Skip to main content

Posts

Showing posts from January, 2024

Chinese malware removed from SOHO routers after FBI issues covert commands

Routers were being used to conceal attacks on critical infrastructure. https://arstechnica.com/?p=2000376&utm_source=dlvr.it&utm_medium=blogger

ChatGPT’s new @-mentions bring multiple personalities into your AI convo

Bring different AI roles into the same chatbot conversation history. https://arstechnica.com/?p=2000179&utm_source=dlvr.it&utm_medium=blogger

Ars Technica used in malware campaign with never-before-seen obfuscation

Vimeo also used by legitimate user who posted booby-trapped content. https://arstechnica.com/?p=2000017&utm_source=dlvr.it&utm_medium=blogger

Rhyming AI-powered clock sometimes lies about the time, makes up words

Poem/1 Kickstarter seeks $103K for fun ChatGPT-fed clock that may hallucinate the time. https://arstechnica.com/?p=1999895&utm_source=dlvr.it&utm_medium=blogger

Raspberry Pi is preparing for an IPO in London for likely more than $500M

CEO says firm will "keep doing the same stuff," at least "while I'm in charge." https://arstechnica.com/?p=1999893&utm_source=dlvr.it&utm_medium=blogger

ChatGPT is leaking passwords from private conversations of its users, Ars reader says

Names of unpublished research papers, presentations, and PHP scripts also leaked. https://arstechnica.com/?p=1999872&utm_source=dlvr.it&utm_medium=blogger

OpenAI and Common Sense Media partner to protect teens from AI harms and misuse

Site gave ChatGPT 3 stars and 48% privacy score: "Best used for creativity, not facts." https://arstechnica.com/?p=1999788&utm_source=dlvr.it&utm_medium=blogger

In major gaffe, hacked Microsoft test account was assigned admin privileges

How does a legacy test account grant access to read every Office 365 account? https://arstechnica.com/?p=1999478&utm_source=dlvr.it&utm_medium=blogger

OpenAI announces ChatGPT-4 Turbo and ChatGPT 3.5 Turbo model updates

GPT-4 wasn't putting in the work. Also, lower prices for GPT 3.5 Turbo, other model updates. https://arstechnica.com/?p=1999209&utm_source=dlvr.it&utm_medium=blogger

The life and times of Cozy Bear, the Russian hackers who just hit Microsoft and HPE

Hacks by Kremlin-backed group continue to hit hard. https://arstechnica.com/?p=1999178&utm_source=dlvr.it&utm_medium=blogger

Microsoft cancels Blizzard survival game, lays off 1,900

Job cuts hit Xbox, ZeniMax businesses, too, reports say. https://arstechnica.com/?p=1999036&utm_source=dlvr.it&utm_medium=blogger

AI will increase the number and impact of cyber attacks, intel officers say

Ransomware is likely to be the biggest beneficiary in the next 2 years, UK's GCHQ says. https://arstechnica.com/?p=1998885&utm_source=dlvr.it&utm_medium=blogger

Google’s latest AI video generator renders implausible situations for cute animals

Lumiere generates five-second videos that "portray realistic, diverse and coherent motion." https://arstechnica.com/?p=1998725&utm_source=dlvr.it&utm_medium=blogger

AI-generated puffy pontiff image inspires new warning from Pope Francis

Francis fears "the creation and diffusion of images that appear perfectly plausible but false." https://arstechnica.com/?p=1998573&utm_source=dlvr.it&utm_medium=blogger

Mass exploitation of Ivanti VPNs is infecting networks around the globe

Orgs that haven't acted yet should, even if it means suspending VPN services. https://bit.ly/3u8t1BJ

A “robot” should be chemical, not steel, argues man who coined the word

Čapek: "The world needed mechanical robots, for it believes in machines more than it believes in life." https://bit.ly/47Mcykj

OpenWrt, now 20 years old, is crafting its own future-proof reference hardware

There are, as you might expect, a few disagreements about what's most important. https://bit.ly/497IJf5

Ambient light sensors can reveal your device activity. How big a threat is it?

