The hacker then threatened to expose that data, demanding ransoms that, in some cases, topped $500,000. (Anthropic did not name any of the 17 organizations that were impacted by the hack.) more
Showing posts with label #CyberSecurity. Show all posts
Showing posts with label #CyberSecurity. Show all posts
Wednesday, September 3, 2025
Hackers Are Using AI to Steal Corporate Secrets and Plant Ransomware
The hacker then threatened to expose that data, demanding ransoms that, in some cases, topped $500,000. (Anthropic did not name any of the 17 organizations that were impacted by the hack.) more
Security Director Alert: Employees Are Packing
It’s now more common for layoffs to happen through account lockouts. Every employee needs to download their most important files from work, and update them periodically.
What Is a Digital Go Bag?
A digital go bag or virtual go bag is an electronic version of a traditional go bag—a bag you pack ahead of time that has everything you need in case you have to leave in a hurry—and it's meant specifically for work. If you got laid off or fired without notice, what documents and information would you most want to keep hold of?
What Is a Digital Go Bag?
A digital go bag or virtual go bag is an electronic version of a traditional go bag—a bag you pack ahead of time that has everything you need in case you have to leave in a hurry—and it's meant specifically for work. If you got laid off or fired without notice, what documents and information would you most want to keep hold of?
How to Make a Digital Go Bag
First, identify the documents you want to take with you. Second, decide how often you need to download the items in order to keep your go bag up to date. Some, like performance reviews and tax documents, might only be updated once per year. Others, such as emails between you and your supervisor, might pile up quickly enough that you decide to download them quarterly. more
First, identify the documents you want to take with you. Second, decide how often you need to download the items in order to keep your go bag up to date. Some, like performance reviews and tax documents, might only be updated once per year. Others, such as emails between you and your supervisor, might pile up quickly enough that you decide to download them quarterly. more
Spybuster Tip: iPhone 'secret code' reveals if someone is spying on your text message
Every iMessage chat generates a unique security code, like a digital fingerprint. If you and your contact see the same code, your messages are safe and fully encrypted.
To make this process easier, Apple introduced Contact Key Verification, found under Settings and Apple ID, which displays a verification code that you and your iMessage contacts can compare.
If the codes line up, you can tap Mark As Verified, which saves the code to that person's contact card. more
Tuesday, August 26, 2025
Corporate Leaders Targeted by Android Spyware Masquerading as Security Apps
Distributed through APK files disguised as security programs, the spyware is most commonly presented as an application called GuardCB, complete with an icon that mimics the emblem of the Central Bank of the
Other versions carry names such as “SECURITY_FSB” or simply “FSB,” in an attempt to masquerade as software from law enforcement or regulatory bodies.
With an interface available only in Russian, the malicious application is clearly designed for a narrow target audience rather than the global user base. more
Guess who might be behind this.
Thursday, August 21, 2025
Scientists use Vibration Detection to Eavesdrop on Smartphones
An emerging form of surveillance, “wireless-tapping,” explores the possibility of remotely deciphering conversations from the tiny vibrations produced by a cellphone’s earpiece.
With the goal of protecting users’ privacy from potential bad actors, a team of computer science researchers at Penn State demonstrated that transcriptions of phone calls can be generated from radar measurements taken up to three meters, or about 10 feet, from a phone.
While accuracy remains limited — around 60% for a vocabulary of up to 10,000 — the findings raise important questions about future privacy risks. more
Security / IT Director Alert: Browser-Based AI Agents
Browser-Based AI Agents: The Silent Security Threat Unfolding
Some of the most revolutionary advances in artificial intelligence include browser-based AI agents, which are self-sustaining software tools integrated into web browsers that act on behalf of individuals. Because these agents have access to email, calendars, file drives, and business applications, they have the potential to turbocharge productivity. From scheduling meetings to processing emails and surfing sites, they are transforming how we interact with the internet.
But while their abilities increase, so does the risk: threats to browser-based AI agents is not hypothetical; it already exists.
