Comment

I hope nobody loses their shirt over this.

Summary

• Sensitive data exposed: Internal code, infrastructure diagrams, passwords, and other technical information were publicly accessible on GitHub for months.
• Source unclear: Unclear if an outside hacker or Binance employee accidentally uploaded the data.
• Potential risk: Information could be used by attackers to compromise Binance systems, though Binance claims "negligible risk".
• Data details: Included code related to passwords and multi-factor authentication, diagrams of internal infrastructure, and apparent production system passwords.
• Binance response: Initially downplayed the leak, later acknowledged data was theirs but downplayed risk.
• Current status: Data removed from GitHub via copyright takedown request.
• Unclear if any malicious actors accessed the data.

The issue:

Android users with Firefox can't access Google Search (including intl sites and localized domains like google.de, .co.uk, .com.br). Instead, they see a blank page.

Cause:

A server-side bug on Google's end related to User-Agent (UA) sniffing, which serves an empty page to newer Firefox versions.

Affected versions:

All Firefox versions on Android (>= 65) including Mobile 121.0, Nightly 123, and older.

Chrome not affected:

The bug is specific to Firefox.

Solutions:

• Use a different browser (Chrome, etc.) or search engine (DuckDuckGo).

Advanced users can:

• Change Firefox's UA in developer settings or with add-ons.
• Request the desktop version of Google from Firefox settings (region-dependent).

Status:

• Problem identified as critical and escalated.
• Still unresolved at the time of reporting.

Additional notes:

• Disabling Firefox's Enhanced Tr

Main findings:

• The seasons, especially winter, can affect our mood, memory, concentration, social behavior, and sex drive.
• Shorter daylight hours are linked to winter blues and Seasonal Affective Disorder (SAD), characterized by low mood, sleep issues, and energy loss.
• Reduced light disrupts our circadian rhythm, impacting mood and cognitive function.
• Vitamin D deficiency (from less sunlight) might also contribute to winter blues and cognitive decline.
• We may subconsciously seek warmth and social connection during colder months, explaining increased interest in romance films and social activities.
• Sexual activity fluctuates across seasons, potentially due to the desire for physical and emotional warmth.

Key takeaways:

• Embrace positive aspects of winter like its beauty and coziness to improve mood.
• Cognitive behavioural therapy can help managing negative thoughts and boost winter well-being.
• Don't b

Key Points:

• Security and privacy concerns: Increased use of AI systems raises issues like data manipulation, model vulnerabilities, and information leaks.
• Threats at various stages: Training data, software, and deployment are all vulnerable to attacks like poisoning, data breaches, and prompt injection.
• Attacks with broad impact: Availability, integrity, and privacy can all be compromised by evasion, poisoning, privacy, and abuse attacks.
• Attacker knowledge varies: Threats can be carried out by actors with full, partial, or minimal knowledge of the AI system.
• Mitigation challenges: Robust defenses are currently lacking, and the tech community needs to prioritize their development.
• Global

• Previous images of Neptune and Uranus, particularly from Voyager 2, were inaccurately blue and green due to image processing for detail enhancement.
• New research analyzed data from Hubble and VLT telescopes to reveal their "true" colors are both a similar shade of greenish-blue.
• Neptune still has a slightly bluer tinge due to a thinner haze layer.
• Uranus may appear slightly greener in summer/winter but bluer in spring/autumn due to its unique tilt.
• This research corrects a long-held misconception about these distant planets.

Key points:

• First-time painted dog mother abandons 8 pups at Potawatomi Zoo.
• Golden retriever named Kassy becomes surrogate mother to pups.
• 3 pups survive despite initial struggles due to missing pack interactions.
• Pups, named Blue, Red, and Orange, won't immediately rejoin painted dog pack to avoid conflict.
• Story highlights animal care difficulties, endangered species survival, and zoo conservation efforts.

Additional details:

• Painted dogs endangered due to habitat loss and hunting.
• https://en.wikipedia.org/wiki/African_wild_dog

cross-posted from: https://zerobytes.monster/post/5063838

I guess if the law firm handles its own data breach this way; you can expect the companies to handle the breaches the same way.

Summary

The international law firm Orrick, Herrington & Sutcliffe, specializing in handling security incidents for companies, suffered a cyberattack in March 2023, resulting in the exposure of sensitive health information belonging to over 637,000 data breach victims.

The stolen data included consumer names, dates of birth, postal address and email addresses, and government-issued identification numbers, such as Social Security numbers, passport and driver license numbers, and tax identification numbers. The data also includes medical treatment and diagnosis information, insurance claims information — such as the date and costs of services — and healthcare insurance numbers and provider details.

Orrick, serving as legal counsel during security incidents at other companies, revealed that the b

Summary:

The article discusses the phenomenon of microchimerism, where cells from a developing fetus can integrate into the mother's body and persist for years, potentially influencing various aspects of health. This bidirectional transfer of cells between mother and fetus during pregnancy is suggested to occur in various organs, such as the heart, lungs, breast, colon, kidney, liver, and brain. These cells, referred to as microchimeric cells, are genetically distinct entities that may play a role in immune system development, organ acceptance in transplantation, and even influencing behavior.

Researchers propose that microchimeric cells might impact susceptibility to diseases, pregnancy success, and overall health. Studies in mice suggest that these cells acquired during gestation could fine-tune the immune system and contribute to successful pregnancies. The article explores potential benefits and drawbacks of microchimerism, including its role in autoimmune diseases, organ acc

Summary:

The author reflects on the challenges of memory and highlights a forgotten but valuable feature of Google Assistant on Android. The feature, called "Open memory," serves as a hub for Assistant's cross-platform information-storing system. Users can ask Google Assistant to remember specific information, and the "Open memory" command allows them to access a comprehensive list of everything stored, making it a useful tool for recalling details from any device connected to Google Assistant. The article emphasizes the potential of this feature for aiding memory and suggests incorporating it into daily habits for better recall.

