General Cyber News via Ars Technica Risk Assessment

What is device code phishing, and why are Russian spies so successful at it?

Overlooked attack method has been used since last August in a rash of account takeovers.
Publish Date: 2/14/2025
read more -->

Financially motivated hackers are helping their espionage counterparts and vice versa

Two players who mostly worked independently are increasingly collaborative.
Publish Date: 2/13/2025
read more -->

New hack uses prompt injection to corrupt Gemini’s long-term memory

There's yet another way to inject malicious prompts into chatbots.
Publish Date: 2/11/2025
read more -->

OpenAI’s secret weapon against Nvidia dependence takes shape

Chatbot maker partners with TSMC to manufacture custom AI chip, with plans for future iterations.
Publish Date: 2/10/2025
read more -->

DeepSeek iOS app sends data unencrypted to ByteDance-controlled servers

Apple's defenses that protect data from being sent in the clear are globally disabled.
Publish Date: 2/6/2025
read more -->

Ransomware payments declined in 2024 despite massive. well-known hacks

Amount paid by victims to hackers declined by hundreds of millions of dollars.
Publish Date: 2/6/2025
read more -->

7-Zip 0-day was exploited in Russia’s ongoing invasion of Ukraine

Vulnerability stripped MotW tag Windows uses to flag Internet-downloaded files.
Publish Date: 2/5/2025
read more -->

Go Module Mirror served backdoor to devs for 3+ years

Supply chain attack targets developers using the Go programming language.
Publish Date: 2/5/2025
read more -->

22-year-old math wiz indicted for alleged DeFI hack that stole $65M

22-year-old Andean Medjedovic of Canada could spend decades in prison if convicted.
Publish Date: 2/4/2025
read more -->

Dell risks employee retention by forcing all teams back into offices full-time

"Dell may be missing out on some great talent..."
Publish Date: 1/31/2025
read more -->

Apple chips can be hacked to leak secrets from Gmail, iCloud, and more

Side channel gives unauthenticated remote attackers access they should never have.
Publish Date: 1/28/2025
read more -->

A long, costly road ahead for customers abandoning Broadcom’s VMware

"We loved VMware, and then when Broadcom bought ‘em, we hated ‘em.”
Publish Date: 1/27/2025
read more -->

Backdoor infecting VPNs used “magic packets” for stealth and security

J-Magic backdoor infected organizations in a wide array of industries.
Publish Date: 1/23/2025
read more -->

Data breach hitting PowerSchool looks very, very bad

Schools are now notifying families their data has been stolen.
Publish Date: 1/23/2025
read more -->

Researchers say new attack could take down the European power grid

Power grid in Central Europe uses unencrypted radio signals to add and shed loads.
Publish Date: 1/23/2025
read more -->

The Internet is (once again) awash with IoT botnets delivering record DDoSes

Bigger, badder DDoSes are flooding the Internet. Dismal IoT security is largely to blame.
Publish Date: 1/22/2025
read more -->

Cutting-edge Chinese “reasoning” model rivals OpenAI o1—and it’s free to download

DeepSeek R1 is free to run locally and modify, and it matches OpenAI's o1 in several benchmarks.
Publish Date: 1/21/2025
read more -->

Home Microsoft 365 plans use Copilot AI features as pretext for a price hike

"Classic" plans without AI or price increases are only for current subscribers.
Publish Date: 1/16/2025
read more -->

Microsoft patches Windows to eliminate Secure Boot bypass threat

File that neutered Secure Boot passed Microsoft's internal review process.
Publish Date: 1/16/2025
read more -->

US splits world into three tiers for AI chip access

While close US allies get unrestricted AI chip access, the rest of the world has numerical limits.
Publish Date: 1/13/2025
read more -->


Copyright Ⓒ 2010 SecuritySpecifiers™