'Ignore previous instructions' thwarts Prompt-Guard model if you just add some good ol' ASCII code 32 Meta's machine-learning model for detecting prompt injection attacks – special prompts to make neural networks behave inappropriately – is itself vulnerable to, you guessed it, prompt injection attacks.... [...]
Do we really want to bother SCOTUS with this, friends? Surely they're way too busy to take a look US border agents must obtain a warrant, in New York at least, to search anyone's phone and other electronic device when traveling in or out of the country, another federal …
Amazon Web Services (AWS) is pleased to announce that we have revalidated our AAA rating for the Pinakes qualification system. The scope of this requalification covers 171 services in 31 global AWS Regions. Pinakes is a security rating framework developed by the Spanish banking association Centro de Cooperación Interbancaria …
This blog post is the second of a two-part series where we show you how to respond to a specific incident by using Amazon Security Lake as the primary data source to accelerate incident response workflow. The workflow is described in the Unintended Data Access in Amazon S3 incident …
Managing and auditing data access can be very complex at scale, in particular, for a fleet of databases with a myriad of users. Today, we’re launching Identity and Access Management (IAM) group authentication in Cloud SQL for PostgreSQL and Cloud SQL for MySQL, simplifying user management and database …
No mention of malware or ransomware – somewhat of a rarity these days HealthEquity, a US fintech firm for the healthcare sector, admits that a "data security event" it discovered at the end of June hit the data of a substantial 4.3 million individuals. Stolen details include addresses, telephone …
Happy Sysadmin Day Google celebrated Sysadmin Day last week by apologizing for breaking its password manager for millions of Windows users – just as many Windows admins were still hard at work mitigating the impact of the faulty CrowdStrike update.... [...]
The latest in what will be a continuing arms race between creating and detecting videos: The new tool the research project is unleashing on deepfakes, called “MISLnet”, evolved from years of data derived from detecting fake images and video with tools that spot changes made to digital video or …
Now there's an idea – parsing config data in user mode Updated Microsoft has vowed to reduce cybersecurity vendors' reliance on kernel-mode code, which was at the heart of the CrowdStrike super-snafu this month.... [...]
Because clearly it's better for Beijing to know who you are than for every ISP and social service to keep its own records Beijing may soon issue "cyberspace IDs" to its citizens, after floating a proposal for the scheme last Friday.... [...]
Plus: More stalkerware exposure; a $16M TracFone fine; Ransomware victims don't use MFA, and more Infosec in brief Protecting computers' BIOS and the boot process is essential for modern security – but knowing it's important isn't the same as actually taking steps to do it.... [...]
Google says it recently fixed an authentication weakness that allowed crooks to circumvent the email verification required to create a Google Workspace account, and leverage that to impersonate a domain holder at third-party services that allow logins through Google’s “Sign in with Google” feature. Last week, KrebsOnSecurity heard …
They’re better for the environment. Blog moderation policy. [...]
And boy, did last Friday's Windows fiasco ever prove that yet again Opinion CrowdStrike's recent Windows debacle will surely earn a prominent place in the annals of epic tech failures. On July 19, the cybersecurity giant accomplished what legions of hackers could only dream of – bringing millions of Windows …
Enlarge / A bad update to CrowdStrike's Falcon security software crashed millions of Windows PCs last week. (credit: CrowdStrike) CrowdStrike CEO George Kurtz said Thursday that 97 percent of all Windows systems running its Falcon sensor software were back online, a week after an update-related outage to the corporate security …
Enlarge / Police observe the Eiffel Tower from Trocadero ahead of the Paris 2024 Olympic Games on July 22, 2024. (credit: Hector Vivas/Getty Images ) On the eve of the Olympics opening ceremony, Paris is a city swamped in security. Forty thousand barriers divide the French capital. Packs of police …
This isn’t good : On Thursday, researchers from security firm Binarly revealed that Secure Boot is completely compromised on more than 200 device models sold by Acer, Dell, Gigabyte, Intel, and Supermicro. The cause: a cryptographic key underpinning Secure Boot on those models that was compromised in 2022. In …
Building a certificate authority (CA) hierarchy using AWS Private Certificate Authority has been made simple in Amazon Web Services (AWS); however, the CA tree will often reside in one AWS Region in one account. Many AWS customers run their businesses in multiple Regions using multiple AWS accounts and have …
These are the kinds of bugs APTs thrive on, just ask the Feds Progress Software's latest security advisory warns customers about the second critical vulnerability targeting its Telerik Report Server in as many months.... [...]
