lemmydev2

A generative AI nudify service has been found storing explicit deepfakes in an unprotected cloud database.

A Y Combinator partner proudly launched an AI recipe app that told people how to make “Actual Cocaine” and a “Uranium Bomb.”

​North Korea's IT workers have expanded operations beyond the United States and are now increasingly targeting organizations across Europe. [...]

Explanation leaves a 'lot of questions unanswered,' says infosec researcher A digital burglar is claiming to have nabbed a trove of "highly sensitive" data from Check Point - something the American-Israeli security biz claims is a huge exaggeration.…

Encrypted messaging app Signal continues to see spiking downloads in the wake of the messaging scandal that saw The Atlantic’s editor-in-chief Jeffrey Goldberg added to a group chat where high-ranking officials in the Trump administration were discussing an attack on Houthi rebels in Yemen. The resulting press coverage around the leak of these sensitive plans […]

ChatGPT's new image generator is raising concerns for being really good at creating fake receipts.

arXiv:2503.23175v1 Announce Type: new Abstract: Several recent works have argued that Large Language Models (LLMs) can be used to tame the data deluge in the cybersecurity field, by improving the automation of Cyber Threat Intelligence (CTI) tasks. This work presents an evaluation methodology that other than allowing to test LLMs on CTI tasks when using zero-shot learning, few-shot learning and fine-tuning, also allows to quantify their consistency and their confidence level. We run experiments with three state-of-the-art LLMs and a dataset of 350 threat intelligence reports and present new evidence of potential security risks in relying on LLMs for CTI. We show how LLMs cannot guarantee sufficient performance on real-size reports while also being inconsistent and overconfident. Few-shot learning and fine-tuning only partially improve the results, thus posing doubts about the possibility of using LLMs for CTI scenarios, where labelled datasets are lacking and where confidence is a fundamental factor.

Hackers Claim on BreachForums to Have Stolen 'Highly Sensitive' DataIsraeli cybersecurity firm Check Point rejected Monday a hackers' assertion that he stole "highly sensitive" information offered for sale on an online marketplace for illicit data. The incident "doesn’t pose and risk or has any security implications to our customers or employees."

New Turing Institute Report Urges Government to Create AI Crime Task ForceBritish law enforcement agencies are ill-equipped to tackle artificial intelligence-enabled cybercrime, a report by The Alan Turing Institute says, pointing to an "enormous gap" between police technical capabilities and the growing sophistication of threat actors.

Georgina Quach / Financial Times: Barclays, Monzo, Lloyds, and other major UK banks join Amazon, Google, Match, Meta, BT, and Three in committing to live data sharing in a UK fraud clampdown  —  Industry-led initiative promises to beat existing scam-monitoring systems  —  Britain's biggest banks, technology and telecoms companies …

France’s antitrust regulator fined Apple Inc. €150 million ($162 million) after a lengthy probe into how the technology company asks to collect iOS users’ data and the impact on advertisers.

arXiv:2503.22156v1 Announce Type: new Abstract: Cryptocurrency is a novel exploration of a form of currency that proposes a decentralized electronic payment scheme based on blockchain technology and cryptographic theory. While cryptocurrency has the security characteristics of being distributed and tamper-proof, increasing market demand has led to a rise in malicious transactions and attacks, thereby exposing cryptocurrency to vulnerabilities, privacy issues, and security threats. Particularly concerning are the emerging types of attacks and threats, which have made securing cryptocurrency increasingly urgent. Therefore, this paper classifies existing cryptocurrency security threats and attacks into five fundamental categories based on the blockchain infrastructure and analyzes in detail the vulnerability principles exploited by each type of threat and attack. Additionally, the paper examines the attackers' logic and methods and successfully reproduces the vulnerabilities. Furthermore, the author summarizes the existing detection and defense solutions and evaluates them, all of which provide important references for ensuring the security of cryptocurrency. Finally, the paper discusses the future development trends of cryptocurrency, as well as the public challenges it may face.