From: https://petapixel.com/2023/05/30/15-incredible-photos-from-2023-milky-way-photographer-of-the-year/

Full Story

https://www.goodnewsnetwork.org/christine-crosss-dream-of-petting-a-penguin-is-fulfilled-for-christmas/

Summary

An elderly woman named Christine Cross has always been a huge fan of penguins. For Christmas, her daughter Lindsay fulfilled Christine's lifelong dream of petting a real penguin at SeaWorld San Diego. Christine was so overcome with emotion that she cried tears of joy.

Christine has always felt a connection to penguins because they are clumsy on land but graceful in the water, just like her. She collects anything penguin-themed and has sponsored penguins in zoos for years.

Lindsay said that when she told Christine about the present, "she didn't say any words. It was more like an excited noise." After the experience, Christine couldn't stop saying thank you.

Summary

A new sextortion scam is circulating, impersonating YouPorn. Victims receive an email claiming that a sexually explicit video of them has been uploaded to the site and must pay to have it removed. In the past, similar scams threatened to share explicit content with contacts unless a ransom was paid, generating substantial profits. This recent scam claims to be from YouPorn, offering a free removal link that leads to nothing and lists paid options ranging from $199 to $1,399. Victims are urged to pay via Bitcoin. Thankfully, this campaign has not been successful, but it's important to remember that these emails are scams. If you receive such an email, delete it; there is no actual video, and making payments is not advisable.

by long10000

Other views:

by long10000

by 杨志强Zhiqiang

by long10000

by long10000

by David290

![](https://upload.wikimedia

Short Summary

The macOS app called NightOwl, originally designed to provide a night mode feature for Macs, has turned into a malicious tool that collects users' data and operates as part of a botnet. Originally well-regarded for its utility, NightOwl was bought by another company, and a recent update introduced hidden functionalities that redirected users' data through a network of affected computers. Web developer Taylor Robinson discovered that the app was running a local HTTP proxy without users' knowledge or consent, collecting users' IP addresses and sending the data to third parties. The app's certificate has been revoked, and it is no longer accessible. The incident highlights the risks associated with third-party apps that may have malicious intentions after updates or ownership changes.

Longer Summary

The NightOwl app was developed by Keeping Tempo, an LLC that went inactive earlier this year. The app was recently found to have been turned into a botnet by the new o

Summary

• The Marion County Record newsroom in Kansas was raided by police, who seized two cellphones, four computers, a backup hard drive, and reporting materials.
• A computer seized was most likely unencrypted. Law enforcement officials hope that devices seized during a raid are unencrypted, as this makes them easier to examine.
• Modern iPhones and Android phones are encrypted by default, but older devices may not be.
• Desktop computers typically do not have encryption enabled by default, so it is important to turn this on manually.
• Use strong random passwords and keep them in a password manager.
• During the raid, police seized a single backup hard drive. It is important to have multiple backups of your data in case one is lost or stolen.
• You can encrypt USB storage devices using BitLocker To Go on Windows, or Disk Utility on macOS.
• All major desktop operating systems support Veracrypt, which can be used to encrypt entire drives.

Main Take-aways

• Encrypt

Paper & Examples

"Universal and Transferable Adversarial Attacks on Aligned Language Models." (https://llm-attacks.org/)

Summary

• Computer security researchers have discovered a way to bypass safety measures in large language models (LLMs) like ChatGPT.
• Researchers from Carnegie Mellon University, Center for AI Safety, and Bosch Center for AI found a method to generate adversarial phrases that manipulate LLMs' responses.
• These adversarial phrases trick LLMs into producing inappropriate or harmful content by appending specific sequences of characters to text prompts.
• Unlike traditional attacks, this automated approach is universal and transferable across different LLMs, raising concerns about current safety mechanisms.
• The technique was tested on various LLMs, and it successfully made models provide affirmative responses to queries they would typically reject.
• Researchers suggest more robust adversarial testing and improved safety measures befo

News article: https://techcrunch.com/2023/08/10/belarus-hackers-target-foreign-diplomats/

News Summary

• A hacking group with apparent links to the Belarusian government has been targeting foreign diplomats in the country for nearly 10 years.
• The group, which ESET has dubbed MoustachedBouncer, has likely been hacking or at least targeting diplomats by intercepting their connections at the internet service provider (ISP) level, suggesting close collaboration with Belarus' government.
• Since 2014, MoustachedBouncer has targeted at least four foreign embassies in Belarus: two European nations, one from South Asia, and another from Africa.
• ESET first detected MoustachedBouncer in February 2022, days after Russia invaded Ukraine, with a cyberattack against specific diplomats in the embassy of a European country "somehow involved in the war."
• The hacking group is able to trick the target's Windows operating system into believing it's connected to a network with a captive portal.

Summary

• Detroit woman wrongly arrested for carjacking and robbery due to facial recognition technology error.
• Porsche Woodruff, 8 months pregnant, mistakenly identified as culprit based on outdated 2015 mug shot.
• Surveillance footage did not match the identification, victim wrongly identified Woodruff from lineup based on the 2015 outdated photo.
• Woodruff arrested, detained for 11 hours, charges later dismissed; she files lawsuit against Detroit.
• Facial recognition technology's flaws in identifying women and people with dark skin highlighted.
• Several US cities banned facial recognition; debate continues due to lobbying and crime concerns.
• Law enforcement prioritized technology's output over visual evidence, raising questions about its integration.
• ACLU Michigan involved; outcome of lawsuit uncertain, impact on law enforcement's tech use in question.