Archive for the ‘Free Software’ Category

Chattanooga police say thefts of Kias and Hyundais are up after … – Chattanooga Times Free Press

As car thefts in Chattanooga go down, more Kias and Hyundais are being stolen in the city because of information online about how to start certain models without a key, police said Thursday.

Overall, stolen cars in Chattanooga are down about 30% from this time last year, Executive Chief of Police Harry Sommers said during a media briefing Thursday.

But thefts of Kias and Hyundais are up 47% in the same time frame, Sommers said.

"That's a pretty big jump over last year," he said.

(READ MORE: Thefts prompt 17 states to urge recall of Kia, Hyundai cars)

The area including East Brainerd, Hamilton Place, Shallowford Road and Highway 58 has seen the biggest increase in stolen Kias and Hyundais, according to data from the Chattanooga Police Department. In the first four months 0f 2022, 21 of those cars were reported stolen there. So far this year, there have been 50.

In total, 63 Kias and Hyundais have been reported stolen in Chattanooga in 2023. There were 43 stolen in the same time last year, police said.

Data shows slightly more Hyundais are being stolen in Chattanooga than Kias 35 this year compared to 28.

(READ MORE: Chattanooga, Southern U.S. grow electric vehicle production but lag the nation so far in EV sales)

People who own models of those cars made between 2010 and 2021 should consider installing steering wheel locks or kill switches to make them more difficult to steal, Sommers said.

After information about how to start these cars began to spread on the China-based social media app TikTok, attorneys general in 17 states sent a letter to the National Highway Traffic Safety Administration urging a recall on the cars. No Southern states signed onto that letter.

The NHTSA has tied the TikTok social media challenge to 14 crashes and eight deaths involving stolen Kias and Hyundais.

The thefts are possible in models that use a mechanical key, not a fob or push start, because the keys made during that period don't have electronic immobilizers that stop the car from starting if they're not detected inside it, according to NHTSA.

(READ MORE: Chattanooga ranks high in guns stolen from cars. The numbers are only going up.)

Both car manufacturers in February announced free software updates aimed at making their cars harder to steal. The software increases the time that car alarms go off and require the key to be inside the car before starting, a February release from NHTSA said. Hyundai also announced it would send out window stickers showing the car is equipped with anti-theft protection.

Stolen cars, if returned to their owners, are often in worse shape, Assistant Chief Jerri Sutton said following Thursday's briefing.

Sutton said the city began noticing the uptick in stolen Kias and Hyundais after the TikTok trend began making national news in February.

Contact Ellen Gerst at egerst@timesfreepress.com or 423-757-6319.

Link:
Chattanooga police say thefts of Kias and Hyundais are up after ... - Chattanooga Times Free Press

Rumour suggests Apple Watch will break free from iPhone dependency – The News International

The image shows an Apple watch. Pexels

An anonymous leaker, known only as analyst941, has suggested that the Apple Watch will soon be able to sync with multiple Apple devices, including iOS, iPadOS, and Mac devices.

Currently, the Apple Watch relies on a connected iPhone for various tasks, including initial setup, managing apps, and creating backups. However, the leaker provided no details on how this new feature will work or when it will be released.

Recent reports suggest that watchOS 10 will be the most significant software update for the Apple Watch since 2015. Bloomberg's Mark Gurman has also reported that Apple is working on a dedicated Health app for iPad as part of the upcoming iPadOS 17. Additionally, Apple is expected to release an AI-powered health coaching service.

In a separate tweet, the leaker mentioned that Apple is developing a "special version of iPadOS 17" for iPads with larger displays.

This aligns with rumours of a 14.1-inch iPad with Thunderbolt display support, slated to be released in 2024. If this device is launched, it will surpass the size of the current 12.9-inch iPad Pro and the 13.6-inch MacBook Air M2.

Apart from the ability to sync with multiple devices and the new Health app, iPadOS 17 is expected to feature lock screen customisations that were previously part of iOS 16. The release of iOS 17 and iPadOS 17 will be previewed at WWDC 2023, which is scheduled to take place from June 5-9.

In conclusion, the rumoured syncing feature of the Apple Watch across multiple devices is a highly anticipated development.

Additionally, the potential release of a new version of iPadOS specifically designed for larger iPad displays is an exciting prospect, and it appears that Apple is gearing up for significant updates across its various product lines.

Visit link:
Rumour suggests Apple Watch will break free from iPhone dependency - The News International

Vietnamese Threat Actor Infects 500000 Devices Using … – The Hacker News

May 01, 2023Ravie LakshmananMalverposting / Scam

A Vietnamese threat actor has been attributed as behind a "malverposting" campaign on social media platforms to infect over 500,000 devices worldwide over the past three months to deliver variants of information stealers such as S1deload Stealer and SYS01stealer.

Malverposting refers to the use of promoted social media posts on services like Facebook and Twitter to mass propagate malicious software and other security threats. The idea is to reach a broader audience by paying for ads to "amplify" their posts.

