Sainsbury’s eyes up shoplifters with live facial recognition • The Register
Sainsbury's, Britain's second-largest supermarket chain, has caught the attention of privacy campaigners by launching an eight-week trial of live facial recognition (LFR) tech in two of its stores to curb shoplifting. A survey of the grocer's customers in July...
US puts $10M bounty on Russians accused of infra attacks • The Register
The US State Department has put a $10 million bounty on the heads of three Russians accused of being intelligence agents hacking America's critical infrastructure - primarily via old Cisco kit, it seems. The alert directly connects them to reports of the...
Threat actors abuse X’s Grok AI to spread malicious links
Threat actors are using Grok, X's built-in AI assistant, to bypass link posting restrictions that the platform introduced to reduce malicious advertising. As discovered by Guardio Labs' researcher Nati Tal, mavertisers often run sketchy video ads containing...
US offers $10 million bounty for info on Russian FSB hackers
The U.S. Department of State is offering a reward of up to $10 million for information on three Russian Federal Security Service (FSB) officers involved in cyberattacks targeting U.S. critical infrastructure organizations on behalf of the Russian government....
Here’s how ransomware crims are abusing AI tools • The Register
It's no secret that AI tools make it easier for cybercriminals to steal sensitive data and then extort victim organizations. But two recent developments illustrate exactly how much LLMs lower the bar for ransomware and other financially motivated cybercrime —...
Internet mapping service Censys reveals state-based abuse • The Register
Censys Inc, vendor of the popular Censys internet-mapping tool, has revealed that state-based actors are trying to abuse its services by hiding behind academic researchers. Censys started life in 2015 as an academic project that aimed to scan the internet and...
Hackers breach fintech firm in attempted $130M bank heist
Hackers tried to steal $130 million from Evertec’s Brazilian subsidiary Sinqia S.A.after gaining unauthorized access to its environment on the central bank’s real-time payment system (Pix). Evertec is a public financial technology giant that stands as a major...
How big a Drift? Cloudflare cops to Salesloft Drift breach • The Register
The list of victims keeps growing, as yet another company — Cloudflare — today disclosed that some of its customers' data was also compromised in the Salesloft Drift breach. In a very comprehensive post mortem published Tuesday, Cloudflare's Head of Security...
Cloudflare hit by data breach in Salesloft Drift supply chain attack
Cloudflare is the latest company impacted in a recent string of Salesloft Drift breaches, part of a supply-chain attack disclosed last week. The internet giant revealed on Tuesday that the attackers gained access to a Salesforce instance it uses for internal...
Cloudflare blocks largest recorded DDoS attack peaking at 11.5 Tbps
Internet infrastructure company Cloudflare said it recently blocked the largest recorded volumetric distributed denial-of-service (DDoS) attack, which peaked at 11.5 terabits per second (Tbps). In volumetric DDoS attacks, attackers overwhelm the target with...