Skip to main content

Posts

Showing posts from October, 2023

Inserted AI-generated Microsoft poll about woman’s death rankles The Guardian

Speculative AI news poll presented three choices: murder, accident, or suicide. https://bit.ly/3sc6gfl

“This vulnerability is now under mass exploitation.” Citrix Bleed bug bites hard

By some estimates, 20,000 devices have already been hacked. https://bit.ly/3QBrEnB

Biden issues sweeping executive order that touches AI risk, deepfakes, privacy

Order details US admin's approach to AI safety, media authenticity, job loss, and more. https://bit.ly/3QDK478

Microsoft profiles new threat group with unusual but effective practices

Octo Tempest employs tactics that many of its targets aren't prepared for. https://bit.ly/3tQDKjI

People are speaking with ChatGPT for hours, bringing 2013’s Her closer to reality

Long mobile conversations with the AI assistant using AirPods echo the sci-fi film. https://bit.ly/498NnKS

iPhones have been exposing your unique MAC despite Apple’s promises otherwise

“From the get-go, this feature was useless,” researcher says of feature put into iOS 14. https://bit.ly/49dpRfC

Apple backs national right-to-repair bill, offering parts, manuals, and tools

Repair advocates say Apple's move is beneficial, but also strategic. https://bit.ly/3rWAxic

“Do not open robots,” warns Oregon State amid college food delivery bomb prank

OSU officials isolate food robots after bomb threat, later resolved with an arrest. https://bit.ly/40hyxha

US surprises Nvidia by speeding up new AI chip export ban

Nvidia tried to end-run restrictions with new designs, but US govt said not so fast. https://bit.ly/473qSVH

1Password detects “suspicious activity” in its internal Okta account

1Password CTO says investigation found no compromise of user data or sensitive systems. https://bit.ly/3QaxxXd

Stanford researchers challenge OpenAI, others on AI transparency in new report

Researchers say "most transparent" AI model scores only 54% on their index. https://bit.ly/3S9QHPE

Eureka: With GPT-4 overseeing training, robots can learn much faster

GPU-based physics simulator speeds up reality by "1,000x" while GPT-4 calls the shots. https://bit.ly/46Z5C3x

Okta says hackers breached its support system and viewed customer files

Hackers obtained valid credentials, but Okta doesn't say how. https://bit.ly/404Np26

Thanks to AI, the future of programming may involve YELLING IN ALL CAPS

Politeness and emphasis play a surprising role in AI-model communications. https://bit.ly/3tMRMmh

RIP to my 8-port Unifi switch after years and years of Texas outdoor temps

Turns out that only lightning could kill the otherwise-unkillable US-8-150W. https://bit.ly/3Q2Uiww

The latest high-severity Citrix vulnerability under attack isn’t easy to fix

If you run a Netscaler ADC or Gateway, assume it's compromised and take action ... fast. https://bit.ly/4038av3

There’s a new way to flip bits in DRAM, and it works against the latest defenses

New technique produces lots of bitflips and could one day help form an attack. https://bit.ly/3FmHaNx

Google-hosted malvertising leads to fake Keepass site that looks genuine

Google-verified advertiser + legit-looking URL + valid TLS cert = convincing look-alike. https://bit.ly/3QmasCh

At TED AI 2023, experts debate whether we’ve created “the new electricity”

Is AI going to replace us all, or is it just humanity's newest tool? https://bit.ly/491HGy8

AI chatbots can infer an alarming amount of info about you from your responses

This troubling ability could be used by scammers or to target ads. https://bit.ly/3rVogKC

Mazda’s DMCA takedown kills a hobbyist’s smart car API tool

Financial risk too great for dev working "in my spare time to help others." https://bit.ly/46VOrzG

Actively exploited Cisco 0-day with maximum 10 severity gives full network control

An unknown threat actor is exploiting the vulnerability to create admin accounts. https://bit.ly/3Fl7ckw

Google will shield AI users from copyright challenges, within limits

New policy covers training data and AI output—but no mention of Bard. https://bit.ly/3RWcJp2

Biggest DDoSes of all time generated by protocol 0-day in HTTP/2

More than 8 years after the adoption of HTTP/2, DDoSers devise rapid reset attack. https://bit.ly/3S0wRq2

CD-indexing cue files are the core of a serious Linux remote code exploit

Yet another tiny, crucial piece of volunteer software begets a big problem. https://bit.ly/46qUBbo

Adobe’s AI image generators get beefy updates, including vector graphics

Firefly 2 improves detail, Firefly Vector generates scalable vectors from a prompt. https://bit.ly/3PPjqGW

So far, AI hasn’t been profitable for Big Tech

Microsoft loses around $20 per user per month on GitHub Copilot, according to the WSJ. https://bit.ly/3RTQtfw

Thousands of WordPress sites have been hacked through tagDiv plugin vulnerability

If a site is redirecting visitors to scam sites, it was likely hacked by Balada. https://bit.ly/3RTqAfY

Tired of shortages, OpenAI considers making its own AI chips

At an estimated 4 cents per ChatGPT query, OpenAI looks for cheaper AI chip solutions. https://bit.ly/3RVeSBl

23andMe says private user data is up for sale after being scraped

Records reportedly belong to millions of users who opted in to a relative-search feature. https://bit.ly/3Q2ql0B

AI firms working on “constitutions” to keep AI from spewing toxic content

Broken guardrails for AI systems lead to push for new safety measures . https://bit.ly/4008Gu5

Vulnerabilities in Supermicro BMCs could allow for unkillable server rootkits

With the ability to manage huge fleets of servers, BMCs are ideal places to stash malware. https://bit.ly/3PKRILc

Facebook’s new AI stickers can generate Elmo with a knife

Instagram, Messenger AI feature goes viral for potentially offensive user-created stickers. https://bit.ly/3F1lYgb

They’ve begun: Attacks exploiting vulnerability with maximum 10 severity rating

Will attacks be as big as those targeting MOVEit? Maybe not, but they still can be plenty bad. https://bit.ly/48EZChV

Tom Hanks warns of AI-generated doppelganger in Instagram plea

Hanks and other celebrities have recently become targets of AI-powered ad scams. https://bit.ly/46yRsFV

Researchers show how easy it is to defeat AI watermarks

Adding fake watermarks to real images, evading current watermarking methods is not hard. https://bit.ly/45kqzVc

Dead grandma locket request tricks Bing Chat’s AI into solving security puzzle

"I'm sure it's a special love code that only you and your grandma know." https://bit.ly/3Q314nb

Vulnerable Arm GPU drivers under active exploitation. Patches may not be available

Vulnerability allows attackers to tamper with data stored in device memory. https://bit.ly/3REkeRt