According to Guardio Labs, such attacks commence with the adversary creating new business profiles and hijacking already popular accounts to serve ads that claim to offer free adult-rated photo album downloads.

Within these ZIP archive files are purported images that are actually executable files, which, when clicked, activate the infection chain and ultimately deploy the stealer malware to siphon session cookies, account data, and other information.

The attack chain is highly effective as it creates a "vicious circle" wherein the information plundered using the stealer is used to create an ever-expanding army of hijacked Facebook bot accounts that are then used to push more sponsored posts, effectively scaling the scheme further.

To slip under the radar of Facebook, the threat actor has been found to pass off the newly generated business profile pages as photographer accounts. A majority of the infections have been reported in Australia, Canada, India, the U.K., and the U.S.

The method through which the PHP-based stealer is deployed is said to be constantly evolving to incorporate more detection evasion features, suggesting that the threat actor behind the campaign is actively refining and retooling their tactics in response to public disclosures.

"The malicious payload is quite sophisticated and varies all the time, introducing new evasive techniques," Guardio Labs security researcher Nati Tal said.

Learn to Stop Ransomware with Real-Time Protection

Join our webinar and learn how to stop ransomware attacks in their tracks with real-time MFA and service account protection.

The findings come as Group-IB revealed details of an ongoing phishing operation that's aimed at Facebook users by tricking them to enter their credentials on fake copycat sites designed to steal their account credentials and take over the profiles.

In a related development, Malwarebytes unearthed a malvertising campaign that has been found to trick users searching for games and food recipes on Google to serve malicious ads that redirect them to fake websites created on Weebly with the goal of conducting a tech support scam.

Read more:
Vietnamese Threat Actor Infects 500000 Devices Using ... - The Hacker News

Workers are secretly using ChatGPT, AI and it will pose big risks for tech leaders – CNBC

Lionel Bonaventure | Afp | Getty Images

Soaring investment from big tech companies in artificial intelligence and chatbots amid massive layoffs and a growth decline has left many chief information security officers in a whirlwind.

With OpenAI's ChatGPT, Microsoft's Bing AI, Google's Bard and Elon Musk's plan for his own chatbot making headlines, generative AI is seeping into the workplace, and chief information security officers need to approach this technology with caution and prepare with necessary security measures.

The tech behind GPT, or generative pretrained transformers, is powered by large language models (LLMs), or algorithms that produce a chatbot's human-like conversations. But not every company has its own GPT, so companies need to monitor how workers use this technology.

People are going to use generative AI if they find it useful to do their work, says Michael Chui, a partner at the McKinsey Global Institute, comparing it to the way workers use personal computers or phones.

"Even when it's not sanctioned or blessed by IT, people are finding [chatbots] useful," Chui said.

"Throughout history, we've found technologies which are so compelling that individuals are willing to pay for it," he said. "People were buying mobile phones long before businesses said, 'I will supply this to you.' PCs were similar, so we're seeing the equivalent now with generative AI."

As a result, there's "catch up" for companies in terms of how the are going to approach security measures, Chui added.

Whether it's standard business practice like monitoring what information is shared on an AI platform or integrating a company-sanctioned GPT in the workplace, experts think there are certain areas where CISOs and companies should start.

CISOs already combating burnout and stress deal with enough problems, like potential cybersecurity attacks and increasing automation needs. As AI and GPT move into the workplace, CISOs can start with the security basics.

Chui said companies can license use of an existing AI platform, so they can monitor what employees say to a chatbot and make sure that the information shared is protected.

"If you're a corporation, you don't want your employees prompting a publicly available chatbot with confidential information," Chui said. "So, you could put technical means in place, where you can license the software and have an enforceable legal agreement about where your data goes or doesn't go."

Licensing use of software comes with additional checks and balances, Chui said. Protection of confidential information, regulation of where the information gets stored, and guidelines for how employees can use the software all are standard procedure when companies license software, AI or not.

"If you have an agreement, you can audit the software, so you can see if they're protecting the data in the ways that you want it to be protected," Chui said.

Most companies that store information with cloud-based software already do this, Chui said, so getting ahead and offering employees an AI platform that's company-sanctioned means a business is already in-line with existing industry practices.

One security option for companies is to develop their own GPT, or hire companies that create this technology to make a custom version, says Sameer Penakalapati, chief executive officer at Ceipal, an AI-driven talent acquisition platform.

In specific functions like HR, there are multiple platforms from Ceipal to Beamery's TalentGPT, and companies may consider Microsoft's plan to offer customizable GPT. But despite increasingly high costs, companies may also want to create their own technology.

If a company creates its own GPT, the software will have the exact information it wants employees to have access to. A company can also safeguard the information that employees feed into it, Penakalapati said, but even hiring an AI company to generate this platform will enable companies to feed and store information safely, he added.

Whatever path a company chooses, Penakalapati said that CISOs should remember that these machines perform based on how they have been taught. It's important to be intentional about the data you're giving the technology.

