Tuesday, November 26, 2024
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Independent

ComputerWorld Independent 

Patch Tuesday: Microsoft rolls out 90 updates for Windows, Office

admin , , , ,

With its August Patch Tuesday release, Microsoft pushed out 90 updates for the Windows and Office platforms. The latest fixes include  another update for Microsoft Exchange (along with with a warning about failed updates to Exchange Server 2016 and 2019) and a “Patch Now” recommendation from us for Office.

The team at Application Readiness has crafted this useful infographic outlining the risks associated with each of the updates for this month.

To read this article in full, please click here

Read more
ComputerWorld Independent 

Zoom goes for a blatant genAI data grab; enterprises, beware

admin , , , ,

Credit to Author: eschuman@thecontentfirm.com| Date: Fri, 11 Aug 2023 11:21:00 -0700

When Zoom amended its terms of service earlier this month — a bid to make executives comfortable that it wouldn’t use Zoom data to train generative AI models — it quickly stirred up a hornet’s nest. So the company “revised” the terms of service, and left in place ways it can still get full access to user data.

(Computerworld repeatedly reached out to Zoom without success to clarify what the changes really mean.)

Before I delve into the legalese — and Zoom’s weasel words to falsely suggest it was not doing what it obviously was doing — let me raise a more critical question: Is there anyone in the video-call business not doing this? Microsoft? Google? Those are two firms that never met a dataset that they didn’t love.

To read this article in full, please click here

Read more
ComputerWorld Independent 

Q&A: TIAA's CIO touts top AI projects, details worker skills needed now

admin , , , , , , , , ,

Artificial intelligence (AI) is already having a significant effect on businesses and organizations across a variety of industries, even as many businesses are still just kicking the tires on the technology.

Those that have fully adopted AI claim a 35% increase in innovation and a 33% increase in sustainability over the past three years, according to research firm IDC. Customer and employee retention has also been reported as improving by 32% after investing in AI.

To read this article in full, please click here

Read more
Independent Krebs 

Microsoft Patch Tuesday, August 2023 Edition

admin , , , , , , , , , , , ,

Credit to Author: BrianKrebs| Date: Wed, 09 Aug 2023 02:22:57 +0000

Microsoft Corp. today issued software updates to plug more than 70 security holes in its Windows operating systems and related products, including a patch that addresses multiple zero-day vulnerabilities currently being exploited in the wild.

Read more
ComputerWorld Independent 

Researchers build a scary Mac attack using AI and sound

admin , , , ,

A UK research team based at Durham University has identified an exploit that could allow attackers to figure out what you type on your MacBook Pro — based on the sound each keyboard tap makes.

These kinds of attacks aren’t particularly new. The researchers found research dating back to the 1950s into using acoustics to identify what people write. They also note that the first paper detailing use of such an attack surface was written for the US National Security Agency (NSA) in 1972, prompting speculation such attacks may already be in place.

“(The) governmental origin of AS- CAs creates speculation that such an attack may already be possible on modern devices, but remains classified,” the researchers wrote.

To read this article in full, please click here

Read more
Independent Krebs 

Meet the Brains Behind the Malware-Friendly AI Chat Service ‘WormGPT’

admin , , , , , , , , , , , , ,

Credit to Author: BrianKrebs| Date: Tue, 08 Aug 2023 17:37:23 +0000

WormGPT, a private new chatbot service advertised as a way to use Artificial Intelligence (AI) to help write malicious software without all the pesky prohibitions on such activity enforced by ChatGPT and Google Bard, has started adding restrictions on how the service can be used. Faced with customers trying to use WormGPT to create ransomware and phishing scams, the 23-year-old Portuguese programmer who created the project now says his service is slowly morphing into “a more controlled environment.” The large language models (LLMs) made by ChatGPT parent OpenAI or Google or Microsoft all have various safety measures designed to prevent people from abusing them for nefarious purposes — such as creating malware or hate speech. In contrast, WormGPT has promoted itself as a new LLM that was created specifically for cybercrime activities.

Read more
ComputerWorld Independent 

Has Microsoft cut security corners once too often?

admin ,

Credit to Author: eschuman@thecontentfirm.com| Date: Mon, 07 Aug 2023 10:00:00 -0700

As Microsoft revealed tidbits of its post-mortem investigation into a Chinese attack against US government agencies via Microsoft, two details stand out: the company violated its own policy and did not store security keys within a Hardware Security Module (HSM) — and the keys were successfully used by attackers even though they had expired years earlier. 

This is simply the latest example of Microsoft quietly cutting corners on cybersecurity and then only telling anyone when it gets caught. 

To read this article in full, please click here

Read more
Independent Krebs 

Teach a Man to Phish and He’s Set for Life

admin , , , , , , , ,

Credit to Author: BrianKrebs| Date: Fri, 04 Aug 2023 13:49:15 +0000

One frustrating aspect of email phishing is the frequency with which scammers fall back on tried-and-true methods that really have no business working these days. Like attaching a phishing email to a traditional, clean email message, or leveraging link redirects on LinkedIn, or abusing an encoding method that makes it easy to disguise booby-trapped Microsoft Windows files as relatively harmless documents.

Read more