New Research in Detecting AI-Generated Videos The latest in what will be a continuing arms race between creating and detecting videos: The new tool the research project is unleashing on deepfakes, called “MISLnet”, evolved from years of data derived from detecting fake images and video with tools that spot changes made to digital video or…
Read More
The guidelines outline voluntary practices developers can adopt while designing and building their model to protect it against being misused to cause deliberate harm to individuals, public safety, and national security. The draft offers seven key approaches for mitigating the risks that models will be misused, along with recommendations on how to implement them and…
Read More
A threat actor known as Stargazer Goblin has set up a network of inauthentic GitHub accounts to fuel a Distribution-as-a-Service (DaaS) that propagates a variety of information-stealing malware and netting them $100,000 in illicit profits over the past year. The network, which comprises over 3,000 accounts on the cloud-based code hosting platform, spans thousands of…
Read More
“Moving forward, this outage demonstrates that continuous preparation to fortify defenses is vital, especially before outages occur,” Christine Gadsby, CISO at Blackberry, opined. She continued, “Already understanding what areas are most vulnerable within a system prevents a panicked reaction when something looks amiss and makes it more difficult for hackers to wreak havoc. In a…
Read More
Jul 29, 2024NewsroomCybersecurity / Cyber Espionage The remote access trojan known as Gh0st RAT has been observed being delivered by an “evasive dropper” called Gh0stGambit as part of a drive-by download scheme targeting Chinese-speaking Windows users. These infections stem from a fake website (“chrome-web[.]com”) serving malicious installer packages masquerading as Google’s Chrome browser, indicating that…
Read More
Protecting the games The French government’s national cybersecurity agency, Agence national de la sécurité des systèmes d’information (ANSSI), is overseeing the monumental effort to keep the Paris Olympics cyber safe. Since mid-2023 it has held several awareness-raising seminars and crisis-planning exercises with multiple stakeholders across the government, security, and sports ecosystems. Eviden (a division of…
Read More
Threat actors are exploiting a misconfiguration in Selenium Grid, a popular web app testing framework, to deploy a modified XMRig tool for mining Monero cryptocurrency. Selenium Grid is open-source and enables developers to automate testing across multiple machines and browsers. It is used in cloud environments and it has more than 100 million pulls on Docker Hub. The tests…
Read More
The Prime Minister Anthony Albanese has named a new minister for home affairs and for cybersecurity. Tony Burke will take on the responsibility along with immigration and multicultural affairs; minister for the arts; leader of the House. The cabinet change announced on Sunday comes two years after Clare O’Neil was appointed and having cybersecurity as…
Read More
A security issue in the latest version of WhatsApp for Windows allows sending Python and PHP attachments that are executed without any warning when the recipient opens them. For the attack to be successful, Python needs to be installed, a prerequisite that may limit the targets to software developers, researchers, and power users. The problem…
Read More
X has quietly begun training its Grok AI chat platform using members’ public posts without first alerting anyone that it is doing it by default. As AI platforms war for dominance, they are constantly seeking data to train their large language models (LLMs). This makes your data very valuable. However, instead of asking for permission, most platforms use…
Read More