Real-time historian of the late cyber capitalist era @TechCrunch, writing about the intersection of hackers, human rights, and spies.
Also writing a book about Hacking Team and the history of government spyware.
☎️ Signal: +1 917 257 1382
Lorenzo Franceschi-Bicchierai
Loading...
NEW: Cybersecurity researchers are not happy about the guardrails on Anthropic’s new model Fable.
Researchers say that the new LLM basically blocks anything related to cybersecurity, including code reviews and prompts asking for help writing secure code.
Some really crazy cases in here
- cop looked up ex-girlfriend and family in Flock 100+ times
- cop stalked wife giving "test" as reason
- cop searched one plate 395 times in 10 months; was later fired
Cops keep getting arrested for using Flock to stalk people
www.404media.co/cops-keep-ge...
There have been more than a dozen cases around the country where police use Flock to obsessively and illegally stalk people.
New, by me at this.weekinsecurity.com: Meta has filed a data breach notice confirming *thousands* of people had their Instagram accounts hacked as part of a months-long campaign abusing its Meta AI chatbot.
Meta's breach notice shows the account hijacks were far more widespread than first thought.
NEW: Cybercrime group ShinyHunters claimed to have hacked into more than 100 organizations' Oracle PeopleSoft servers, including several universities.
The hackers said they stole student data, including home addresses, phone numbers, emails, and dates of birth.
Microsoft told me it's notified a "small number of customers" who may have pulled password-stealing malware from several of its GitHub repos, while many affected repos are still down.
I've asked for a specific number. Even a "small number" of Microsoft's many, many customers could be significant.
New, by me: ServiceNow notified some enterprise customers that there was outside access to their data, after a security bug left instances exposed to the web.
The company has hidden its notice behind a login wall, but its contents were shared by network defenders on Reddit.
I would like to ask Sony to stop putting the games on my wish list on sale, please and thank you. I already have a huge backlog.
Meta fixed the bug that let anyone trick its Meta AI chatbot into resetting the password on Instagram accounts that didn't have two-factor authentication.
ServiceNow is used by thousands of enterprises to automate their internal processes, but says several customers had data accessed because of a security bug.
NEW: A former cybersecurity executive turned whistleblower accused IBM of getting breached three times and trying to cover up the hacks.
IBM was “routinely hacked by foreign state actors and others,” and data was frequently stolen and government agencies were “never notified,” he said in a lawsuit.
NEW: WhatsApp said it caught and disrupted a new hacking campaign by NSO Group against its users.
The Meta-owned messaging giant said this phishing campaign violates a court decision that ordered NSO to stop targeting WhatsApp and its users. WhatsApp is seeking to hold NSO in contempt of court.
NEW: Google and the FBI say they have seen a ransomware gang send people pretending to be IT support to victims' offices, where they use USB drives to steal data.
The hackers mix this tactic with traditional email and voice phishing to pilfer information and then threaten and extort victims.
IBM and two of its subsidiary companies were allegedly breached during the mid-2010s, which a lawsuit filed by a former cybersecurity executive accuses IBM of not disclosing and actively covering up.
Cybercriminals, part of a gang known as Silent Ransom Group, have sent people pretending to be IT support employees to law firms' offices, where the criminals have stolen data using USB drives or remo...
