Sun.May 12, 2019

article thumbnail

Hacking the ‘Unhackable’ eyeDisk USB stick

Security Affairs

The paradox, the USB stick eyeDisk that uses iris recognition to unlock the drive could reveal the device’s password in plain text in a simple way. eyeDisk is a USB stick that uses iris recognition to unlock the drive, it is advertised as the “Unhackable USB Flash Drive,” instead it could reveal the device’s password in plain text. Just analyzing the eyeDisk USB stick with the Wireshark packet analyzer.

article thumbnail

Why Do Hackers Hack? It’s About the Money, Apparently: Cybersecurity Trends

eDiscovery Daily

Big surprise there, right? So says the 2019 Verizon Data Breach Investigations Report (DBIR), which analyzes the reported cybersecurity and data breach incidents for the year. According to this year’s report, senior C-level executives are 12 times more likely to be the target of social engineering attacks, and 9 times more likely to be the target of social breaches than in previous years, with financial motivation the key driver in these attacks.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Pacha Group declares war to rival crypto mining hacking groups

Security Affairs

Two hacking groups associated with large-scale crypto mining campaigns, Pacha Group and Rocke Group , wage war to compromise as much as possible cloud-based infrastructure. The first group tracked as Pacha Group has Chinese origins, it was first detected in September 2018 and is known to deliver the Linux.GreedyAntd miner. The Pacha Group’s attack chain starts by compromising vulnerable servers by launching brute-force attacks against services like WordPress or PhpMyAdmin, or in some cases

Mining 62
article thumbnail

As CFPB mulls privatizing database, consumer complaints mount

Information Management Resources

The Consumer Financial Protection Bureau received over a quarter-million complaints in 2018, according to analysis by an advocacy group that urged the agency to maintain public access to its database.

Access 28
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Turkish Personal Data Protection Authority fined Facebook for Photo API bug

Security Affairs

The Turkish Personal Data Protection Authority fined Facebook $270,000 for the Photo API bug that exposed personal photos of 300,000 Turkish users. The Turkish Personal Data Protection Authority (KVKK) has fined Facebook 1.65 million Turkish lira ($270,000) for the Photo A PI bug that exposed personal photos of 300,000 Turkish users. In December, Facebook announced that photos of 6.8 Million users might have been exposed by a bug in the Photo API allowing third-party apps to access them.

article thumbnail

Security Affairs newsletter Round 213 – News of the week

Security Affairs

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition. Paper Copy. Once again thank you! A hacker has taken over at least 29 IoT botnets. Hackers stole card data from 201 campus online stores in US and Canada, is it the Magecart group? NoScript temporarily disabled in Tor Browser … how to fix it?