lemmydev2

Dakota Cary’s statement that “it is inconceivable the U.S. would ask a private company to hack Xi’s phone” is so spectacularly wrong given the mountain of evidence showing the U.S. has been using private companies for offensive intelligence operations for decades that it raises serious questions about SentinelOne’s analytical capabilities. The contrast between his confident … Continue reading SentinelOne Analyst So Wrong About China it Should be a Crime →

As part of the Month of AI Bugs, serious vulnerabilities that allow remote code execution via indirect prompt injection were discovered. There was a period of a few weeks where multiple arbitrary code execution vulnerabilities existed in popular agents, like GitHub Copilot, Amazon Q, AWS Kiro,… During that time I was wondering if it would be possible to write an AI virus. Hence the idea of AgentHopper was born. This post is purely for educational purposes, and make sure to check the mitigations section at the end on tips to mitigate similar threats.

US and Dutch authorities shut down VerifTools, a major fake ID marketplace selling documents to bypass KYC checks and access accounts. Law enforcement in the US and the Netherlands dismantled VerifTools, a major fake ID marketplace selling ID documents to bypass KYC checks and gain unauthorized access to online accounts. Authorities seized two marketplace domains […]

Richard Bravo / Bloomberg: French President Emmanuel Macron vows a strong response if any country takes measures that undermine Europe's digital sovereignty  —  French President Emmanuel Macron vowed a strong response if any country takes measures that undermine Europe's digital sovereignty.

A court filing states that a government order against Apple would give it the capability to access communications and metadata of customers using the iCloud service anywhere in the world

Comments

Apple has removed the iPhone torrenting client, iTorrent, from AltStore PAL’s alternative iOS marketplace in the EU, showing that it can still exert control over apps that aren’t listed on the official App Store. iTorrent developer Daniil Vinogradov told TorrentFreak that Apple has revoked his distribution rights to publish apps in any alternative iOS stores, […]

Plus millions of other people across 80+ countries China's Salt Typhoon cyberspies hoovered up information belonging to millions of people in the United States over the course of the years-long intrusion into telecommunications networks, according to a top FBI cyber official.…

AI assistants don't have fixed personalities—just patterns of output guided by humans.

Microsoft says that Word for Windows will soon enable autosave and automatically save all new documents to the cloud by default. [...]

$6.4M VerifTools marketplace offline The FBI and Dutch police today said that they seized two domains and a blog tied to VerifTools, an international criminal marketplace that sold identity documents for as little as $9.…

Don't let it happen to you Storm-0501, a financially motivated cybercrime crew, recently broke into a large enterprise's on-premises and cloud environments, ultimately exfiltrating and destroying data within the org's Azure environment. The criminals then contacted the victim via a Microsoft Teams account that they'd also compromised in the attack, demanding a ransom payment for the stolen files.…