Tag Archive for: Chat

Nothing’s Imessage Hack For You To Chat Via Android Comes With Some Red Flags

/in


(MENAFN– IANS) San Francisco, Nov 15 (IANS) Global consumer electronics brand Nothing, which added Apple’s iMessage functionality to Android Phone (2) via a new“Nothing Chats” app powered by the messaging platform Sunbird, comes with some red flags.

Sunbird will offer support for iMessage service, allowing users of Nothing’s flagship phone to text iPhone users as if they were on an iPhone themselves, appearing as a blue bubble. Nothing Chats will also support texting to other Android phones via RCS, in addition to SMS and MMS.

The app will be available to download from the Google Play Store, and will initially be available in the US, Canada, the UK and other European countries starting November 17.

While little is known about the Sunbird app, it promises to make this app available for free to all users.

On downloading the app, users will need to log in to Nothing Chats with an Apple ID username or create one if they don’t have one, according to CNET.

Even though Nothing promises that neither it nor Sunbird will store any of your message data or Apple ID information, it should be noted that users will be initially entering their login details that might also be tied to other Apple services.

According to a Nothing representative, these details are tokenised by Sunbird, used to set up a relay with one of Sunbird’s Mac Mini computers that make the connection to iMessage and after setup are destroyed by Sunbird.

After that, users will need to set Nothing Chats as their default messaging app to start sending and receiving iMessage chats from iPhone users alongside texts from Android devices.

Another thing that needs to be noted here is that iMessage texts users send will use the email address attached to their Apple ID instead of their phone number. It’s similar to using iMessage from an iPad or Mac computer when they don’t otherwise have an iPhone.

According to the report, Nothing plans to build phone number compatibility in a future update.

For now, users’ texts may appear to come from an email address rather than their phone number, but whoever they text can fix this by including their Apple ID email address in their contact information on…

Source…

Meet the Brains Behind the Malware-Friendly AI Chat Service ‘WormGPT’ – Krebs on Security

/in


WormGPT, a private new chatbot service advertised as a way to use Artificial Intelligence (AI) to write malicious software without all the pesky prohibitions on such activity enforced by the likes of ChatGPT and Google Bard, has started adding restrictions of its own on how the service can be used. Faced with customers trying to use WormGPT to create ransomware and phishing scams, the 23-year-old Portuguese programmer who created the project now says his service is slowly morphing into “a more controlled environment.”

Image: SlashNext.com.

The large language models (LLMs) made by ChatGPT parent OpenAI or Google or Microsoft all have various safety measures designed to prevent people from abusing them for nefarious purposes — such as creating malware or hate speech. In contrast, WormGPT has promoted itself as a new, uncensored LLM that was created specifically for cybercrime activities.

WormGPT was initially sold exclusively on HackForums, a sprawling, English-language community that has long featured a bustling marketplace for cybercrime tools and services. WormGPT licenses are sold for prices ranging from 500 to 5,000 Euro.

“Introducing my newest creation, ‘WormGPT,’ wrote “Last,” the handle chosen by the HackForums user who is selling the service. “This project aims to provide an alternative to ChatGPT, one that lets you do all sorts of illegal stuff and easily sell it online in the future. Everything blackhat related that you can think of can be done with WormGPT, allowing anyone access to malicious activity without ever leaving the comfort of their home.”

WormGPT’s core developer and frontman “Last” promoting the service on HackForums. Image: SlashNext.

In July, an AI-based security firm called SlashNext analyzed WormGPT and asked it to create a “business email compromise” (BEC) phishing lure that could be used to trick employees into paying a fake invoice.

“The results were unsettling,” SlashNext’s Daniel Kelley wrote. “WormGPT produced an email that was not only remarkably persuasive but also strategically cunning, showcasing its potential for sophisticated phishing and BEC attacks.”

SlashNext asked WormGPT to compose…

Source…

Physical Security Hack Chat With Deviant Ollam

/in


Join us on Wednesday, June 3 at noon Pacific for the Physical Security Hack Chat with Deviant Ollam!

You can throw as many resources as possible into securing your systems — patch every vulnerability religiously, train all your users, monitor their traffic, eliminate every conceivable side-channel attack, or even totally air-gap your system — but it all amounts to exactly zero if somebody leaves a door propped open. Or if you’ve put a $5 padlock on a critical gate. Or if your RFID access control system is easily hacked. Ignore details like that and you’re just inviting trouble in.

Once the black-hats are on the inside, their job becomes orders of magnitude easier. Nothing beats hands-on access to a system when it comes to compromising it, and even if the attacker isn’t directly interfacing with your system, having him or her on the inside makes social engineering attacks that much simpler. System security starts with physical security, and physical security starts with understanding how to keep the doors locked.

join-hack-chatTo help us dig into that, Deviant Ollam will stop by the Hack Chat. Deviant works as a physical security consultant and he’s a fixture on the security con circuit and denizen of many lockpicking villages. He’s well-versed in what it takes to keep hardware safe from unauthorized visits or to keep it from disappearing entirely. From CCTV systems to elevator hacks to just about every possible way to defeat a locked door, Deviant has quite a bag of physical security tricks, and he’ll share his insights on keeping stuff safe in a dangerous world.

Our Hack Chats are live community events in the Hackaday.io Hack Chat group messaging. This week we’ll be sitting down on Wednesday, June 3 at 12:00 PM Pacific time. If time zones have you down, we have a handy time zone converter.

Click that speech bubble to the right, and you’ll be taken directly to the Hack Chat group on Hackaday.io. You don’t have to wait until Wednesday; join whenever you want and you can see what the community is talking about.


Source…

RSAC Fireside Chat: Counteracting Putin’s weaponizing of ransomware — with containment

/in


By Byron V. Acohido

The ransomware plague endures — and has arisen as a potent weapon in geopolitical conflicts.

Cyber extortion remains a material threat to organizations of all sizes across all industries. Ransomware purveyors have demonstrated their capability to endlessly take advantage of a vastly expanded network attack surface – one that will only continue to expand as the shift to massively interconnected digital services accelerates.

Meanwhile, Russia has turned to weaponing ransomware in its attempt to conquer Ukraine, redoubling this threat. Now that RSA Conference 2023 has wrapped, these things seem clear: ransomware is here to stay; it is not, at this moment, being adequately mitigated; and a new approach is needed to slow, and effectively put a stop to, ransomware.

I had the chance to visit with Steve Hahn, EVP Americas, at Bullwall, which is in the vanguard of security vendors advancing ways to instantly contain threat actors who manage to slip inside an organization’s network.

Guest expert: Steve Hahn, EVP Americas, Bullwall

Bullwall has a bird’s eye view of Russia’s ongoing deployment of ransomware attacks against Ukraine, and its allies, especially the U.S.

Weaponized ransomware doubly benefits Russia: it’s lucrative, generating  billions in revenue and thus adding to Putin’s war chest; and at the same time it also weakens a wide breadth of infrastructure of Putin’s adversaries across Europe and North America.

Containment is a logical tactic that could make a big difference in stopping ransomware and other types of attacks. For a full drill down, please give the accompanying podcast a listen. I’ll keep watch and keep reporting.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

(LW provides consulting services to the vendors we cover.)

May 20th, 2023

 

Source…