720-891-1663

Security News for the Week Ending December 29, 2023

A couple of Stanford grad students have written an AI app that using a very small dataset (400,000 images) can detect your location. PIGEON, as the project is called, can predict the country of the image with 92 percent accuracy and provide location within 25 kilometers in 40 percent of the tests. Imagine would it would do with Dall-E’s hundreds of millions of images. Imagine what a rogue nation could do with that data. Makes you never want to post a photo ever again. Credit: ZDNet

This was patched in January 2023 but they are just talking about it now. The exploit bypassed hardware based iPhone protections and chained multiple exploits together. The campaign is believed to have been active since 2019 – it took Apple 4 years to discover and patch the attack, which starts with a zero-click iMessage. Credit: The Hacker News

Real Estate Wealth Network is a subscription service that offers subscribers property, financial and other data. They leaked 1.5 billion records publicly, including celebrities addresses and real estate purchase details. Also includes are bankruptcy, divorce, liens, foreclosures, inheritance and other information of wealthy people. The data is now available on the dark web. Credit: Security Info Watch

Two New York hospitals were recently hit by a ransomware attack and with the help of the FBI found a copy of their data on Wasabi’s cloud storage. Wasabi is a U.S. company but the hackers, LockBit, are Russian. They are asking the court to issue an order (maybe written in Russian ) ordering LockBit to destroy all copies of the data. LockBit is a very sophisticated hacking group so it is highly likely that there are multiple copies of the data and I am sure that Putin will get right on that court order, if it is issued. Those lawyers must be stoned. Credit: Bleeping Computer

The rule, which will come into effect late in 2024, would require banks to reimburse customers for losses up to $525,000 unless the bank can PROVE the individual “acted with gross negligence”, an undefined term. UK banks currently have a variety of reimbursement policies, but if this rule comes into effect, banks will either block a lot more transactions until customers can PROVE that they approved them (i.e. agree to be liable for losses) or banks will raise fees and other charges to pay for this. In the first half of the year, losses from potentially covered scams was over $300 million. That money will come out of consumers’ pockets one way or another. Credit: The Record

Facebooktwitterredditlinkedinmailby feather

Leave a Reply

Your email address will not be published. Required fields are marked *