Security News

Research made public on Tuesday detailed how miscreants can exploit the hole to read data they're not supposed to in a system's local GPU memory. While the flaw potentially affects all GPU applications on vulnerable chips, it is especially concerning for those processing machine-learning applications because of the amount of data these models process using GPUs, and therefore the amount of potentially sensitive information that could be swiped by exploiting this issue.

The US Air Force reached that conclusion in an August report [PDF] made public yesterday into the actions of Airman 1st Class Jack Teixeira, who was arrested in April on suspicion that he had stolen and shared classified military documents on a private Discord server that later found their way to the wider internet - and, presumably, into the hands of foreign governments. Per the USAF report, Teixeira "Was observed viewing intelligence content on TS-SCI websites" in August 2022, and while his supervisor was informed, the incident wasn't otherwise documented.

Meta has officially begun to roll out support for end-to-end encryption (E2EE) in Messenger for personal calls and one-to-one personal messages by default in what it called the "most significant...

Prime Minister of France Élisabeth Borne signed a circular last week requesting all government employees to uninstall foreign communication apps such as Signal, WhatsApp, and Telegram by December 8, 2023, in favor of a French messaging app named 'Olvid. BleepingComputer discussed the development with French journalists, who clarified that this isn't a ban on using foreign messaging apps but rather a recommendation to switch to locally developed software.

Meta-owned WhatsApp has launched a new Secret Code feature to help users protect sensitive conversations with a custom password on the messaging platform. The feature has been described as an...

WhatsApp has introduced a new Secret Code feature that allows users to hide their locked chats by setting a custom password. After it reaches your device, you can set a code specifically for securing locked chats independent from the device unlock code.

Infosec bods have detailed an underground cybersecurity tool dubbed Predator AI that not only can be used to compromise poorly secured cloud services and web apps, but has an optional chat-bot assistant that only kinda works. Predator AI is apparently programmed to be to able to exploit 30 kinds of misconfigured or poorly setup web-based services and technologies, ranging from Amazon Web Services' Simple Email Service, Twilio, and WordPress to OpenCart, Magento, OneSignal, Stripe, and PayPal, SentinelLabs boffin Alex Delamotte explained on Wednesday.

ChatGPT: Productivity tool, great for writing poems, and a security risk?! In this article, we show how threat actors can exploit ChatGPT, but also how defenders can use it for leveling up their game. Finding Vulnerabilities - Attackers can prompt ChatGPT about potential vulnerabilities in websites, systems, APIs, and other network components.

About Bruce Schneier I am a public-interest technologist, working at the intersection of security, technology, and people. I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.

Microsoft introduced its Bing Chat AI search assistant in February and a month later began serving ads alongside it to help cover costs. Security outfit Malwarebytes said on Thursday it has identified malvertising - harmful ads - distributed via Bing Chat conversations.