remixtures

"Car rental giant Hertz has begun notifying its customers of a data breach that included their personal information and driver’s licenses.

The rental company, which also owns the Dollar and Thrifty brands, said in notices on its website that the breach relates to a cyberattack on one of its vendors between October 2024 and December 2024.

The stolen data varies by region, but largely includes Hertz customer names, dates of birth, contact information, driver’s licenses, payment card information, and workers’ compensation claims. Hertz said a smaller number of customers had their Social Security numbers taken in the breach, along with other government-issued identification numbers.

Notices on Hertz’s websites disclosed the breach to customers in Australia, Canada, the European Union, New Zealand, and the United Kingdom.

Hertz also disclosed the breach with several U.S. states, including California and Maine. Hertz said at least 3,400 customers in Maine were affected but did not list the total number of affected individuals, which is likely to be significantly higher."

https://techcrunch.com/2025/04/14/hertz-says-customers-personal-data-and-drivers-licenses-stolen-in-data-breach/

#CyberSecurity #DataBreaches #Hertz #Hacking #Privacy #DataProtection

"It appears that 4chan was susceptible to a hack because it was running very out of date code that contained various vulnerabilities, according to 404 Media’s look at the code and people sorting through the hack online.

That starts to answer the question of how this happened. But why did it happen? This all has roots in a five year old meme fight.

Soyjak.party, the site where a user began posting about the 4chan hack, was an offshoot of 4chan created as a joke about five years ago. Besides being a general cesspool,
4chan has long been a place that incubates memes. lolcats, the NavySeal copypasta, and Pepe the Frog grew and spread on 4chan’s imageboards. From time to time a meme is overplayed or spammed and mods on the site get tired of it.

Five years ago, users spammed the /qa/ board with soyjaks. Unable to quash the tide of soyfaced jpegs, 4chan shut down the entire /qa/ board. The soyajk loving exiles of 4chan started a new site called soyjak.party where they could craft open mouthed soyboy memes to their heart’s content. When 4chan was hacked on the night of April 14, the /qa/ board briefly returned. “/QA/ RETURNS SOYJAK.PARTY WON” read a banner image at the top of the board.

As of this writing, 4chan is still down."

https://www.404media.co/4chan-is-down-following-what-looks-to-be-a-major-hack-spurred-by-meme-war/

#SocialMedia #CyberSecurity #4Chan #Hacking #Soyjak

"Google’s mobile operating system Android will now automatically reboot if the phone is locked for three days in a row.

On Monday, the tech giant pushed updates to Google Play services, a core part of Android that provides functionalities for apps and the operating system itself. Listed under “Security & Privacy” is a new security feature that “will automatically restart your device if locked for 3 consecutive days.”

Last year, Apple rolled out the same feature for iOS. The thinking behind adding an automatic reboot after a certain period of inactivity is to make life more difficult for someone who is trying to unlock or extract data from a phone; for example, law enforcement using a forensic analysis device like those made by Cellebrite or Magnet Forensics."

https://techcrunch.com/2025/04/15/for-security-android-phones-will-now-auto-reboot-after-three-days/

#CyberSecurity #Android #Google #Privacy

"The European Commission is issuing burner phones and basic laptops to some US-bound staff to avoid the risk of espionage, a measure traditionally reserved for trips to China.

Commissioners and senior officials travelling to the IMF and World Bank spring meetings next week have been given the new guidance, according to four people familiar with the situation.

They said the measures replicate those used on trips to Ukraine and China, where standard IT kit cannot be brought into the countries for fear of Russian or Chinese surveillance.

“They are worried about the US getting into the commission systems,” said one official.

The treatment of the US as a potential security risk highlights how relations have deteriorated since the return of Donald Trump as US president in January.

Trump has accused the EU of having been set up to “screw the US” and announced 20 per cent so-called reciprocal tariffs on the bloc’s exports, which he later halved for a 90-day period.

At the same time, he has made overtures to Russia, pressured Ukraine to hand over control over its assets by temporarily suspending military aid and has threatened to withdraw security guarantees from Europe, spurring a continent-wide rearmament effort.

