Independent

Jamf Threat Labs subverts iPhone security with fake Airplane Mode

August 17, 2023 admin apple, iOS, MacOS, Mobile, Security, small and medium business

Fresh security research from Jamf Threat Labs may not reflect an active attack, but it does illustrate the layered complexity of today’s threat environment.

When Airplane mode isn’t Airplane mode

In brief, the researchers have figured out a proof of concept attack that tricks victims into thinking they are using Airplane Mode. However, in reality the attacker has put in place a fake version of that mode that looks normal but lets the attacker maintain access to the device.

This is by no means a straightforward attack and hasn’t been seen in the wild. The exploit is complex and would require an attacker to successfully take control of the target device through a series of exploits, the research claims.

To read this article in full, please click here

ComputerWorld Independent

China hacks the US military and government— the Feds blame Microsoft

August 17, 2023 admin Government IT, microsoft, Security

To read this article in full, please click here

Independent Krebs

Diligere, Equity-Invest Are New Firms of U.K. Con Man

August 14, 2023 admin ardelis solutions, codes2you, diligere, equity-invest, john bernard, john clifton davies, Ne'er-Do-Well News, the inside knowledge

Credit to Author: BrianKrebs| Date: Mon, 14 Aug 2023 20:13:22 +0000

John Clifton Davies, a convicted fraudster estimated to have bilked dozens of technology startups out of more than $30 million through phony investment schemes, has a brand new pair of scam companies that are busy dashing startup dreams: A fake investment firm called Equity-Invest[.]ch, and Diligere[.]co.uk, a scam due diligence company that Equity-Invest insists all investment partners use. A native of the United Kingdom, Mr. Davies absconded from justice before being convicted on multiple counts of fraud in 2015. Prior to his conviction, Davies served 16 months in jail before being cleared on suspicion of murdering his third wife on their honeymoon in India.

ComputerWorld Independent

As VR headset adoption grows, privacy issues could emerge

August 14, 2023 admin Augmented Reality, Data Privacy, privacy, virtual reality

Head and hand motion data gathered from virtual reality (VR) headsets could be as effective at identifying individuals as fingerprints or face scans, research studies have shown, potentially compromising user privacy when interacting in immersive virtual environments.

Two recent studies by researchers at the University of California, Berkeley, showed how data gathered by VR headsets could be used to identify individuals with a high level of accuracy, and potentially reveal a host of personal attributes, including height, weight, age, and even marital status, according to a Bloomberg report Thursday.

To read this article in full, please click here