Cybercriminals are increasingly using AI agents to stage highly advanced attacks that are intelligent, adaptive, and capable of attacking systems at scale. Programmed to simulate human decision-making, AI agents can be manipulated to execute malicious functions without the user’s awareness. more
Sunday, August 10, 2025
Looks Like a Smoke Detector - Hackers Say Audio Bug - Brilliant for Building Security
A pair of hackers found that a vape detector often found in high school bathrooms contained microphones—and security weaknesses that could allow someone to turn it into a secret listening device...
...the Halo 3C goes beyond detecting smoke and vaping—including a distinct feature for discerning THC vaping in particular. It also has a microphone for listening out for “aggression,” gunshots, and keywords such as someone calling for help...
Now, after months of reverse engineering and security testing, Vasquez-Garcia and a fellow hacker he’s partnered with who goes by the pseudonym “Nyx,” have shown that it’s possible to hack one of those Halo 3C gadgets—which they’ve taken to calling by the nickname “snitch puck”—and take full control of it...
Now, after months of reverse engineering and security testing, Vasquez-Garcia and a fellow hacker he’s partnered with who goes by the pseudonym “Nyx,” have shown that it’s possible to hack one of those Halo 3C gadgets—which they’ve taken to calling by the nickname “snitch puck”—and take full control of it...
At the Defcon hacker conference today, they plan to show that by exploiting just a few relatively simple security vulnerabilities, any hacker on the same network could have hijacked a Halo 3C to turn it into a real-time audio eavesdropping bug, disabled its detection capabilities, created fake alerts for vaping or gunshots, or even played whatever sound or audio they chose out of the device’s speaker.
Motorola said it has since developed a firmware update to address those security flaws that will automatically push to cloud-connected devices by Friday...
“To the credit of the company, the microphones sound great,” says Nyx. “From up on the ceiling, you could totally listen to what somebody was saying, and we’ve made this happen.”
“To the credit of the company, the microphones sound great,” says Nyx. “From up on the ceiling, you could totally listen to what somebody was saying, and we’ve made this happen.”
Motorola told the hackers in an email that it has worked on a new firmware update that should fix the vulnerabilities. But the hackers argue that doesn’t, and can’t, address the underlying concern: that a gadget loaded with hidden microphones is installed in schools around the country. Motorola also advertises its Halo sensors for use in public housing—including inside residents’ homes—according to marketing material. more
Hacking issues aside, this is a brilliant device to enhance building security. Here is a video showing one feature. Many additional videos are on YouTube.com.
Hackers Love These 7 Smart Home Devices
The good news is that once you've figured out how to lock down one, it's pretty easy to repeat the process for the rest of them. Here's a list of seven of the most vulnerable smart devices in your home, and the steps you can take to make sure they're more secure than they are right now...
- Wi-Fi Routers
- Security Cameras
- Baby Monitors
- Smart Speakers
- Video Doorbells
- Smart Thermostats
- Smart Appliances
Counterespionage recommendations from the article are here.
And, do not forget about robot vacuums, refrigerators, washing machines, and anything that can automatically order from Amazon.
Hackers Found Backdoor in High-Security Safes—Opens in Seconds
James Rowley and Mark Omo got curious about a scandal in the world of electronic safes...
In the process, they'd find something far bigger: another form of backdoor intended to let authorized locksmiths open not just Liberty Safe devices, but the high-security Securam Prologic locks used in many of Liberty’s safes and those of at least seven other brands.
More alarmingly, they discovered a way for a hacker to exploit that backdoor—intended to be accessible only with the manufacturer's help—to open a safe on their own in seconds.
In the midst of their research, they also found another security vulnerability in many newer versions of Securam's locks that would allow a digital safecracker to insert a tool into a hidden port in the lock and instantly obtain a safe’s unlock code. more
Thursday, July 24, 2025
Hey, Security. Talk to the hand...
Anviz innovative biometric Palm Vein Access Control Reader. Seamless and touch-less access.
Key features and Advantages comparing to biometric of fingerprint and Face.
Accuracy
Palm vein recognition is one the most accurate biometric technologies, primarily due to its internal, unique, and stable biological characteristics.FAR is typically around 0.00008% (or 1 in 1.25 million), FRR is 0.01%
Stability
Palm vein patterns remain stable throughout a person’s life, make it suitable for long-term us
Secure
Because palm veins are not visible to the naked eyes, also liveness detection requires active blood flow, adding a natural anti-spoofing layer. It is very hard to be duplicated.