“The transatlantic alliance is over,” said a fifth EU official.""

https://www.ft.com/content/20d0678a-41b2-468d-ac10-14ce1eae357b

#USA #Trump #CyberSecurity #EU #Espionage #StateHacking

"When Let’s Encrypt, a free certificate authority, started issuing 90 day TLS certificates for websites, it was considered a bold move that helped push the ecosystem towards shorter certificate life times. Beforehand, certificate authorities normally issued certificate lifetimes lasting a year or more. With 4.0, Certbot is now supporting Let’s Encrypt’s new capability for six day certificates through ACME profiles and dynamic renewal at:

• 1/3rd of lifetime left
• 1/2 of lifetime left, if the lifetime is shorter than 10 days"

https://www.eff.org/deeplinks/2025/04/certbot-40-long-live-short-lived-certs

#CyberSecurity #WebSecurity #TLS #Certbot #LetsEncrypt

"If you’re new to prompt injection attacks the very short version is this: what happens if someone emails my LLM-driven assistant (or “agent” if you like) and tells it to forward all of my emails to a third party?
(...)
The original sin of LLMs that makes them vulnerable to this is when trusted prompts from the user and untrusted text from emails/web pages/etc are concatenated together into the same token stream. I called it “prompt injection” because it’s the same anti-pattern as SQL injection.

Sadly, there is no known reliable way to have an LLM follow instructions in one category of text while safely applying those instructions to another category of text.

That’s where CaMeL comes in.

The new DeepMind paper introduces a system called CaMeL (short for CApabilities for MachinE Learning). The goal of CaMeL is to safely take a prompt like “Send Bob the document he requested in our last meeting” and execute it, taking into account the risk that there might be malicious instructions somewhere in the context that attempt to over-ride the user’s intent.

It works by taking a command from a user, converting that into a sequence of steps in a Python-like programming language, then checking the inputs and outputs of each step to make absolutely sure the data involved is only being passed on to the right places."

https://simonwillison.net/2025/Apr/11/camel/

#AI #GenerativeAI #LLMs #PromptInjection #Chatbots #CyberSecurity #Python #DeepMind #Google #ML #CaMeL

"A coalition of governments has published a list of legitimate-looking Android apps that were actually spyware and were used to target civil society that may oppose China’s state interests.

On Tuesday, the U.K.’s National Cyber Security Centre, or NCSC, which is part of intelligence agency GCHQ, along with government agencies from Australia, Canada, Germany, New Zealand, and the United States, published separate advisories on two families of spyware, known as BadBazaar and Moonshine.

These two spywares hid inside legitimate-looking Android apps, acting essentially as “Trojan” malware, with surveillance capabilities such as the ability to access the phone’s cameras, microphone, chats, photos, and location data, the NCSC wrote in a press release on Wednesday.

BadBazaar and Moonshine, which have been previously analyzed by cybersecurity firms like Lookout, Trend Micro, and Volexity, as well as the digital rights nonprofit Citizen Lab, were used to target Uyghurs, Tibetans, and Taiwanese communities, as well as civil society groups, according to the NCSC.

Uyghurs are a Muslim-minority group largely in China that has for years faced detention, surveillance, and discrimination from the Chinese government, and thus has frequently been the target of hacking campaigns."

https://techcrunch.com/2025/04/09/governments-identify-dozens-of-android-apps-bundled-with-spyware/

#CyberSecurity #China #Android #Spyware #StateHacking #Uyghurs #Tibet #Taiwan

"Chinese officials acknowledged in a secret December meeting that Beijing was behind a widespread series of alarming cyberattacks on U.S. infrastructure, according to people familiar with the matter, underscoring how hostilities between the two superpowers are continuing to escalate.

The Chinese delegation linked years of intrusions into computer networks at U.S. ports, water utilities, airports and other targets, to increasing U.S. policy support for Taiwan, the people, who declined to be named, said.

The first-of-its-kind signal at a Geneva summit with the outgoing Biden administration startled American officials used to hearing their Chinese counterparts blame the campaign, which security researchers have dubbed Volt Typhoon, on a criminal outfit, or accuse the U.S. of having an overactive imagination."

https://www.wsj.com/politics/national-security/in-secret-meeting-china-acknowledged-role-in-u-s-infrastructure-hacks-c5ab37cb

#USA #CyberSecurity #China #StateHacking #VoltTyphoon #Infrastructure

"Now, an exhibit published in the court document shows exactly in what countries 1,223 specific victims were located when they were targeted with NSO Group’s Pegasus spyware.

The country breakdown is a rare insight into which NSO Group customers may be more active, and where their victims and targets are located.

The countries with the most victims of this campaign are Mexico, with 456 individuals; India, with 100; Bahrain with 82; Morocco, with 69; Pakistan, with 58; Indonesia, with 54; and Israel, with 51, according to a chart titled “Victim Country Count,” that WhatsApp submitted as part of the case.

