Group items tagged

"In 2015, a research group fed an AI system called Deep Patient health and medical data from some 700,000 people, and tested whether it could predict diseases. It could, but Deep Patient provides no explanation for the basis of a diagnosis, and the researchers have no idea how it comes to its conclusions. A doctor either can either trust or ignore the computer, but that trust will remain blind."

""This is the largest impact on the energy system in the United States we've seen from a cyberattack, full stop," says Rob Lee, CEO of the critical-infrastructure-focused security firm Dragos. Aside from the financial impact on Colonial Pipeline or the many providers and customers of the fuel it transports, Lee points out that around 40 percent of US electricity in 2020 was produced by burning natural gas, more than any other source. That means, he argues, that the threat of cyberattacks on a pipeline presents a significant threat to the civilian power grid. "You have a real ability to impact the electric system in a broad way by cutting the supply of natural gas. This is a big deal," he adds. "I think Congress is going to have questions. A provider got hit with ransomware from a criminal act, this wasn't even a state-sponsored attack, and it impacted the system in this way?""

"Ransomware analysts offered several possible explanations for why the master key has now appeared. It is possible Kaseya, a government entity, or a collective of victims paid the ransom. The Kremlin in Russia also might have seized the key from the criminals and handed it over through intermediaries, experts said."

"Iran's missile attacks on two Iraqi airbases have been accompanied by a spread of online disinformation, falsely labelled images and claims of news sources being hacked, which have added to jitters in the region regarding the attacks."

"Before we go deeper, it's important to note that there are two approaches to facial - or any biometric - authentication: "match on server" and "match on device." The former approach shares some of the risky aspects of facial recognition technology because it stores the details of one's most personal features-your face or your fingerprint-on a server, which is inherently insecure. There are some well-publicized examples of biometric databases being hacked, which is why so many companies are committing to only do on-device biometrics."

"TL;DR: all recent macOS devices are no longer safe to use if left alone, even if you have them powered down. The root of trust on macOS is inherently broken They can bruteforce your FileVault2 volume password They can alter your macOS installation They can load arbitrary kernel extensions"

"This is called a supply-chain attack, because it targets a supplier to an organization rather than an organization itself - and can affect all of a supplier's customers. It's an increasingly common way to attack networks. Other examples of this sort of attack include fake apps in the Google Play store, and hacked replacement screens for your smartphone."

"The Italian supreme court ordered prosecutors last month to disclose how the Sky ECC data had been retrieved, arguing that it was impossible to have a fair trial if the accused is unable to access the evidence or assess its reliability and legality, a position supposed by the NGO Fair Trials. Whether prosecutors choose to do so could determine whether the arrests made this week lead to convictions or not. Prosecutors in the UK face a similar dilemma in relation to the hacking of EncroChat, another secret messaging platform that had the added facility of a "panic" button that when pressed would immediately erase the phone's contents."

Natal... The future of gaming, be able to control your 360 in your sitting room... However, they neglected to mention how the device has a motion-sensing camera meaning that your living room is more susceptible to being hacked now... 

"The investigation reveals extraordinary details about how disinformation is being weaponised by Team Jorge, which runs a private service offering to covertly meddle in elections without a trace. The group also works for corporate clients. Hanan told the undercover reporters that his services, which others describe as "black ops", were available to intelligence agencies, political campaigns and private companies that wanted to secretly manipulate public opinion. He said they had been used across Africa, South and Central America, the US and Europe."

"This person or group, who go by the names BestBuy and Popopret, recently spammed an ad to folks on Jabber, an instant messaging service. They offered to perform a distributed denial of service (DDoS) attack on whomever their client(s) wanted, and they backed up their offer by claiming to wield the ability to perform some of the strongest DDoS attacks ever seen. Recent events in the history of the internet show us that these kind of attacks - if these hackers indeed have the power they claim - can wreak internet havoc by blocking user access to a range of some of the web's most popular destinations."

How far does encryption work? Scary huh...

""Self-drive cars will probably work through internet connectivity and, just as large volumes of electronic traffic can be routed to overwhelm websites, the opportunity for self-drive traffic being routed to create 'spam jams' or disruption is a very real prospect.""

"Three software flaws in Facebook's systems allowed hackers to break into user accounts, including those of the top executives Mark Zuckerberg and Sheryl Sandberg, according to two people familiar with the investigation but not allowed to discuss it publicly. Once in, the attackers could have gained access to apps like Spotify, Instagram and hundreds of others that give users a way to log into their systems through Facebook."

"Cybersecurity experts have warned for years that malfeasance, technical breakdown or administrative incompetence could easily wreak havoc with electronic systems and could go largely or wholly undetected. This is a concern made much more urgent by Russia's cyber-attacks on political party servers and state voter registration databases in 2016 and by the risk of a repeat - or worse - in this November's midterms. "