Cyber News & Articles
The AI Fix #4: Fantastic voyage, and the technological singularity
In episode four of The AI Fix podcast, Graham and Mark learn there’s a 99.9% chance that AI will wipe out humans within 100 years, examine the even more chilling prospect of Barney the dinosaur reading Adolf Hitler’s Mein Kampf to six-year-olds, and resurrect a tried-and-trusted software evaluation method to decide if Claude 3.5 Sonnet … Continue reading “The AI Fix #4: Fantastic voyage, and the technological singularity”
Pro-Russia hackers attack European air traffic control website, but don’t panic! Flights continue as normal
Eurocontrol, the European air traffic control agency, has revealed that it has been under cyber attack for the last week, and says that pro-Russian hackers have claimed responsibility for the disruption.
When you first see the headline in the likes of the Wall Street Journal, it’s a scary thing to read.
But dig a little deeper, and you realise that the err.. sky is not falling.
Read more in my article on the Hot for Security blog.
US Facebook users can now claim their share of $725 million Cambridge Analytica settlement
Were you a US-based Facebook user between May 24 2007 and December 22 2022?
If so, I’ve got some good news for you.
Read more in my article on the Hot for Security blog.
3CX Breach Was a Double Supply Chain Compromise
We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX, a complex, lengthy intrusion that has the makings of a cyberpunk spy novel: North Korean hackers using legions of fake executive accounts on LinkedIn to lure people into opening malware disguised as a job offer; malware targeting Mac and Linux users working at defense and cryptocurrency firms; and software supply-chain attacks nested within earlier supply chain attacks.
US charges three men with six million dollar business email compromise plot
Three Nigerian nationals face charges in a US federal court related to a business email compromise (BEC) scam that is said to have stolen more than US $6 million from victims.
Read more in my article on the Tripwire State of Security blog.
Ex-CEO of hacked therapy clinic sentenced for failing to protect patients’ session notes
A Finnish court has given the former CEO of a chain of psychotherapy clinics a suspended jail sentence after failing to adequately protect highly sensitive notes of patients’ therapy sessions from falling into the hands of blackmailing hackers.
Read more in my article on the Hot for Security blog.
Giving a Face to the Malware Proxy Service ‘Faceless’
For the past seven years, a malware-based proxy service known as “Faceless” has sold anonymity to countless cybercriminals. For less than a dollar per day, Faceless customers can route their malicious traffic through tens of thousands of compromised systems advertised on the service. In this post we’ll examine clues left behind over the past decade by the proprietor of Faceless, including some that may help put a face to the name.
Army helicopter crash blamed on skipped software patch
The emergency ditching of an Australian military helicopter in the water just off a beach in New South Wales, has been blamed on the failure to apply a software patch.
Read more in my article on the Hot for Security blog.
Why is ‘Juice Jacking’ Suddenly Back in the News?
KrebsOnSecurity received a nice bump in traffic this week thanks to tweets from the Federal Bureau of Investigation (FBI) and the Federal Communications Commission (FCC) about “juice jacking,” a term first coined here in 2011 to describe a potential threat of data theft when one plugs their mobile device into a public charging kiosk. It remains unclear what may have prompted the alerts, but the good news is that there are some fairly basic things you can do to avoid having to worry about juice jacking.
As Tax Day approaches, Microsoft warns accounting firms of targeted attacks
Accountants are being warned to be on their guard from hackers, as cybercriminals exploit the rush to prepare tax returns for clients before the deadline of US Tax Day.
Read more in my article on the Tripwire State of Security blog.