Presidential campaign season is officially, officially, upon us now, which means it’s time to confront the weird and insidious ways in which technology is warping politics. One of the biggest threats on the horizon: artificial personas are coming, and they’re poised to take over political debate. The risk arises from two separate threads coming together: … Read More “Artificial Personas and Public Discourse” »
Category: socialengineering
Auto Added by WPeMatico
This is a fascinating hack: In today’s digital age, a large Instagram audience is considered a valuable currency. I had also heard through the grapevine that I could monetize a large following — or in my desired case — use it to have my meals paid for. So I did just that. I created an … Read More “Hacking Instagram to Get Free Meals in Exchange for Positive Reviews” »
A research group at NATO’s Strategic Communications Center of Excellence catfished soldiers involved in an European military exercise — we don’t know what country they were from — to demonstrate the power of the attack technique. Over four weeks, the researchers developed fake pages and closed groups on Facebook that looked like they were associated … Read More “Attacking Soldiers on Social Media” »
The module “event-stream” was infected with malware by an anonymous someone who became an admin on the project. Cory Doctorow points out that this is a clever new attack vector: Many open source projects attain a level of “maturity” where no one really needs any new features and there aren’t a lot of new bugs … Read More “Distributing Malware By Becoming an Admin on an Open-Source Project” »
Brian Krebs is reporting on some new and sophisticated phishing scams over the telephone. I second his advice: “never give out any information about yourself in response to an unsolicited phone call.” Always call them back, and not using the number offered to you by the caller. Always. Powered by WPeMatico
This is an interesting security vulnerability: because it is so easy to impersonate iOS password prompts, a malicious app can steal your password just by asking. Why does this work? iOS asks the user for their iTunes password for many reasons, the most common ones are recently installed iOS operating system updates, or iOS apps … Read More “Impersonating iOS Password Prompts” »
This article feels like hyperbole: The scam has arrived in Australia after being used in the United States and Britain. The scammer may ask several times “can you hear me?”, to which people would usually reply “yes.” The scammer is then believed to record the “yes” response and end the call. That recording of the … Read More “Stealing Voice Prints” »
LyreBird is a system that can accurately reproduce the voice of someone, given a large amount of sample inputs. It’s pretty good — listen to the demo here — and will only get better over time. The applications for recorded-voice forgeries are obvious, but I think the larger security risk will be real-time forgery. Imagine … Read More “Forging Voice” »
In this impressive social-engineering display, a hacker convinces a cell phone tech-support person to change an account password without being verified in any way. Powered by WPeMatico
It’s not hard to imagine the criminal possibilities of automation, autonomy, and artificial intelligence. But the imaginings are becoming mainstream — and the future isn’t too far off. Along similar lines, computers are able to predict court verdicts. My guess is that the real use here isn’t to predict actual court verdicts, but for well-paid … Read More “Malicious AI” »