There are also victims in Western countries like Spain (21 victims), the Netherlands (11), Hungary (8), France (7), United Kingdom (2), and one victim in the United States."

https://techcrunch.com/2025/04/09/court-document-reveals-locations-of-whatsapp-victims-targeted-by-nso-spyware/

#CyberSecurity #NSO #Spyware #WhatsApp #Meta #Mexico

"President Donald Trump today signed a Presidential Memorandum today revoking any active security clearance currently held by Chris Krebs, the former director of the Cybersecurity and Infrastructure Security Agency, who famously rumbled publicly with Trump over the latter's false allegations of election fraud during and after the 2020 presidential election.

Trump, at the end of his first presidential term, fired Krebs via a November 17 tweet, two weeks after losing his re-election bid to President Joe Biden, saying that Krebs' claims about the security of the election were inaccurate and accusing him of overstepping his authority as a government official.

The move to strip Krebs of his security clearance follows a string of similar moves made by the Trump administration to strip the clearances of anyone who has been deemed to be disloyal to Trump. This includes many top officials and advisors who initially served Trump during his first presidency before becoming vocal critics of him and his policies."

https://www.zetter-zeroday.com/trump-signs-memorandum-revoking-security-clearance-of-former-cisa-director-chris-krebs/

#USA #Trump #CISA #CyberSecurity

"Since 3.5-sonnet, we have been monitoring AI model announcements, and trying pretty much every major new release that claims some sort of improvement. Unexpectedly by me, aside from a minor bump with 3.6 and an even smaller bump with 3.7, literally none of the new models we've tried have made a significant difference on either our internal benchmarks or in our developers' ability to find new bugs. This includes the new test-time OpenAI models.

At first, I was nervous to report this publicly because I thought it might reflect badly on us as a team. Our scanner has improved a lot since August, but because of regular engineering, not model improvements. It could've been a problem with the architecture that we had designed, that we weren't getting more milage as the SWE-Bench scores went up.

But in recent months I've spoken to other YC founders doing AI application startups and most of them have had the same anecdotal experiences: 1. o99-pro-ultra announced, 2. Benchmarks look good, 3. Evaluated performance mediocre. This is despite the fact that we work in different industries, on different problem sets. Sometimes the founder will apply a cope to the narrative ("We just don't have any PhD level questions to ask"), but the narrative is there.

I have read the studies. I have seen the numbers. Maybe LLMs are becoming more fun to talk to, maybe they're performing better on controlled exams. But I would nevertheless like to submit, based off of internal benchmarks, and my own and colleagues' perceptions using these models, that whatever gains these companies are reporting to the public, they are not reflective of economic usefulness or generality."

https://www.lesswrong.com/posts/4mvphwx5pdsZLMmpY/recent-ai-model-progress-feels-mostly-like-bullshit

#AI #GenerativeAI #LLMs #Chatbots #CyberSecurity #SoftwareDevelopment #Programming

"I'm not the only person for whom a detailed knowledge of scams created immunity from being scammed. Troy Hunt is the proprietor of HaveIBeenPwned.com, the internet's most comprehensive and reliable breach notification site. Hunt pretty much invented the practice of tracking breaches, and he is steeped – saturated – in up-to-the-minute, nitty-gritty details of how internet scams work.

Guess who got phished?
(...)
Hunt had just gotten off a long-haul flight. He was jetlagged. He got a well-constructed, plausible counterfeit email from Mailchimp telling him that his mailing-list – which he absolutely relies upon – had been frozen after a spam complaint, and advising him to click on a link to contest the suspension. He was taken to a fake login screen that his password manager didn't autopopulate, so he manually pasted the password in (Mailchimp doesn't have 2FA). It was only when the login session hung that he realized he'd been scammed – and by then, it was too late. Within minutes, his mailing list had been exported by the scammers.

In his postmortem of the scam, Hunt identifies the overlapping factors that made him vulnerable. He was jetlagged. The mailing list was important. Bogus spam complaints are common. Big corporate sites like Mailchimp often redirect their logins through different domains, which causes password manager autofill to fail. Hunt had experienced near-identical phishing attempts before and spotted them, but this one just happened to land at the very moment that he was vulnerable. Plus – as with my credit union scam – it seems likely that Mailchimp itself had been breached (or has an insider threat), which allowed the scammers to pad out the scam with plausible details that made it seem legit."

https://pluralistic.net/2025/04/05/troy-hunt/#teach-a-man-to-phish

#Scams #Phishing #CyberSecurity