Quote:Apple on Wednesday released an update to devices using the latest version of iOS that fixes two serious security flaws that are reportedly being used in hacks that are currently targeting iPhones and iPads.
According to a support page released by Apple, iOS 16.5.1 fixes an issue in the kernel, tracked with the code CVE-2023-32434, that could enable an attacker to execute code with kernel-level privileges. Like in previous security updates, Apple did not release more information about the fix.
“Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7,” the company said.
Two tech websites reported that the flaw that was exploited may be tied to the so-called “Operation Triangulation” campaign that targeted Apple’s iMessage to deliver malicious code before transmitting recordings, photos, and geolocation data from devices. One of the sites, The Hacker News, described it as a “zero-day” exploit, which means that the flaw is likely being exploited out in the wild.
The other serious issue that was fixed in the update is a flaw in WebKit, which is the engine that is used by the Apple Safari browser. That problem would allow an attacker to execute code via web content, and Apple said it is “aware of a report” that the flaw could be “actively exploited.”
Quote:A man who has claimed for years that Google was torturing users with flashing lights crashed a car into a building near the company’s New York City headquarters, injuring three pedestrians, authorities said.
The man, 34, drove onto the sidewalk and crashed his Ford Fusion into a building on West 15th Street and 10th Avenue in Manhattan’s Chelsea neighborhood just after 6 p.m. Tuesday, police said.
A 12-year-old girl and two women ages 50 and 47 were hit by the car, a police spokesperson said. They were hospitalized in stable condition.
The driver was arrested on charges including assault and attempted assault, police said. He had not yet been arraigned as of Wednesday and it was not clear if he had an attorney who could speak for him.
Images posted on social media show a homemade sign that says “Google Tortured Me!” and what appears to be a gasoline can at the crash scene, which is about a block from Google’s 15-story New York headquarters.
The man, who has worked as an Uber driver, filed a lawsuit in New York state court in Brooklyn in 2019 accusing Google of using blinding lights to operate a “social control program.”
He claimed in a 2021 Facebook post that Google’s Android operating system was flashing users in the eyes “for purposes of maliciously injury.”
Quote:The California Public Employees Retirement System (CalPERS), the nation’s largest public pension fund and insurer, Genworth Financial, admitted that the personal information of millions of account holders was compromised in a major security breach.
A third-party file storage vendor, PBI Research Services, was attacked by Russian hackers after going through a loophole in its MOVEit Transfer software, who then stole the data from CalPERS and Genworth.
The cybercriminals were able to exploit a weakness in the system that contained the records of deceased CalPERS members.
MOVEit file storage software is popular with many organizations around the world to store and share sensitive data.
The public pension funds in Nevada, New Jersey and Tennessee also utilize MOVEits’ mortality verification service, according to its website.
Ipswitch, which is the maker of the MOVEit, is owned by Progress Software, first discovered the security flaws in their product in May.
However, CalPERS was only informed of the breach on June 6, after PBI told them that the hackers broke into their data storage system and downloaded streams of sensitive data.
Cybersecurity firms only began to issue reports of MOVEit’s security problems the same day that PBI informed its clients about the cyber attacks.
The number of victims of the MOVEit data theft hack is in the millions, according to CalPERS and Genworth, which faced the brunt of the thefts.
Quote:A U.S. judge on Thursday imposed sanctions on two New York lawyers who submitted a legal brief that included six fictitious case citations generated by an artificial intelligence chatbot, ChatGPT.
U.S. District Judge P. Kevin Castel in Manhattan ordered lawyers Steven Schwartz, Peter LoDuca, and their law firm Levidow, Levidow & Oberman to pay a $5,000 fine in total.
The judge found the lawyers acted in bad faith and made “acts of conscious avoidance and false and misleading statements to the court.”
Levidow, Levidow & Oberman said in a statement on Thursday that its lawyers “respectfully” disagreed with the court that they acted in bad faith.
...
Schwartz admitted in May that he had used ChatGPT to help research the brief in a client’s personal injury case against Colombian airline Avianca and unknowingly included the false citations. LoDuca’s name was the only one on the brief that Schwartz prepared.
Lawyers for Avianca first alerted the court in March that they could not locate some cases cited in the brief.
Bart Banino, a lawyer for Avianca, said on Thursday that irrespective of the lawyers’ use of ChatGPT, the court reached the “right conclusion” by dismissing the personal injury case. The judge in a separate order granted Avianca’s motion to dismiss the case because it was filed too late.
Quote:Australia’s eSafety commissioner has issued Elon Musk’s Twitter with a legal notice to explain what it is doing to tackle hate speech on its platform.
The commissioner says it has received “more complaints about online hate on Twitter in the past 12 months” than any other platform and alleges an “increasing number” of reports of serious online abuse since Musk took over in October 2022.
If Twitter fails to respond to the notice in 28 days, the tech giant will face a maximum fine of $700,000 (US$476,000) per day for “continuing breaches.”
...
The commissioner also apportioned blame for the increase in “hate speech” on Musk’s decision to cut Twitter’s global workforce from 8,000 to 1,500 (including its “trust and safety teams”) and ending its public policy presence in Australia.
Musk has indicated that the staff cuts were necessary because the company was inefficient and overstaffed. Despite being publicly listed and widely used, Twitter is yet to turn a profit consistently.
...
The latest move from Australian authorities comes as the European Union (EU) also finds ways to pressure Twitter over “disinformation.”
In May, Musk withdrew Twitter from the EU’s voluntary code of practice to control discussion around topics like election manipulation, cyber violence against women, and harmful content towards minors.
...
At the same time, some research bodies have found a decline in hate speech on Twitter.
An assessment by Springklr, an “AI-based Toxicity Model,” measured hate speech differently from other researchers by evaluating “slurs in the nuanced context of their use.”
Sprinklr’s analysis found that hate speech received 67 percent fewer impressions per post than non-toxic slur posts on Twitter.
Quote:The recent Russian cyberattack on law firm EWL Ebsworth has claimed another set of victims—this time, Australia’s four major banks.
This comes as over 40 Australian government agencies are feared to have been impacted by the database hacking of HWL Ebsworth by the Russian cybercriminal group AlphV.
While the four banks—ANZ, the Commonwealth Bank of Australia (CBA), National Australia Bank (NAB), and Westpac—have confirmed that they have engaged the firm’s legal services, they have assured customers and staff that their systems have not been impacted.
“We are aware that HWL Ebsworth, a law firm engaged by NAB for some legal services, has been impacted by a cyber-attack. NAB’s systems were not impacted and remain secure. We are working with HWLE as they continue to get more information in relation to the content of these matters,” a NAB spokesperson said in a statement.
The ANZ has issued a similar response but added that it will contact employees and customers who may have been impacted and need to be notified.
The CBA told The Epoch Times it is in regular contact with the law firm and is managing the cyber attack as an “urgent priority.”
"For God has not destined us for wrath, but for obtaining salvation through our Lord Jesus Christ," 1 Thessalonians 5:9
Maranatha!
The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.
My Original Stories (available in English and Spanish)
List of Compiled Binary Executables I have published...
HiddenChest & Roole
Give me a free copy of your completed game if you include at least 3 of my scripts!
Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX, OpenChest XP VX & ACE
Maranatha!
The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.
My Original Stories (available in English and Spanish)
List of Compiled Binary Executables I have published...
HiddenChest & Roole
Give me a free copy of your completed game if you include at least 3 of my scripts!
Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX, OpenChest XP VX & ACE