All posts tagged: cybersecurity

One Job That Is Growing in the A.I. Era? Cybersecurity Experts.

One Job That Is Growing in the A.I. Era? Cybersecurity Experts.

Published by skeptic

“The job market for security people is getting hotter and hotter,” Dr. Kissner added. Cybersecurity is not the only area where A.I. has spurred a hiring boom. It is also creating jobs in private equity and venture capital firms, recruiters said, as investors look to cash in on the A.I. boom and to use the technology to assess and enhance their portfolios. The A.I. industry itself is hiring — the fastest-growing job title for recent college graduates is A.I. engineer, according to LinkedIn. “We need more software engineers than ever,” Nick Fox, the senior vice president of knowledge and information at Google, said on a panel at the company’s marketing conference last week. But engineers’ roles have shifted to managing A.I. agents, or bots that act as assistants in accomplishing various tasks, he said. “That’s a change to the work of a software engineer,” he said. “But it doesn’t mean the job of a software engineer goes away.” Still, those areas of growth are unlikely to offset widespread job cuts in other parts of the …

Is AdultFriendFinder safe to use? What a cybersecurity expert says

Is AdultFriendFinder safe to use? What a cybersecurity expert says

Published by skeptic

One of the most common questions asked about AdultFriendFinder is understandable: Is AFF safe to use? Just one look at the dating site is enough to sound those alarm bells — the dated interface and design and the sheer volume of adult content. Prospective daters are right to question its legitimacy. To better understand the risks of using AdultFriendFinder, we consulted Anna Larkina, Web Data and Privacy Analysis Expert at Kaspersky, one of the world’s leading cybersecurity services, about the kinds of threats that users might face and how to mitigate the risks. Credit: AdultFriendFinder Understanding the risks of online dating First off, understand that there is a risk inherent to using any online service, and that even the most reputable websites have experienced major hacks or exploits. “Users should remember that any service can potentially encounter various cybersecurity issues,” Larkina told us, including “data leaks, attacks on third party contractors, or issues related to the human factor.”  Hookup apps for everyone AdultFriendFinder — readers’ pick for casual connections Tinder — top pick for finding …

These special phone and app features can help protect you from spyware

These special phone and app features can help protect you from spyware

Published by skeptic

Spyware attacks on journalists, human rights defenders, and political dissidents are no longer rare or exotic. In early 2025, WhatsApp notified roughly 90 users — many of them journalists and civil society members across Europe — that they had been targeted by Israeli spyware company Paragon Solutions. Months later, Apple sent threat notifications to a new group of iOS users; forensic analysis confirmed two of them, both journalists, had been hit with Paragon’s Graphite spyware using a zero-click attack, meaning they didn’t even have to tap a link to be compromised. These aren’t isolated incidents. They’re the norm. For the last 15 years, security researchers have documented countless cases where government hackers have targeted and successfully compromised journalists, human rights defenders, critics, and political opponents.  These attacks rely on expensive, sophisticated, and stealthy tools that allow their operators to hack into and install spyware on computers, but especially smartphones, which hold virtually all of the data about a person’s daily life.  Spyware gives its operators virtually full access to the target’s device and data. Government …

Kash Patel’s clothing brand website shut down after reports it was hacked

Kash Patel’s clothing brand website shut down after reports it was hacked

Published by skeptic

The merchandise website of FBI director Kash Patel was taken offline on Friday after reports that it had been hijacked by hackers trying to infect visitors with malware, as first reported by Straight Arrow News. As of this writing, the website of Based Apparel is offline. On Thursday, an X user who goes by Debbie posted that the brand’s website apparently had malware on it, in particular an infostealer, a type of malicious software designed to infect victims and steal their credentials and passwords. A security researcher later analyzed the malware.  Brand Apparel could not be reached for comment. TechCrunch emailed a Gmail address previously associated with Patel, but we have not received an answer.   This was not a good week for security for MAGA-associated business ventures.  On Friday, President Trump’s cell phone provider and maker of Trump Mobile confirmed that the company left customers’ personal information exposed online, including names, email addresses, mailing addresses, cell numbers, and order identifiers. The confirmation came days after a researcher alerted two YouTubers who had purchased Trump Mobile’s …

