Amazon has pinpointed a concern in its WorkSpaces Windows Client versions 5.9.0 and 5.10.0 where connection debug logs were unintentionally stored on the user’s device. If a username or password contained a backslash () or double quotes (“), they might be logged. The issue is fixed in versions 5.11.0 and 5.12.0, with the latter also erasing prior problematic… Read More »
Amazon has introduced a passkey feature, aligning itself with the ongoing trend of passwordless security. Users can now employ biometric verifications like face scans or fingerprints for login purposes on Amazon’s website. This system significantly enhances security since hackers would need physical access to a user’s device to breach their accounts.
The notorious RagnarLocker ransomware group’s dark web portal has been captured by a coalition of international law enforcement agencies. Currently, the site displays a message indicating that it has been taken down due to a combined effort by agencies from the U.S., the European Union, and Japan.
The US cybersecurity agency CISA, in collaboration with the NSA, FBI, and MS-ISAC, has published a guide outlining prevalent phishing strategies and offering countermeasures.
Amazon is dabbling with a robot named Digit to streamline mundane tasks in its warehouses. Produced by the Oregon start-up Agility Robotics and funded by Amazon, this 5ft 9in (175cm) humanoid bot can move in various directions, crouch, and lift up to 35lb (16kg). Its initial role? Relocating empty tote boxes.
State-sponsored hackers from Russia and China have targeted a vulnerability in older versions of WinRAR, the leading compression software boasting over half a billion users worldwide. Google’s Threat Analysis Group (TAG) reported on Wednesday that it has tracked multiple hacking attempts leveraging this WinRAR glitch since early 2023.
Google is enhancing its Search platform with generative AI capabilities, introducing the Search Generative Experience (SGE) to select U.S. users. Launched on October 12, this update aims to make the search experience more innovative and user-centric.
Cisco has alerted administrators about a severe authentication bypass zero-day vulnerability in its IOS XE software. This flaw, labeled as CVE-2023-20198 and pending a patch, allows unauthenticated attackers to gain full admin rights and remotely control vulnerable routers and switches.
A recent scientific paper affiliated with Microsoft has examined the trustworthiness and potential toxicity of large language models (LLMs), specifically focusing on OpenAI’s GPT-4 and its predecessor, GPT-3.5. The study suggests that while GPT-4 is generally more reliable than GPT-3.5 in standard situations, it is more susceptible to being manipulated by “jailbreaking” prompts designed to bypass its safety… Read More »
LinkedIn, owned by Microsoft, revealed on Monday a workforce reduction of nearly 700 employees, primarily from their engineering department, as per a memo seen by CNBC. Sources also mentioned cuts within the finance and human resources departments, though the informant wished to remain anonymous due to unauthorized disclosure.