"I always tell people to make sure you have technology that provides information based on unbiased and accurate data," Penakalapati said. "Because this technology is not created by accident."

Originally posted here:
Workers are secretly using ChatGPT, AI and it will pose big risks for tech leaders - CNBC

Testimony Suggests Trump Was at Meeting About Accessing Voting … – The New York Times

ATLANTA Former President Donald J. Trump took part in a discussion about plans to access voting system software in Michigan and Georgia as part of the effort to challenge his 2020 election loss, according to testimony from former Trump advisers. The testimony, delivered to the House Jan. 6 committee, was highlighted on Friday in a letter to federal officials from a liberal-leaning legal advocacy group.

Allies of Mr. Trump ultimately succeeded in copying the elections software in those two states, and the breach of voting data in Georgia is being examined by prosecutors as part of a broader criminal investigation into whether Mr. Trump and his allies interfered in the presidential election there. The former presidents participation in the discussion of the Georgia plan could increase his risk of possible legal exposure there.

A number of Trump aides and allies have recounted a lengthy and acrimonious meeting in the Oval Office on Dec. 18, 2020, which one member of the House Jan. 6 committee would later call the craziest meeting of the Trump presidency. During the meeting, then-President Trump presided as his advisers argued about whether they should seek to have federal agents seize voting machines to analyze them for fraud.

Testimony to the Jan. 6 committee from one aide who attended the meeting, Derek Lyons, a former White House staff secretary and counselor, was highlighted on Friday in a letter to the Justice Department and the Federal Bureau of Investigation from Free Speech for People, a liberal nonprofit legal advocacy group. Mr. Lyons recounted that during the meeting, Rudolph W. Giuliani, then Mr. Trumps personal attorney, opposed seizing voting machines and spoke of how the Trump campaign was instead going to be able to secure access to voting machines in Georgia through means other than seizure, and that the access would be voluntary.

Other attendees offered similar testimony to the committee, which released its final report on the Jan. 6 attack on the U.S. Capitol in late December. Among those involved in the Oval Office discussion were two prominent pro-Trump conspiracy theorists: Michael Flynn, the former national security adviser, and Sidney Powell, a lawyer who spread numerous falsehoods after the 2020 election and who also discussed Mr. Giulianis comments in her testimony.

Fani T. Willis, the district attorney in Fulton County, Ga., is trying to clarify Mr. Trumps role in a number of efforts to overturn his November 2020 election loss in Georgia including the plan to gain access to voting machine data and software and determine whether to recommend indictments for Mr. Trump or any of his allies for violating state laws.

A spokesman for Ms. Williss office declined to comment Friday on Mr. Lyonss testimony. Marissa Goldberg, an Atlanta-area lawyer representing Mr. Trump in Georgia, did not respond to a request for comment.

In its letter, Free Speech for People argued that the testimony and other details that have been made public prove that Mr. Trump was, at a minimum, aware of an unlawful, multistate plot to access and copy voting system software. The group urged the Justice Department and the F.B.I. to conduct a vigorous and swift investigation.

On Jan. 7, 2021, a small group working on behalf of Mr. Trump traveled to rural Coffee County, Ga., some 200 miles southeast of Atlanta, and gained access to sensitive election data; subsequent visits by pro-Trump figures were captured on video surveillance cameras.

The groups first visit to Coffee County occurred on the same day that Congress certified President Bidens victory; the certification had been delayed by the storming of the Capitol by a pro-Trump mob. The visitors to Coffee County apparently saw it as an ideal place to gather intelligence on what they viewed as voting irregularities: At one point, video footage shows the then-chair of the Coffee County Republican Party, Cathy Latham, appearing to welcome into the building the members of a forensics company hired by Ms. Powell.

Ms. Latham was also one of the 16 pro-Trump fake electors whom Georgia Republicans had assembled in an effort to reverse the election results there.

Text messages from that period indicate that some Trump allies seeking evidence of election fraud had considered other uses for the Coffee County election data and their analyses of it. One cybersecurity consultant aiding in the effort even raised the possibility, in a text message to other Trump allies in mid-January 2021, of using a report on Coffee County election data to try to decertify a highly consequential United States Senate runoff election that Democrats had just won in Georgia. CNN reported on the existence of that text message on Friday.

The Trump allies who traveled to Coffee County copied elections software used across the state and uploaded it on the internet, creating the potential for future election manipulation, according to David Cross, a lawyer involved in civil litigation over election security in Georgia filed by the Coalition for Good Governance. The Coffee County data was also used earlier this year in a presentation to conservative activists that included unfounded allegations of electoral fraud, The Los Angeles Times has reported.

Some of those involved with the Coffee County effort came to regret it. A law firm hired by SullivanStrickler, the consulting firm hired by Ms. Powell to help gain access to the countys voting machines, would later release a statement saying that, With the benefit of hindsight, and knowing everything they know now, they would not take on any further work of this kind.

Originally posted here:
Testimony Suggests Trump Was at Meeting About Accessing Voting ... - The New York Times