The Register: Daily Headlines

"Your wireless network may leak data thanks to Wi-Fi spec ambiguity."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 31 March 2023, 0846 UTC.

Content provided by email subscription to "The Register:  Daily Headlines."

Source:  https://mail.google.com/mail/u/0/#inbox/FMfcgzGslkqVCFqKgJjBlgBbHdxrMSvV ("The Register:  Daily Headlines").

Thanks for joining us today.  Please click link or scroll down to read your selections.

Russ Roberts (https://www.hawaiicybersecurityjournal.net and https://paper.li/RussellRoberts).

Hi The Register Subscriber | Log in {* Daily Headlines *} 31 March 2023 Warning: Your wireless networks may leak data thanks to Wi-Fi spec ambiguity How someone can nab buffered info, by hook or by kr00k OFF-PREM Google Cloud pitches 'Gen Apps' – low-code AI-based tools, not post-millennial kids We've got your summarization, your Q&A, your chatbots, your classification tasks ready to go 5 Comments How your business can save money and find new revenue streams eBook The Digital Crunch Time: 2022 State of APIs and Applications Whitepaper ON-PREM Microsoft wants to stick adverts in Bing chat responses Hey Bing, help me find a new browser, er, AI chatbot 8 Comments Korea passes tax break-driven 'Chips Act' as protectionism fears mount Plus: Complains criteria for foreign companies to access US funding too strict. It's not a great sign, is it? 2 Comments Intel successfully ships an updated datacenter roadmap What's coming up in 2023 and beyond 1 Comments TikTok: Is this really a national security scare or is something else going on? Our vultures who cover the news weigh in 31 Comments Airbus pulls up hard, no longer buying 29.9% stake in Atos-owned Evidian Under pressure from activist investor, top brass agree to plot new course 1 Comments SK hynix CEO says CHIPS Act red tape may be too sticky to bother Korean chipmaker created an org to keep it ahead of geopolitical messes Shift Left: Build Security into Development Analyst Report How to Operationalize Your Threat Investigations and Response Whitepaper SECURITY Leaked IT contractor files detail Kremlin's stockpile of cyber-weapons Snowden-esque 'Vulkan' dossier links Moscow firm to FSB, GRU, SRV Azure blunder left Bing results editable, MS 365 accounts potentially exposed 'BingBang' boo-boo affected other internal Microsoft apps, too AlienFox malware caught in the cloud hen house Malicious toolkit targets misconfigured hosts in AWS and Office 365 Do you use comms software from 3CX? What to do next after biz hit in supply chain attack Miscreants hit downstream customers with infostealers 6 Comments Microsoft uses carrot and stick with Exchange Online admins If you need extra time to dump RPS, OK, but email from unsupported Exchange servers is blocked till they’re up to date 7 Comments Warning: Your wireless networks may leak data thanks to Wi-Fi spec ambiguity How someone can nab buffered info, by hook or by kr00k 13 Comments Another year, another North Korean malware-spreading, crypto-stealing gang named Mandiant identifies 'moderately sophisticated' but 'prolific' APT43 as global menace 1 Comments Smugglers busted sneaking tech into China 'Intel inside' a suspiciously baggy t-shirt gave the game away – as did a truckload of parts 22 Comments Malware disguised as Tor browser steals $400k in cryptocash Beware of third party downloads Decisions can be tough. You are tougher. eBook SOFTWARE FTC urged to freeze OpenAI's 'biased, deceptive' GPT-4 AI policy wonks slam chatty hallucination-prone model in formal complaint 4 Comments So you want to integrate OpenAI's bot. Here's how that worked for software security scanner Socket Hint: Hundreds of malicious npm and PyPI packages spotted It's official: Ubuntu Cinnamon remix has been voted in And it looks like educational flavor Edubuntu is returning, too 15 Comments SPECIAL FEATURES Cloud Security Alliance VP: Database security boils down to these three things Here's how not to end up in their next report as a cautionary tale OFFBEAT Boffins: Microgravity impacts cell repair systems in proteins Yeast-based study illuminates understanding of how 'nauts physiology may change in space 6 Comments Boeing's first-ever crewed mission in Starliner ISS spacecraft delayed to late July Still hundreds of components, verification checks to complete before test flight 9 Comments Euro cloud providers react to MS potentially cutting deal on antitrust Transparency? Redmond's heard of it Google (sort of) loses in Indian antitrust appeal $161 million slap-on-the-wrist fine stands, but major restrictions are eased 3 Comments

DarkReading.com: Top Stories

"Top tech talent warns of A.I.'s threat to human existence...."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 30 March 2023, 1450 UTC.  Content provided by "DarkReading.com."

Source:  https://www.darkreading.com/ (Latest cybersecurity, cybercrime update from "DarkReading.com").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net and https://paper.li/RussellRoberts).

