According to The Clorox Company, which makes everything from lip balm to cat litter to charcoal to bleach, this is exactly what happened to it in 2023. But Clorox says that the “debilitating” breach was not its fault. It had outsourced the “service desk” part of its IT security operations to the massive services company Cognizant—and Clorox says that Cognizant failed to follow even the most basic agreed-upon procedures for running the service desk.
Category: InfoSec News
InfoSec News
Microsoft says China-backed cybercriminals hacked into US nuclear weapons agency
“The early exploitation resembled government-sponsored activity, and then spread more widely to include hacking that ‘looks like China’,” Meyers told Bloomberg News. CrowdStrike’s investigation into the campaign remains ongoing.
Sniffnet: comfortably monitor your Internet traffic
Sniffnet is a network monitoring tool to help you easily keep track of your Internet traffic.
Florida woman tricked into forking over $15k by AI cloning her daughter’s voice: ‘I know my daughter’s cry’
The phone number didn’t match Monroe’s, and the voice claimed that the police had taken her personal cellphone after the accident. But the AI-generated sound was so similar to her daughter’s voice — even her sobs — that Brightwell was completely convinced the call was real.
AI bubble is worse than the dot-com crash that erased trillions, economist warns — overvaluations could lead to catastrophic consequences | Tom’s Hardware
The dot-com crash around the turn of the century saw companies rushing to adopt and take advantage of the internet. A relatively new technology and phenomenon at the time, but one that venture capitalists saw as having earning potential. Over the last five years of the 20th century, they invested trillions of dollars, and stock prices for publicly traded internet entities soared, only to come crashing down when the bottom dropped out of the market.
Hackers are hiding powerful info-stealing malware in fake free VPNs downloaded from GitHub, don’t get tricked | TechRadar
Once executed, the dropper uses a multi-stage attack chain involving obfuscation, dynamic DLL loading, memory injection, and abuse of legitimate Windows tools like MSBuild.exe and aspnet_regiis.exe to maintain stealth and persistence.
ChatGPT hallucinated about music app Soundslice so often, the founder made the lie come true | TechCrunch
Earlier this month, Adrian Holovaty, founder of music-teaching platform Soundslice, solved a mystery that had been plaguing him for weeks. Weird images of what were clearly ChatGPT sessions kept being uploaded to the site.
Eavesdropping on MEMS Microphones With a Radio – Hackster.io
No modifications to the hardware or software are required — any phone, computer, or other device with this type of microphone is vulnerable right out of the box. And you may not even need to explicitly enable the microphone because certain commonly used apps, such as Spotify, YouTube, Amazon Music, and Google Drive, already turn it on under certain conditions.