Microsoft, Mandiant, weigh in with info about methods used by Andariel gang alleged to have made many, many, heists The US Department of Justice on Thursday charged a North Korean national over a series of ransomware attacks on stateside hospitals and healthcare providers, US defense companies, NASA, and even …
May even have targeted other malware gangs, and infosec researchers Infosec researchers have discovered a network of over three thousand malicious GitHub accounts used to spread malware, targeting groups including gamers, malware researchers, and even other threat actors who themselves seek to spread malware.... [...]
We offer this formula instead: RND(100.0)*(10^9) The cost of CrowdStrike's apocalyptic Falcon update that brought down millions of Windows computers last week may be in the billions of dollars, and insurance isn't covering most of that.... [...]
PSA: Only accept updates via official channels... ironically enough CrowdStrike is the latest lure being used to trick Windows users into downloading and running the notorious Lumma infostealing malware, according to the security shop's threat intel team, which spotted the scam just days after the Falcon sensor update fiasco …
(credit: Chrome ) Google is redesigning Chrome malware detections to include password-protected executable files that users can upload for deep scanning, a change the browser maker says will allow it to detect more malicious threats. Google has long allowed users to switch on the Enhanced Mode of its Safe Browsing …
And the forking Microsoft-owned code warehouse doesn't see this as much of a problem Researchers at Truffle Security have found, or arguably rediscovered, that data from deleted GitHub repositories (public or private) and from deleted copies (forks) of repositories isn't necessarily deleted.... [...]
Friday’s massive internet outage, caused by a mid-sized tech company called CrowdStrike, disrupted major airlines, hospitals, and banks. Nearly 7,000 flights were canceled. It took down 911 systems and factories, courthouses, and television stations. Tallying the total cost will take time. The outage affected more than 8 …
Enlarge (credit: sasha85ru | Getty Imates) In 2012, an industry-wide coalition of hardware and software makers adopted Secure Boot to protect against a long-looming security threat. The threat was the specter of malware that could infect the BIOS, the firmware that loaded the operating system each time a computer booted …
Beijing has a long history of recruiting US residents to carry out various espionage activities The US is looking to prosecute a Chinese immigrant over claims he has been drip-feeding information of interest to Beijing since at least 2012.... [...]
Officials seized documents from NSO Group to try to stop handover of information about notorious hacking tool, files suggest The Israeli government took extraordinary measures to frustrate a high-stakes US lawsuit that threatened to reveal closely guarded secrets about one of the world’s most notorious hacking tools, leaked …
For some unknown reason, initial patch was omitted from later versions Docker is warning users to rev their Docker Engine into patch mode after it realized a near-maximum severity vulnerability had been sticking around for five years.... [...]