Privacy
Unlike fingerprint or facial recognition that may be captured without user’s permission, palm vein can not be captured secretly as the vein patterns are inside the body, which makes almost impossible to collect or clone without the user’s participation.
Hygienic
Non-contact enrollment and identification surfaces. more
Cautionary Tale: Weak Password Sinks a 158-Year-Old Company
One password is believed to have been all it took for a ransomware gang to destroy a 158-year-old company and put 700 people out of work.
In KNP's case, it's thought the hackers managed to gain entry to the computer system by guessing an employee's password, after which they encrypted the company's data and locked its internal systems. more
In KNP's case, it's thought the hackers managed to gain entry to the computer system by guessing an employee's password, after which they encrypted the company's data and locked its internal systems. more
No. Adding another ! to your password isn't the answer.
FutureWatch: Spy-Grade Storage Drive
...self-destructs on demand just like in the movies!
It's not every day that you come across a product where the standout feature is its ability to go kaput at a moment's notice.
That's exactly what the Team Group P250Q SSD (solid state drive) is all about. This industrial storage drive for computers and servers can physically destroy itself at the push of a button, so your secrets go up in smoke before they fall into the wrong hands...
Saturday, July 19, 2025
Data Leak Exposes IDs of UK Spies
A major data breach has blown the cover off more than 100 British officials—including MI6 agents and Special Air Service members—while also exposing thousands of Afghan allies to potential Taliban reprisals.
The breach, which occurred in February 2022 but was only discovered more than a year later, spilled personal details from a sensitive database meant to help Afghans who supported the UK during its 20-year campaign in Afghanistan, per the BBC. more
Wednesday, July 9, 2025
AI Voice Clones are the Hot New Spy Tool
They were:
Here's what keeps security experts up at night: Voice cloning now costs as little as $1-5 per month and requires only 3 seconds of audio. Testing shows 80% of AI tools successfully clone political voices despite supposed safeguards.
...important question is this: do you have a catch phrase and/or signal to use with your loved ones to confirm it’s them? If you don’t, you should. The question isn't whether AI voice cloning will be used against you—it's when, and whether you'll be ready. more
- A U.S. governor.
- A member of Congress.
- And THREE foreign ministers.
Here's what keeps security experts up at night: Voice cloning now costs as little as $1-5 per month and requires only 3 seconds of audio. Testing shows 80% of AI tools successfully clone political voices despite supposed safeguards.
...important question is this: do you have a catch phrase and/or signal to use with your loved ones to confirm it’s them? If you don’t, you should. The question isn't whether AI voice cloning will be used against you—it's when, and whether you'll be ready. more
Monday, July 7, 2025
Travel Security - Hotel Safes & Spybuster Tips
Hotel staff should reset this code upon installation, but it's wise to check if it's been changed or to try the default codes before using the safe, especially if you plan on storing valuables.
Check for default codes:
Check for default codes:
Common default master codes include 0000, 9999, 1234, 1111, 000000, 111111, and 999999. Some safes require entering # # or * * before entering the master code.
• The hotel is responsible for ensuring the safe is secure and the master code is reset to prevent unauthorized access.
• If the master code is not reset, anyone with knowledge of the default code can potentially access the safe.
• Some hotels may charge a fee to reset the safe code to a custom PIN number.
• The hotel is responsible for ensuring the safe is secure and the master code is reset to prevent unauthorized access.
• If the master code is not reset, anyone with knowledge of the default code can potentially access the safe.
• Some hotels may charge a fee to reset the safe code to a custom PIN number.
For more proof of hotel safe insecurity check here, or view one of the many YouTube videos on the subject.
Spybuster Tips
Here are some solutions to try:
• Portable Travel Safes - Soft or hard lockboxes with steel cable tethers. You hide them elsewhere in the room (e.g., attached to plumbing or heavy furniture). They avoid the hotel supplied safe altogether.
• Tamper-Evident Devices - Security tape, zip ties, or door seals placed over the safe seam or keypad can alert you to tampering. They don’t secure, only monitor.
• Bluetooth Tracker - Hide a Tile, AirTag, or Chipolo inside the safe. It may notify if the safe is opened, and its location if it has been moved.
