Article. Report. Powered by WPeMatico
Category: Uncategorized
Auto Added by WPeMatico
His conclusion: Context wins Basically whoever can see the most about the target, and can hold that picture in their mind the best, will be best at finding the vulnerabilities the fastest and taking advantage of them. Or, as the defender, applying patches or mitigations the fastest. And if you’re on the inside you know … Read More “Daniel Miessler on the AI Attack/Defense Balance” »
New report: “Scam GPT: GenAI and the Automation of Fraud.” This primer maps what we currently know about generative AI’s role in scams, the communities most at risk, and the broader economic and cultural shifts that are making people more willing to take risks, more vulnerable to deception, and more likely to either perpetuate scams … Read More “Use of Generative AI in Scams” »
Longtime Crypto-Gram readers know that I collect personal experiences of people being scammed. Here’s an almost: Then he added, “Here at Chase, we’ll never ask for your personal information or passwords.” On the contrary, he gave me more information—two “cancellation codes” and a long case number with four letters and 10 digits. That’s when he … Read More “Details of a Scam” »
Notion just released version 3.0, complete with AI agents. Because the system contains Simon Willson’s lethal trifecta, it’s vulnerable to data theft though prompt injection. First, the trifecta: The lethal trifecta of capabilities is: Access to your private data—one of the most common purposes of tools in the first place! Exposure to untrusted content—any mechanism … Read More “Abusing Notion’s AI Agent for Data Theft” »
A nice story. Powered by WPeMatico
Today’s world requires us to make complex and nuanced decisions about our digital security. Evaluating when to use a secure messaging app like Signal or WhatsApp, which passwords to store on your smartphone, or what to share on social media requires us to assess risks and make judgments accordingly. Arriving at any conclusion is an … Read More “Digital Threat Modeling Under Authoritarianism” »
This site turns your URL into something sketchy-looking. For example, www.schneier.com becomes https://cheap-bitcoin.online/firewall-snatcher/cipher-injector/phishing_sniffer_tool.html?form=inject&host=spoof&id=bb1bc121¶meter=inject&payload=%28function%28%29%7B+return+%27+hi+%27.trim%28%29%3B+%7D%29%28%29%3B&port=spoof. Found on Boing Boing. Powered by WPeMatico
This is a weird story: The US Secret Service disrupted a network of telecommunications devices that could have shut down cellular systems as leaders gather for the United Nations General Assembly in New York City. The agency said on Tuesday that last month it found more than 300 SIM servers and 100,000 SIM cards that … Read More “US Disrupts Massive Cell Phone Array in New York” »
Apple has introduced a new hardware/software security feature in the iPhone 17: “Memory Integrity Enforcement,” targeting the memory safety vulnerabilities that spyware products like Pegasus tend to use to get unauthorized system access. From Wired: In recent years, a movement has been steadily growing across the global tech industry to address a ubiquitous and insidious … Read More “Apple’s New Memory Integrity Enforcement” »