Paternity and fertility tests among data stolen in Asper Biogene cyberattack | News | ERR
Among the health data illegally downloaded from genetic testing company Asper Biogene's database were details related to paternity and fertility tests. Some of the data is easily understandable and can be directly connected to specific individuals, Pille Lehis, director general of the Data Protection Inspectorate, said on ETV morning show "Terevisioon.".
Hackers are exploiting critical Apache Struts flaw using public PoC
Hackers are attempting to leverage a recently fixed critical vulnerability (CVE-2023-50164) in Apache Struts that leads to remote code execution, in attacks that rely on publicly available proof-of-concept exploit code.
%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F24931349%2F236792_iPhone_15_Pro_and_15_Pro_Max_product_photos_AJohnson_0005.jpg?width=92&height=&ar=&mode=&format=avif&dpr=2)
%2Fcloudfront-us-east-2.images.arcpublishing.com%2Freuters%2F7WB4KO3VURIJFCMNGZMZOWFTHU.jpg?width=92&height=&ar=&mode=&format=avif&dpr=2)
Ukraine's top mobile operator hit by biggest cyberattack of war so far | Reuters
Ukraine's biggest mobile network operator was hit on Tuesday by what appeared to be the largest cyberattack of the war with Russia so far, knocking out mobile and internet services for millions and the air raid alert system in parts of Kyiv region.
One in four apps remain exposed to Log4Shell
Two years after the Log4Shell vulnerability in the open source Java-based Log4j logging utility was disclosed, circa one in four applications are dependent on outdated libraries, leaving them open to exploitation. Research from security shop Veracode revealed that the vast majority of vulnerable apps may never have updated the Log4j library after it was implemented by developers as 32 percent were running pre-2015 EOL versions.
%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F23935560%2Facastro_STK103__03.jpg?width=92&height=&ar=&mode=&format=avif&dpr=2)
Early Warning Notification - the use of Bluetooth trackers for geolocation in organised crime | Europol
Bluetooth Trackers Exploited for Geolocation in Organised CrimeBluetooth trackers, commonly used for locating personal items and vehicles, have become an unexpected tool in organised crime, according to recent findings reported by Europol in an Early Warning Notification. Typically designed for purposes such as finding lost keys or preventing vehicle theft, Bluetooth trackers are now being leveraged by criminals for geo-locating...
23andMe changes terms of service amid legal fallout from data breach
Days after a data breach allowed hackers to steal 6.9 million 23andMe users' personal details, the genetic testing company changed its terms of service to prevent customers from formally suing the firm or pursuing class-action lawsuits against it. Why it matters: It's unclear if 23andMe is attempting to retroactively shield itself from lawsuits alleging it acted negligently.
Using AI to Automatically Jailbreak GPT-4 and Other LLMs in Under a Minute
It’s been one year since the launch of ChatGPT, and since that time, the market has seen astonishing advancement of large language models (LLMs). Despite the pace of development continuing to outpace model security, enterprises are beginning to deploy LLM-powered applications. Many rely on guardrails implemented by model developers to prevent LLMs from responding to sensitive prompts. However, even with the considerable time and effort spent by the likes of OpenAI, Google, and Meta, these guardrails are not resilient enough to protect enterprises and their users today. Concerns surrounding model risk, biases, and potential adversarial exploits have come to the forefront.
