reports, Security technology, squid, Uncategorized
Article. Report. Powered by WPeMatico
Category: Uncategorized
Auto Added by WPeMatico
AI, cyberattack, defense, Security technology, Uncategorized
His conclusion: Context wins Basically whoever can see the most about the target, and can hold that picture in their mind the best, will be best at finding the vulnerabilities the fastest and taking advantage of them. Or, as the defender, applying patches or mitigations the fastest. And if you’re on the inside you know … Read More “Daniel Miessler on the AI Attack/Defense Balance” »
AI, reports, scams, Security technology, Uncategorized
New report: “Scam GPT: GenAI and the Automation of Fraud.” This primer maps what we currently know about generative AI’s role in scams, the communities most at risk, and the broader economic and cultural shifts that are making people more willing to take risks, more vulnerable to deception, and more likely to either perpetuate scams … Read More “Use of Generative AI in Scams” »
banking, impersonation, scams, Security technology, social engineering, Uncategorized
Longtime Crypto-Gram readers know that I collect personal experiences of people being scammed. Here’s an almost: Then he added, “Here at Chase, we’ll never ask for your personal information or passwords.” On the contrary, he gave me more information—two “cancellation codes” and a long case number with four letters and 10 digits. That’s when he … Read More “Details of a Scam” »
AI, data breaches, Security technology, trust, Uncategorized
Notion just released version 3.0, complete with AI agents. Because the system contains Simon Willson’s lethal trifecta, it’s vulnerable to data theft though prompt injection. First, the trifecta: The lethal trifecta of capabilities is: Access to your private data—one of the most common purposes of tools in the first place! Exposure to untrusted content—any mechanism … Read More “Abusing Notion’s AI Agent for Data Theft” »
Security technology, squid, Uncategorized
A nice story. Powered by WPeMatico
computer security, encryption, privacy, Security technology, threat models, Uncategorized
Today’s world requires us to make complex and nuanced decisions about our digital security. Evaluating when to use a secure messaging app like Signal or WhatsApp, which passwords to store on your smartphone, or what to share on social media requires us to assess risks and make judgments accordingly. Arriving at any conclusion is an … Read More “Digital Threat Modeling Under Authoritarianism” »
phishing, Security technology, spoofing, Uncategorized
This site turns your URL into something sketchy-looking. For example, www.schneier.com becomes https://cheap-bitcoin.online/firewall-snatcher/cipher-injector/phishing_sniffer_tool.html?form=inject&host=spoof&id=bb1bc121¶meter=inject&payload=%28function%28%29%7B+return+%27+hi+%27.trim%28%29%3B+%7D%29%28%29%3B&port=spoof. Found on Boing Boing. Powered by WPeMatico
cell phones, cyberattack, denial of service, infrastructure, Security technology, telecom, Uncategorized
This is a weird story: The US Secret Service disrupted a network of telecommunications devices that could have shut down cellular systems as leaders gather for the United Nations General Assembly in New York City. The agency said on Tuesday that last month it found more than 300 SIM servers and 100,000 SIM cards that … Read More “US Disrupts Massive Cell Phone Array in New York” »
apple, cybersecurity, hardware, integrity, Security technology, Uncategorized, vulnerabilities
Apple has introduced a new hardware/software security feature in the iPhone 17: “Memory Integrity Enforcement,” targeting the memory safety vulnerabilities that spyware products like Pegasus tend to use to get unauthorized system access. From Wired: In recent years, a movement has been steadily growing across the global tech industry to address a ubiquitous and insidious … Read More “Apple’s New Memory Integrity Enforcement” »