Those national security threat claims? 'No evidence,' VP tells The Reg Exclusive Despite the Feds' determination to ban Kaspersky's security software in the US, the Russian business continues to push its proposal to open up its data and products to independent third-party review – and prove to Uncle Sam that …
I am the Chief of Security Architecture at Inrupt, Inc., the company that is commercializing Tim Berners-Lee’s Solid open W3C standard for distributed data ownership. This week, we announced a digital wallet based on the Solid architecture. Details are here, but basically a digital wallet is a repository …
Are your security and ops teams fighting to pass the buck? Comment Patching: The bane of every IT professional's existence. It's a thankless, laborious job that no one wants to do, goes unappreciated when it interrupts work, and yet it's more critical than ever in this modern threat landscape …
This one weird trick saved countless hours and stress – no, really Not long after Windows PCs and servers at the Australian limb of audit and tax advisory Grant Thornton started BSODing last Friday, senior systems engineer Rob Woltz remembered a small but important fact: When PCs boot, they consider …
'In the short term, they're going to have to do a lot of groveling' Analysis The great irony of the CrowdStrike fiasco is that a cybersecurity company caused the exact sort of massive global outage it was supposed to prevent. And it all started with an effort to make …
Yes, you can be fingerprinted and tracked via Privacy Sandbox – tho the risk isn't as high as feared Apple last week celebrated a slew of privacy changes coming to its Safari browser and took the time to bash rival Google for its Topics system that serves online ads based …
Concerns abound over why it has taken so long to recover compared to competitors The US Department of Transportation (DoT) is investigating Delta Air Lines over its handling of the global IT outage caused by CrowdStrike's content update.... [...]
Google Cloud’s VPC Service Controls can help organizations mitigate the risk of data exfiltration from their Google Cloud managed services. VPC Service Controls (VPC-SC) creates isolation perimeters around cloud resources and networks in Google Cloud, helping you limit access to your sensitive data. Today, we are excited to …
Supposedly the DHS has these : The robot, called “NEO,” is a modified version of the “Quadruped Unmanned Ground Vehicle” (Q-UGV) sold to law enforcement by a company called Ghost Robotics. Benjamine Huffman, the director of DHS’s Federal Law Enforcement Training Centers (FLETC), told police at the 2024 Border …
Not now, Microsoft Some Windows devices are presenting users with a BitLocker recovery screen upon reboot following the installation of July's Patch Tuesday update.... [...]
With numerous US government agency customers, any leak could be serious Updated Internal documents stolen from Leidos Holdings, an IT services provider contracted with the Department of Defense and other US government agencies, have been leaked on the dark web.... [...]
Enlarge / The cityscape from the tower of the Lviv Town Hall in winter. (credit: Anastasiia Smolienko / Ukrinform/Future Publishing via Getty Images ) As Russia has tested every form of attack on Ukraine's civilians over the past decade, both digital and physical, it's often used winter as one of its …
Watchdog reprimand follows similar cases in 2021 The UK's data protection watchdog has reprimanded a school in Essex for using facial recognition for canteen payments, nearly three years after other schools were warned about doing the same.... [...]
Web puzzles don't protect against bots, but humans have spent 819 million unpaid hours solving them Updated Google promotes its reCAPTCHA service as a security mechanism for websites, but researchers affiliated with the University of California, Irvine, argue it's harvesting information while extracting human labor worth billions.... [...]
Something called 'Content Validator' did not validate the content, and the rest is history CrowdStrike has blamed a bug in its own test software for the mass-crash-event it caused last week.... [...]
If it can happen to folks that run social engineering defence training, what hope for the rest of us? Cybersecurity awareness and training provider KnowBe4 hired a North Korean fake IT worker for a software engineering role on its AI team, and only realized its mistake once the guy …
President apologizes in advance for job losses The Philippines has decided to dismantle the worst of its offshored industries: the bits that run gambling and scam operations.... [...]
Maybe next time some staged rollouts? A bit of QA too? Analysis Last week, at 0409 UTC on July 19, 2024, antivirus maker CrowdStrike released an update to its widely used Falcon platform that caused Microsoft Windows machines around the world to crash.... [...]
The Chinese company in charge of handing out domain names ending in “.top ” has been given until mid-August 2024 to show that it has put in place systems for managing phishing reports and suspending abusive domains, or else forfeit its license to sell domains. The warning comes amid the …
How could this happen to us? We were supposed to be two versions behind? If administrators have learned anything from the CrowdStrike chaos, it's to understand exactly what delayed updates mean – or don't mean – in the anti-malware world.... [...]