Cyber News & Articles

Microsoft today released security updates to fix at least 117 security holes in Windows computers and other software, including two vulnerabilities that are already seeing active attacks. Also, Adobe plugged 52 security holes across a range of products, and Apple has addressed a bug in its new macOS 15 “Sequoia” update that broke many cybersecurity tools.

In episode 19 of “The AI Fix” podcast, Graham and Mark discover some AI podcast hosts having an existential crisis, a robot dog climbs another step towards world domination, Mark makes a gift for anyone working in tech support, and William Shatner chews through Lucy in the Sky with Diamonds.

Things can take a terrible turn when a pair of bored students think they’re Ethan Hunt, and Mark thinks that an underwater IKEA might be the silver lining to the climate crisis.

All this and much more is discussed in the latest edition of “The AI Fix” podcast by Graham Cluley and Mark Stockley.

When Sean Kelly bought a top-of-the-line vacuum cleaner, he imagined he was making a safe purchase.

Little did he know that the cleaning machine scuttling about his family’s feet contained a security flaw that could let anyone see and hear their every move.

Read more in my article on the Hot for Security blog.

The UK’s Sellafield nuclear waste processing and storage site has been fined £332,500 by regulators after its IT systems were found to have been left vulnerable to hackers and unauthorised access for years.

Read more in my article on the Hot for Security blog.

International law enforcement continues to dismantle the LockBit ransomware gang’s infrastructure.

Read more in my article on the Tripwire State of Security blog.

Organizations that get relieved of credentials to their cloud environments can quickly find themselves part of a disturbing new trend: Cybercriminals using stolen cloud credentials to operate and resell sexualized AI-powered chat services. Researchers say these illicit chat bots, which use custom jailbreaks to bypass content filtering, often veer into darker role-playing scenarios, including child sexual exploitation and rape.

From family tree to jail cell? A hacker is alleged to have exploited information on genealogy websites to steal millions from public companies. Meanwhile, Kaspersky’s US customers are wondering – what on earth is UltraAV?

All this and more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault.

In episode 18 of “The AI Fix” our hosts discover that OpenAI’s Advanced Voice mode is too emotional for Europeans, a listener writes a Viking saga about LinkedIn, ChatGPT is a terrible doctor, and the voice of Meta AI takes to Meta’s platforms to complain about Meta AI reading things people post on Meta’s platforms.

Mark discovers what Darth Vader really said on Cloud City, Graham rummages through ChatGPT’s false memories, and our hosts find out why AIs need an inner critic.

All this and much more is discussed in the latest edition of “The AI Fix” podcast by Graham Cluley and Mark Stockley.

A California man accused of failing to pay taxes on tens of millions of dollars allegedly earned from cybercrime also paid local police officers hundreds of thousands of dollars to help him extort, intimidate and silence rivals and former business partners, a new indictment charges. KrebsOnSecurity has learned that many of the man’s alleged targets were members of UGNazi, a hacker group behind multiple high-profile breaches and cyberattacks back in 2012.

A London-based man is facing extradition to the United States after allegedly masterminding a scheme to hack public companies prior to their earnings announcements and use the secrets he uncovered to make millions of dollars on the stock market.

Read more in my article on the Hot for Security blog.