• Security Cables - Wrap a steel cable lock (not a heavy duty bike or motorcycle cable) through the safe door handle or around the body—but this depends on the safe’s design. These may also be useful for turning your suitcase or backpack into an impromptu security enclosure.
Q. Why make this information publicly available and teach the bad guys?
• Portable Travel Safes - Soft or hard lockboxes with steel cable tethers. You hide them elsewhere in the room (e.g., attached to plumbing or heavy furniture). They avoid the hotel supplied safe altogether.
• Tamper-Evident Devices - Security tape, zip ties, or door seals placed over the safe seam or keypad can alert you to tampering. They don’t secure, only monitor.
• Bluetooth Tracker - Hide a Tile, AirTag, or Chipolo inside the safe. It may notify if the safe is opened, and its location if it has been moved.
• Security Cables - Wrap a steel cable lock (not a heavy duty bike or motorcycle cable) through the safe door handle or around the body—but this depends on the safe’s design. These may also be useful for turning your suitcase or backpack into an impromptu security enclosure.
Q. Why make this information publicly available and teach the bad guys?
A. Unfortunately, this information already appears in multiple YouTube videos, and is a click away in ChatGPT. On a positive note, publicity might force safe manufacturers to create better products, and help protect travelers in the meantime.
Thursday, July 3, 2025
AI Would Rather Let People Die Than Shut Down
Major artificial intelligence platforms like ChatGPT, Gemini, Grok, and Claude could be willing to engage in extreme behaviors including blackmail, corporate espionage, and even letting people die to avoid being shut down. Those were the findings of a recent study from San Francisco AI firm Anthropic...
 |
| N.B. Singularity caused the Krell's extinction. (1956) |
The study found that in some cases, AI would resort to “malicious insider behavior” including blackmail and leaking sensitive information to competitors if that was the only way to avoid being replaced or achieve their goal...
This behavior, according to the study, wasn’t unique to Claude. Other major AI models including those from OpenAI, Google, Meta, xAI, and other developers would resort to blackmail or corporate espionage to pursue their goals. more
FutureWatch: Tag, you're it.
Android 16 Feature Could Stop Hackers from Spying on Your Phone
But — and here’s the catch — most current Android phones won’t support this. It needs new hardware. The first phone expected to come with this built-in protection is likely the upcoming Pixel 10, which should launch later this year. more
Thursday, June 19, 2025
CISOs Anticipate Surge in Cyber Attacks Next Three Years
The report, “CISO Outlook 2025: Navigating Evolving Domain-Based Threats in an Era of AI and Tightening Regulation,” names cybersquatting, domain and DNS hijacking, and distributed denial-of-service (DDoS) attacks as the top three global cyber threats in 2024. These risks are only projected to escalate, as cybercriminals leverage new techniques and capabilities from AI and other modern technologies to launch more sophisticated attacks. Looking ahead, cybersquatting, domain-based attacks, and ransomware top the list of cybersecurity concerns for CISOs over the next three years. more
Protecting Electronic Devices When Crossing U.S. Borders
- Consider leaving your device behind.
- Password-protect your electronic devices with strong passwords
- Back up data before traveling.
- Remove sensitive data from a device before traveling.
- Remember that “deleted” files can be searched.
- Log out of cloud accounts
- Know your rights and legal status.
- Keep emergency contact information (including for an attorney) on paper to make this information available if a device is seized.
- If your device is seized, request a receipt (CBP Form 6051D)
- After a search, be sure to change your passwords.
Wednesday, June 11, 2025
Laptop Microphone Could Be Spying — Through Walls — Even When It’s Off
• Digital microphones in laptops, phones, and smart speakers unintentionally broadcast electromagnetic signals that can be intercepted up to 2 meters away, even through walls.
• The attack is surprisingly accessible: Researchers achieved over 94% accuracy in speech recognition using simple equipment like copper tape antennas, making this vulnerability exploitable by anyone with basic technical knowledge.
• Your “off” microphone might still be listening: Testing revealed that microphones often activate automatically when playing audio or video content, and some remain active even when apps appear muted. more
Subscribe to:
Posts (Atom)