Blog

07Oct 2024 by

E.U. Court Limits Meta’s Use of Personal Facebook Data for Targeted Ads

Actualités
Europe's top court has ruled that Meta Platforms must restrict the use of personal data harvested from Facebook for serving targeted ads even when users consent to their information being used for advertising purposes, a move that could have serious consequences for ad-driven companies operating in the region. "An online social network such as Facebook cannot use all of the personal data
Read More
05Oct 2024 by

A Single Cloud Compromise Can Feed an Army of AI Sex Bots (Krebs on Security)

Actualités, Sécurité
Organizations that get relieved of credentials to their cloud environments can quickly find themselves part of a disturbing new trend: Cybercriminals using stolen cloud credentials to operate and resell sexualized AI-powered chat services. Researchers say these illicit chat bots, which use custom jailbreaks to bypass content filtering, often veer into darker role-playing scenarios, including child sexual exploitation and rape. Image: Shutterstock. Researchers at security firm Permiso Security say attacks against generative artificial intelligence (AI) infrastructure like Bedrock from Amazon Web Services (AWS) have increased markedly over the last six months, particularly when someone in the organization accidentally exposes their cloud credentials or key online, such as in a code repository like GitHub. Investigating the abuse of AWS accounts for several organizations, Permiso found attackers had seized on stolen AWS credentials…
Read More
05Oct 2024 by

Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability

Actualités
Apple has released iOS and iPadOS updates to address two security issues, one of which could have allowed a user's passwords to be read out aloud by its VoiceOver assistive technology. The vulnerability, tracked as CVE-2024-44204, has been described as a logic problem in the new Passwords app impacting a slew of iPhones and iPads. Security researcher Bistrit Daha has been credited with
Read More
05Oct 2024 by

A Single Cloud Compromise Can Feed an Army of AI Sex Bots (Krebs on Security)

Actualités, Sécurité
Organizations that get relieved of credentials to their cloud environments can quickly find themselves part of a disturbing new trend: Cybercriminals using stolen cloud credentials to operate and resell sexualized AI-powered chat services. Researchers say these illicit chat bots, which use custom jailbreaks to bypass content filtering, often veer into darker role-playing scenarios, including child sexual exploitation and rape. Image: Shutterstock. Researchers at security firm Permiso Security say attacks against generative artificial intelligence (AI) infrastructure like Bedrock from Amazon Web Services (AWS) have increased markedly over the last six months, particularly when someone in the organization accidentally exposes their cloud credentials or key online, such as in a code repository like GitHub. Investigating the abuse of AWS accounts for several organizations, Permiso found attackers had seized on stolen AWS credentials…
Read More
05Oct 2024 by

A Single Cloud Compromise Can Feed an Army of AI Sex Bots

Actualités
Organizations that get relieved of credentials to their cloud environments can quickly find themselves part of a disturbing new trend: Cybercriminals using stolen cloud credentials to operate and resell sexualized AI-powered chat services. Researchers say these illicit chat bots, which use custom jailbreaks to bypass content filtering, often veer into darker role-playing scenarios, including child sexual exploitation and rape. Image: Shutterstock. Researchers at security firm Permiso Security say attacks against generative artificial intelligence (AI) infrastructure like Bedrock from Amazon Web Services (AWS) have increased markedly over the last six months, particularly when someone in the organization accidentally exposes their cloud credentials or key online, such as in a code repository like GitHub. Investigating the abuse of AWS accounts for several organizations, Permiso found attackers had seized on stolen AWS credentials…
Read More