Niall Firth / MIT Technology Review: How Altera deployed up to 1,000 AI agents that used LLMs to interact in Minecraft, finding that they formed a remarkable range of personality traits and roles  —  Left to their own devices, an army of AI characters didn't just survive — they thrived.  They developed in-game jobs, shared memes …

DCD speaks to the firms chasing the last nanosecond

A researcher has discovered a data broker had stored 644,869 PDF files in a publicly accessible cloud storage container.

The carrier has blamed a software update for the outage

Aims to make BBC's IT more cost-effective and replace its data center contracts

Microsoft has re-released the November 2024 Security Updates (SUs) for Exchange Server, addressing a critical issue that caused transport rules to stop functioning after a certain period in some environments. This update comes as a response to widespread reports from administrators experiencing email delivery problems following the initial release on November 12, 2024. The re-released […] The post Microsoft Re-Releases Exchange Server Security Update Fixing Transport Rules appeared first on Cyber Security News.

Scumbags play on victims' worst fears in phishing campaign referencing UK Employment Tribunal A current phishing campaign scares recipients into believing they've been sacked, when in reality they've been hacked – and infected with infostealers and other malware that means a payday for the crooks behind the scam.…

Despite the efforts of law enforcement agencies to stop and bring to justice those responsible for ransomware attacks, the situation is not improving. While authorities do not recommend making a ransomware payment, some companies are forced to make that choice in order to continue their operations. In this article, we present some important statistics about the ransom demands that companies are facing. 83% of organizations experienced at least one ransomware attack in the last year … More → The post Ransomware payments are now a critical business decision appeared first on Help Net Security.

The crypto sector stands out as the only surveyed industry where deepfake fraud surpasses traditional document fraud in prevalence, according to Regula. Crypto companies suffer significant losses from fraud The study finds that 57% of crypto companies report audio deepfake incidents, compared to just 45% facing fake or modified document fraud. Research further reveals that 53% of crypto firms have encountered video deepfake fraud, cementing deepfakes as a top concern. In contrast, other industries continue … More → The post Crypto companies are losing ground to deepfake attacks appeared first on Help Net Security.

Attackers leveraging virtual private network (VPN) vulnerabilities and weak passwords for initial access contributed to nearly 30% of ransomware attacks, according to Corvus Insurance. According to the Q3 report, many of these incidents were traced to outdated software or VPN accounts with inadequate protection. For example, common usernames such as “admin” or “user” and a lack of multi-factor authentication (MFA) made accounts vulnerable to automated brute-force attacks, where attackers exploit publicly accessible systems by testing … More → The post VPN vulnerabilities, weak credentials fuel ransomware attacks appeared first on Help Net Security.

Internet security giant Cloudflare announced that it lost 55% of all logs pushed to customers over a 3.5-hour period due to a bug in the log collection service on November 14, 2024. [...]

Researcher spotted open database before criminals … we hope Exclusive  More than 600,000 sensitive files containing thousands of people's criminal histories, background checks, vehicle and property records were exposed to the internet in a non-password protected database belonging to data brokerage SL Data Services, according to a security researcher.…

"Bootkitty" is likely a proof-of-concept, but may portend working UEFI malware for Linux.

Kelcee Griffis / Bloomberg: T-Mobile's CSO says “suspicious behavior, discovery-type commands” on the company's network devices tipped it off to the suspected Salt Typhoon-linked breach  —  - Carrier says the unauthorized activity resembled Salt Typhoon  — Companies trying to work together to avert further hacks

​Hackers have used new GodLoader malware exploiting the capabilities of the widely used Godot game engine to evade detection and infect over 17,000 systems in just three months. [...]

Thinks customers may have forgiven it after revenue hits a record CrowdStrike can't yet confidently predict the financial impact of the failed update to its Falcon software that crashed millions of computers around the world last July, but is confident its third quarter results show customers can't find a better security product.…

The riskiest apps from #privacy and #cyber #security point of view analysed: 5 out of top 10 worst apps come from #Meta, including Instagram, Facebook, Threads, messengerhttps://www.computing.co.uk/news-network/10-most-privacy-invasive-apps