For now, there's no reason for concern, but that could change in coming years. https://bit.ly/3u6KL0s

Microsoft network breached through password-spraying by Russian-state hackers

Senior execs' emails accessed in network breach that wasn't caught for 2 months. https://bit.ly/3tZXRwl

Convicted murderer, filesystem creator writes of regrets to Linux list

"The man I am now would do things very differently," Reiser says in long letter. https://bit.ly/424jbgS

Inventor of NTP protocol that keeps time on billions of devices dies at age 85

Dave Mills created NTP, the protocol that holds the temporal Internet together, in 1985. https://bit.ly/3U7IFI1

$40 billion worth of crypto crime enabled by stablecoins since 2022

Stablecoins like Tether also used for scams and sanctions evasion. https://bit.ly/3tYjyNm

Zuckerberg’s AGI remarks follow trend of downplaying AI dangers

Zuckeberg and Altman both tamp down fear and hype with casual statements about AGI. https://bit.ly/3tXFsQQ

Researcher uncovers one of the biggest password breaches in recent history

Roughly 25 million of the passwords have never been seen before by widely used service. https://bit.ly/3vBoZSF

OpenAI opens the door for military uses but maintains AI weapons ban

Despite new Pentagon collab, OpenAI won't allow customers to "develop or use weapons" with its tools. https://bit.ly/3SkLuV2

As 2024 election looms, OpenAI says it is taking steps to prevent AI abuse

ChatGPT maker plans transparency for gen AI content and improved access to voting info. https://bit.ly/48OgLVM

New UEFI vulnerabilities send firmware devs across an entire ecosystem scrambling

PixieFail is a huge deal for cloud and data centers. For the rest, less so. https://bit.ly/3vExX1P

AI poisoning could turn open models into destructive “sleeper agents,” says Anthropic

Trained LLMs that seem normal can generate vulnerable code given different triggers. https://bit.ly/3U2PkDA

Famous xkcd comic comes full circle with AI bird-identifying binoculars

Swarovski AX Visio, billed as first "smart binoculars," names species and tracks location. https://bit.ly/4b15zqP

Apple AirDrop leaks user data like a sieve. Chinese authorities say they’re scooping it up.

Chinese authorities are exploiting a weakness Apple has allowed to go unfixed for 5 years. https://bit.ly/3HfpMv4

At Senate AI hearing, news executives fight against “fair use” claims for AI training data

Media orgs want AI firms to license content for training, and Congress is sympathetic. https://bit.ly/3TUNRPq

VMware customers face uncertain future as Broadcom ends VMware partner programs

Only Broadcom's favorites will be able to sell VMware-related offerings. https://bit.ly/3RSjVB4

Actively exploited 0-days in Ivanti VPN are letting hackers backdoor networks

Organizations using Ivanti Connect Secure should take action at once. https://bit.ly/47pSpAw

OpenAI’s GPT Store lets ChatGPT users discover popular user-made chatbot roles

Like an app store, people can find novel ChatGPT personalities—and some creators will get paid. https://bit.ly/3tRcXUP

Linux devices are under attack by a never-before-seen worm

Based on Mirai malware, self-replicating NoaBot installs cryptomining app on infected devices. https://bit.ly/48uWMvu

OpenAI says it’s “impossible” to create useful AI models without copyrighted material

"Copyright today covers virtually every sort of human expression" and cannot be avoided. https://bit.ly/3tO90Ad

Hackers can infect network-connected wrenches to install ransomware

Researchers identify 23 vulnerabilities, some of which can exploited with no authentication. https://bit.ly/41OwiCF

Wi-Fi 7’s theoretical speeds make your Internet connection seem even more sad

More streams, bonded connections, and speeds you can't possibly achieve at home. https://bit.ly/3H9DfVt

Ivanti warns of critical vulnerability in its popular line of endpoint protection software

Customers of the Ivanti Endpoint Protection Manager should patch or mitigate ASAP. https://bit.ly/3vwlYmA

How much detail is too much? Midjourney v6 attempts to find out

As Midjourney rolls out new features, it continues to make some artists furious. https://bit.ly/3H6B2Ka

A “ridiculously weak“ password causes disaster for Spain’s No. 2 mobile carrier

BGP tampering caused by poor security hygiene causes major outage for Orange España. https://bit.ly/3TPthQz

Mandiant, the security firm Google bought for $5.4 billion, gets its X account hacked

Scammer impersonates legitimate cryptocurrency wallet, then pivots to trolling Mandiant. https://bit.ly/41PwJfV

Millions still haven’t patched Terrapin SSH protocol vulnerability

Terrapin isn't likely to be mass-exploited, but there's little reason not to patch. https://bit.ly/3NPFAbG

Early Mickey Mouse is now in the public domain—and AI is already on the case

Experimental AI image generator trained on Disney's 1928 cartoons can make eldritch horrors. https://bit.ly/4aDWnIH