lemmydev2

Security researchers have observed Red Hat and Ubuntu systems being attacked by a Linux version of the DinodasRAT (also known as XDealer) that may have been operating since 2022. [...]

Nearly eight million customers and 65.4 million former account holders were affected by the data breach, the company said.

Ross Anderson, a professor of security engineering at the University of Cambridge who is widely recognized for his contributions to computing, passed away at home on Thursday according to friends and colleagues who have been in touch with his family and the University. Anderson, who also taught at Edinburgh University, was one of the

OpenAI announced a new AI-based audio cloning tool called Voice Engine on Friday. While the company is obviously proud of the potential of this technology—touting how it could be used to provide reading assistance for kids and give a voice to those who’ve lost theirs—OpenAI is clearly very nervous about how this could…Read more...

CVE-2024-1086 turns the page tables on system admins A Linux privilege-escalation proof-of-concept exploit has been published that, according to the bug hunter who developed it, typically works effortlessly on kernel versions between at least 5.14 and 6.6.14. …

Red Hat in all caps says STOP USAGE OF ANY FEDORA RAWHIDE INSTANCES Red Hat on Friday warned that a malicious backdoor found in the widely used data compression library called xz may be present in Fedora Linux 40, 41, and in the Fedora Rawhide developer distribution.…

Hackers Are Now Using Code Repositories as Malware VectorsPython code repository PyPI temporarily halted new user registration for a second time in three months following a surge in malware-ridden code mimicking legitimate software packages. PyPI is not the only code repository to recently be attacked by hackers.

The majority of cyberattacks against organizations are perpetrated via social engineering of employees, and criminals are using new methods including AI to supercharge their techniques, according to ReliaQuest. Some 71% of all attacks trick employees via the use of phishing, and of particular concern is a sharp rise in QR code phishing, which increased 51% last year compared to the previous eight months. Employees are also being duped into downloading fake updates – often to … More → The post AI weaponization becomes a hot topic on underground forums appeared first on Help Net Security.

Open Web Advocacy: How in-app browsers silently subvert user choice, stifle innovation, trap users into apps, break websites, and enable apps to severely undermine user privacy  —  In-App Browsers subvert user choice, stifle innovation, trap users into apps, break websites and enable applications to severely undermine user privacy.

We're dreaming of a white list, because we're just like the ones you used to know More than half of Americans are using ad blocking software, and among advertising, programming, and security professionals that fraction is more like two-thirds to three-quarters.…

A new phishing-as-a-service (PhaaS) named 'Darcula' uses 20,000 domains to spoof brands and steal credentials from Android and iPhone users in more than 100 countries. [...]

Elizabeth Howcroft / Reuters: Portugal's data regulator orders Worldcoin to stop collecting biometric data for 90 days, after receiving complaints about unauthorized collection from minors  —  Portugal's data regulator has ordered Sam Altman's iris-scanning project Worldcoin to stop collecting biometric data for 90 days …