Apple Offers $95M to Settle Siri Privacy Lawsuit
The proposed settlement would amount to roughly $20 per Apple product that has Siri enabled, for each plaintiff.
-
-
Why Small Businesses Can’t Rely Solely on AI to Combat Threats
The growing complexity of cyber threats, paired with limited resources, makes it essential for companies to adopt a more comprehensive approach that combines human vigilance with AI’s capabilities.
-
Chrome Extension Compromises Highlight Software Supply Challenges
The Christmas Eve compromise of data-security firm Cyberhaven’s Chrome extension spotlights the challenges in shoring up third-party software supply chains.
-
New AI Jailbreak Method ‘Bad Likert Judge’ Boosts Attack Success Rates by Over 60%
Cybersecurity researchers have shed light on a new jailbreak technique that could be used to get past a large language model’s (LLM) safety guardrails and produce potentially harmful or malicious responses. The multi-turn (aka many-shot) attack strategy has been codenamed Bad Likert Judge by Palo Alto Networks Unit 42 researchers Yongzhe Huang, Yang Ji, Wenjun…
-
LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers
A proof-of-concept (PoC) exploit has been released for a now-patched security flaw impacting Windows Lightweight Directory Access Protocol (LDAP) that could trigger a denial-of-service (DoS) condition. The out-of-bounds reads vulnerability is tracked as CVE-2024-49113 (CVSS score: 7.5). It was addressed by Microsoft as part of Patch Tuesday updates for December 2024, alongside CVE-2024-49112 (
-
Critical Deadline: Update Old .NET Domains Before January 7, 2025 to Avoid Service Disruption
Microsoft has announced that it’s making an “unexpected change” to the way .NET installers and archives are distributed, requiring developers to update their production and DevOps infrastructure. “We expect that most users will not be directly affected, however, it is critical that you validate if you are affected and to watch for downtime or other…
-
Apple to Pay Siri Users $20 Per Device in Settlement Over Accidental Siri Privacy Violations
Apple has agreed to pay $95 million to settle a proposed class action lawsuit that accused the iPhone maker of invading users’ privacy using its voice-activated Siri assistant. The development was first reported by Reuters. The settlement applies to U.S.-based individuals current or former owners or purchasers of a Siri-enabled device who had their confidential…
-
EC2 Grouper Attack
What is the Attack?FortiGuard Labs Threat Team has observed recent attacks by a Threat Actor dubbed “EC2 Grouper” that leverages AWS tools for PowerShell to carry out cloud-based attacks. It leverages APIs to inventory EC2 types and available regions before executing further API calls iteratively. The Threat Actor is seen using techniques that enable remote…
-
Proposed HIPAA Amendments Will Close Healthcare Security Gaps
Changes to the healthcare privacy regulation, including technical controls for network segmentation, multifactor authentication, and encryption, would strengthen cybersecurity protections for electronic health information and address evolving threats against healthcare entities.
-