TOP STORIES

Top Tech Talent Warns of AI's Threat to Human Existence in Open Letter

Mar 29, 2023

Elon Musk, Steve Wozniak, and Andrew Yang are among more than 1,000 tech leaders asking for time to establish human safety parameters around AI.

Patch Now: Cybercriminals Set Sights on Critical IBM File Transfer Bug

Mar 29, 2023

A vulnerability with a 9.8 CVSS rating in IBM's widely deployed Aspera Faspex offering is being actively exploited to compromise enterprises.

Google: Commercial Spyware Used by Governments Laden With Zero-Day Exploits

Mar 29, 2023

Google TAG researchers reveal two campaigns against iOS, Android, and Chrome users that demonstrate how the commercial surveillance market is thriving despite government-imposed limits.

Cybersecurity Investment Outlook Remains Grim as Funding Activity Sharply Declines

Mar 29, 2023

Security analysts expect little improvement until at least the second half of the year.

---

Latest News

Spera Takes Aim at Identity Security Posture Management

ISPM is a combination of identity attack surface management, and risk reduction, as well as identity threat prevention, detection, and response.

by Dark Reading Staff, Dark Reading

Mar 29, 2023

DR TECH

1 MIN READ

ARTICLE

---

Top Tech Talent Warns of AI's Threat to Human Existence in Open Letter

Elon Musk, Steve Wozniak, and Andrew Yang are among more than 1,000 tech leaders asking for time to establish human safety parameters around AI.

by Becky Bracken, Editor, Dark Reading

Mar 29, 2023

APPLICATION SECURITY

3 MIN READ

ARTICLE

---

---

Trojan-Rigged Tor Browser Bundle Drops Malware

Attackers are targeting cryptocurrency accounts belonging to users in Russia and more than 50 other countries.

by Jai Vijayan, Contributing Writer, Dark Reading

Mar 29, 2023

ATTACKS/BREACHES

4 MIN READ

ARTICLE

---

Patch Now: Cybercriminals Set Sights on Critical IBM File Transfer Bug

A vulnerability with a 9.8 CVSS rating in IBM's widely deployed Aspera Faspex offering is being actively exploited to compromise enterprises.

by Nate Nelson, Contributing Writer, Dark Reading

Mar 29, 2023

VULNERABILITIES/THREATS

3 MIN READ

ARTICLE

---

Phishing Emails Up a Whopping 569% in 2022

Credential phishing emails are the clear favorite of threat actors, with a 478% spike last year, new research shows.

by Dark Reading Staff, Dark Reading

Mar 29, 2023

ATTACKS/BREACHES

1 MIN READ

ARTICLE

---

Cybersecurity Investment Outlook Remains Grim as Funding Activity Sharply Declines

Security analysts expect little improvement until at least the second half of the year.

by Jai Vijayan, Contributing Writer, Dark Reading

Mar 29, 2023

THREAT INTELLIGENCE

6 MIN READ

ARTICLE

---

Google: Commercial Spyware Used by Governments Laden With Zero-Day Exploits

Google TAG researchers reveal two campaigns against iOS, Android, and Chrome users that demonstrate how the commercial surveillance market is thriving despite government-imposed limits.

by Elizabeth Montalbano, Contributor, Dark Reading

Mar 29, 2023

ATTACKS/BREACHES

6 MIN READ

ARTICLE

---

MacStealer Malware Plucks Bushels of Data From Apple Users

A novel cyber threat against macOS users is being sold for $100 a pop on the Dark Web, and activity is ramping up.

by Dark Reading Staff, Dark Reading

Mar 28, 2023

ATTACKS/BREACHES

1 MIN READ

ARTICLE

---

MORE NEWS

Latest Commentary

Stop Blaming the End User for Security Risk

Don't count on securing end users for system security. Instead, focus on better securing the systems — make them closed by default and build with a security-first approach.

by John A. Smith, CEO, Conversant Group

Mar 30, 2023

---

Using Observability to Power a Smarter Cybersecurity Strategy

With an infrastructure for observability, security teams can make better decisions about access and identity-based threats.

by Dan Conrad, AD Security and Management Team Lead, One Identity

Mar 29, 2023

---

---

The CISO Mantra: Get Ready to Do More With Less

For the foreseeable future, with the spigots closing shut, CISOs will need to find ways to do more with less.

by Steve Benton, Vice President of Threat Research & General Manager Belfast, Anomali

Mar 29, 2023

---

Spend on Safety Measures & Call Out Insecure Practices for Safer IoT

IoT risk and security must get more attention from vendors and support from the marketplace.

by Joe Marshall, Senior IoT Security Strategist, Cisco Talos Intelligence Group

Mar 28, 2023

---

Cybersecurity vs. Everyone: From Conflict to Collaboration

Don't assume stakeholders outside security understand your goals and priorities, but consider how you'll communicate with them to gain their support.

by Lenny Zeltser, Chief Information Security Officer at Axonius

Mar 27, 2023

---

MORE COMMENTARY