Mastodawn

pauldokas Oct 11, 2024

👀
https://thequantuminsider.com/2024/10/11/chinese-scientists-report-using-quantum-computer-to-hack-military-grade-encryption/

Chinese Scientists Report Using Quantum Computer to Hack Military-grade Encryption

Chinese researchers, using a D-Wave device, claim to have executed the first successful quantum attack on widely used encryption algorithms.

The Quantum Insider

pauldokas Sep 4, 2024

🤔
https://www.tweaktown.com/news/100282/facebook-partner-admits-smartphone-microphones-listen-to-people-talk-serve-better-ads/index.html

Facebook partner admits smartphone microphones listen to people talk to serve better ads

One of Facebook's advertising partners has reportedly admitted listening to spying on people's conversations through smartphones to serve curated ads.

TweakTown

pauldokas Aug 11, 2024

“Over the course of the past few weeks, the person — who used an AOL email account and identified themselves only as “Robert” — relayed what appeared to be internal communications from a senior Trump campaign official.”
https://www.politico.com/news/2024/08/10/trump-campaign-hack-00173503

We received internal Trump documents from ‘Robert.’ Then the campaign confirmed it was hacked.

The campaign suggested Iran was to blame. POLITICO has not independently verified the identity of the hacker or their motivation.

Politico

pauldokas Jul 14, 2024

“Cryptography ain’t easy. Seemingly small details like how many times a computationally intensive loop runs can give the game away. [Lord Feistel] gives us a demo of how this could work with nothing more than poorly designed code, a resistor, and an oscilloscope.”
https://hackaday.com/2024/07/14/undo-arduino-encryption-with-an-oscilloscope/

Undo Arduino Encryption With An Oscilloscope

Cryptography ain’t easy. Seemingly small details like how many times a computationally intensive loop runs can give the game away. [Lord Feistel] gives us a demo of how this could work with n…

Hackaday

pauldokas Jul 3, 2024

“The vulnerabilities were discovered in Cocoapods, a dependency manager widely used for software projects coded in the Swift and Objective-C programming languages.”
https://gizmodo.com/new-open-source-bugs-leave-thousands-of-ios-apps-vulner-1851573395

New Open Source Bugs Leave Thousands of iOS Apps Vulnerable to Hijacking

The Cocoapods vulnerabilities could threaten TikTok, Snapchat, LinkedIn, Netflix, Microsoft Teams, Facebook Messenger, and many others.

Gizmodo

pauldokas Jun 29, 2024

“This week, Progress Software announced that it had discovered two new items for the common vulnerabilities and exposures (CVE) list of the enterprise product MOVEit Transfer, a popular way for businesses to securely transfer and exchange sensitive files and data.”
https://mashable.com/article/massive-moveit-vulnerability-2024

Massive authentication vulnerability risks compromising much of the internet

Hackers are already exploiting the flaw.

Mashable

pauldokas Jun 26, 2024

The Zeek Network Security Monitor Jun 25, 2024

Zeek fans: the Call for Presentations for ZeekWeek 2024 closes tomorrow, June 26th.

https://zeek.org/zeekweek2024/call-for-presentations/

ZeekWeek 2024 will be held August 13th-15th at the Caltech Ramo Auditorium in Pasadena, CA. This will be an in-person event. Day 1 and day 2 will consist of talks. If you would like to attend a training on day 3, you will need to register for the full conference and select it as an add-on during the purchase process.

https://zeek.org/zeekweek2024/registration

Zeek: Call for Presentations

Visit the post for more.

Zeek

pauldokas Jun 1, 2024

‘“Due to his apparent lack of prior experience in cybersecurity, it would be unfair to scapegoat Mr. Martin for UHG’s cybersecurity lapses. Instead, UHG’s CEO and the company’s board of directors should be held responsible for elevating someone without the necessary experience to such an important role in the company, as well as for the company’s failure to adopt basic cyber defenses,” the senator wrote.’

🤔
https://therecord.media/unitedhealth-ciso-wyden-letter-sec-ftc

UnitedHealth leaders 'should be held responsible' for installing inexperienced CISO, senator says

In a letter to regulators, Sen. Ron Wyden noted a cascade of reckless decisions by the company — most notably hiring a chief information security officer who had not worked in a full-time cybersecurity role before he was elevated to the job.

pauldokas May 28, 2024

"The man has no specialist IT knowledge, is unemployed and a resident of Kawasaki city, south of Tokyo."

"The type of virus he created was ransomware, designed to encrypt data on targeted systems and demand cryptocurrency as ransom."

🤦‍♂️
https://efe.com/en/other-news/2024-05-28/japanese-man-arrested-for-creating-computer-virus-using-generative-ai/

Man Arrested for Creating Virus with Generative AI System in JapanJapanese man arrested for creating computer virus using generative AI - EFE Noticias

A 25-year-old Japanese, with no IT expertise, used AI to create ransomware using generative AI, marking the first case of its kind in Japan.

EFE Noticias

pauldokas May 25, 2024

“Apple explained that the photos, which were not completely deleted from a user’s device, were not synced to iCloud Photos. These files were only present on the device itself.”
https://www.benzinga.com/news/24/05/39007706/apple-explains-rare-iphone-bug-that-brought-back-deleted-photos-heres-what-happened

Apple Explains Rare iPhone Bug That Brought Back Deleted Photos: Here's What Happened - Apple (NASDAQ:AAP

Apple explains rare bug causing deleted photos to reappear on iOS 17.5 iPhones. Issue related to database corruption, not iCloud Photos.

Benzinga