lemmydev2

When courts ban people from accessing leaked data – as happened after the airline’s data breach – only hackers and scammers winFollow our Australia news live blog for latest updatesGet our breaking news email, free app or daily news podcastIt’s become the playbook for big Australian companies that have customer data stolen in a cyber-attack: call in the lawyers and get a court to block anyone from accessing it.Qantas ran it after suffering a major cybersecurity attack that accessed the frequent flyer details of 5 million customers. Continue reading...

Comments

AI researchers at Andon Labs embedded various LLMs in a vacuum robot to test how ready they were to be embodied. And hilarity ensued.

Security teams invest in AI for automated remediation but hesitate to trust it fully due to fears of unintended consequences and lack of transparency.

The agreement aims to help law enforcement prosecute cross-border cybercrime, but the final treaty could allow unchecked surveillance and human-rights abuses, critics say; and, it includes no protection for pen testers.

Researcher Gjoko Krstic’s "Project Brainfog" exposed hundreds of zero-day vulnerabilities in building-automation systems still running hospitals, schools, and offices worldwide.

Comments

Did you know that most modern passports are actually embedded devices containing an entire filesystem, access controls, and support for several cryptographic protocols? Such passports display a small symbol indicating an electronic machine-readable travel document (eMRTD), which digitally stores the same personal data printed in traditional passport booklets in its embedded filesystem. Beyond allowing travelers in some countries to skip a chat at border control, these documents use cryptography to prevent unauthorized reading, eavesdropping, forgery, and copying.

Figure 1: Chip Inside symbol (ICAO Doc 9303 Part 9)

This blog post describes how electronic passports work, the threats within their threat model, and how they protect against those threats using cryptography. It also discusses the implications of using electronic passports for novel applications, such as zero-knowledge identity proofs. Like many widely used electronic devices with long lifetimes, electronic passports and the systems interacting with them support insecure, legacy protocols that put passport holders at risk for both standard and novel use cases. Electronic passport basics A passport serves as official identity documentation, primarily for international travel. The International Civil Aviation Organization (ICAO) defines the standards for electronic passports, which (as suggested by the “Chip Inside” symbol) contain a contactless integrated circuit (IC) storing digital information.[...]

A China-linked hacking group is exploiting a Windows zero-day in attacks targeting European diplomats in Hungary, Belgium, and other European nations. [...]

The hackers remained undetected in the Ribbon Communications’ systems for months

Claudie Moreau / Euractiv: Denmark says it will withdraw the EU “Chat Control” proposal, which would force tech companies to scan messages for CSAM, and instead support voluntary scanning  —  The Danes will seek to propose a voluntary detection regime in the CSAM proposal, instead of controversial mandatory detection orders

Photos captured by Mobile Fortify will be stored for 15 years, regardless of immigration or citizenship status, the document says.