The House Article | Mythos And AI Hacking: A High-Stakes Cybersecurity Arms Race

The House Article | Mythos And AI Hacking: A High-Stakes Cybersecurity Arms Race

Published by Sam Flores

(Timon Schneider/Alamy) 7 min read4 hr News of an AI system too powerful for public release has raised fears it could be weaponised for cyber-attacks. How much of a threat could it pose? Noah Vickers reports It was neither just a savvy marketing move nor simply a selfless act of corporate responsibility. Instead, most informed observers agree, it was a bit of both. On 7 April, AI firm Anthropic announced that its latest model, Claude Mythos Preview, was “strikingly capable at computer security tasks”. So capable, in fact, that they were not releasing it to the public. Through an initiative they dubbed Project Glasswing, Mythos has been made available to America’s biggest tech giants and financial institutions. By giving them privileged access to it, Glasswing’s participants are using Mythos to find ‘zero-day’ – that is, undiscovered – vulnerabilities in their systems and patch them up. Anthropic still intend to publicly release “Mythos-class” AI models at some stage. They just aren’t saying when. And in the meantime, experts warn that the UK’s …

Palantir Held a Hack Week to Add New Controls to Software Used by ICE

Palantir Held a Hack Week to Add New Controls to Software Used by ICE

Published by skeptic

Palantir hosted a hack week this spring to try to turn internal consternation over the company’s work with the Department of Homeland Security (DHS) and Immigration and Customs Enforcement (ICE) into clearer oversight tools for products used in the Trump administration’s immigration crackdown, according to material reviewed by WIRED. The new tools provide organizations, including DHS and ICE, more information on how their workers use Palantir software. Organizations can set up alerts for “concerning behavior,” like exfiltrating datasets, and search the session logs of individual users. They also allow organizations to see which users have viewed specific sets of information. Palantir declined to comment. Palantir regularly holds hack weeks, challenging engineers from across the company to experiment with and solve problems in its products. This hack week focused on Palantir’s work with DHS and ICE, which has come under fire from both external critics and workers who fear the company’s tools are empowering the Trump administration’s immigration crackdown. “This effort embodies the culture of the Palantir that I choose to work at,” Ted Mabrey, head …

The password is dying. Biometric security is replacing it.

The password is dying. Biometric security is replacing it.

Published by skeptic

For decades, the password has been the foundation of digital security. From online banking and email accounts to workplace systems and social media platforms, passwords became the default way people proved who they were online. Now, cybersecurity experts increasingly believe that model is breaking down. Rising levels of phishing, credential theft, ransomware attacks and AI-driven fraud are exposing the limitations of password-based security systems that were designed for a much simpler internet era. In response, technology companies, banks and governments are accelerating a shift toward biometric security, using fingerprints, facial recognition, voice authentication and behavioural analysis to verify identity. The transition is already reshaping how people access devices, financial services and digital platforms. Smartphones unlock with a glance instead of a PIN. Airports use facial recognition gates instead of manual document checks. Banks increasingly rely on biometric authentication to detect fraud. Supporters argue biometric security offers a more seamless and secure alternative to passwords. Critics warn it could also create new privacy risks in a world where personal identity data is becoming one of the …

GitHub says hackers stole data from thousands of internal repositories

GitHub says hackers stole data from thousands of internal repositories

Published by skeptic

GitHub, the popular developer platform owned by Microsoft, confirmed it was hacked and attackers had stolen data from around 3,800 internal code repositories. The code hosting and sharing giant said in a series of posts on X that it has “no evidence of impact to customer information stored outside of GitHub’s internal repositories,” but noted its investigation was ongoing. GitHub said it “detected and contained a compromise of an employee device involving a poisoned VS Code extension,” referring to a plugin for Visual Studio Code, a popular code editor that developers use for programming. Hackers are increasingly targeting popular open-source projects, including coding extensions, with the aim of compromising developers’ computers and their projects. Targeting popular projects allows hackers to gain access to vast numbers of computers at the same time, magnifying the impact of their attacks.  GitHub did not name the compromised extension. The Record and Bleeping Computer report that a hacking group called TeamPCP has taken credit for the GitHub breach, and is selling the data on a cybercrime forum. GitHub did not …

A hotel check-in system left a million passports and driver’s licenses open for anyone to see

A hotel check-in system left a million passports and driver’s licenses open for anyone to see

Published by skeptic

A hotel check-in system left more than 1 million customer passports, driver’s licenses, and selfie verification photos to the open web after a security lapse. The data is now offline after TechCrunch alerted the company responsible. The hotel check-in system, called Tabiq, is maintained by the Japan-based tech startup Reqrea. According to its website, Tabiq is used in several hotels across Japan and relies on facial recognition and document scanning to check guests in. Independent security researcher Anurag Sen contacted TechCrunch earlier this week after discovering that the system was leaking the sensitive documents of hotel guests from around the world. Sen said this was because the startup set one of its Amazon cloud-hosted storage buckets, which the check-in system uses to store customer data, to be publicly accessible. The data inside could be viewed by anyone using a web browser, without needing a password, by knowing only the bucket name: “tabiq.”  Sen alerted TechCrunch in an effort to help notify the company. Reqrea locked down the storage bucket after TechCrunch reached out to both …