protect computer Archives – Gridinsoft Blog https://gridinsoft.com/blogs/tag/protect-computer/ Welcome to the Gridinsoft Blog, where we share posts about security solutions to keep you, your family and business safe. Tue, 29 Aug 2023 19:57:23 +0000 en-US hourly 1 https://wordpress.org/?v=68130 200474804 Google Is Working on an Information Security Project Called Web Integrity API https://gridinsoft.com/blogs/web-integrity-api/ https://gridinsoft.com/blogs/web-integrity-api/#respond Fri, 28 Jul 2023 16:29:07 +0000 https://gridinsoft.com/blogs/?p=16462 A team of four Google engineers is working on a new project called the Web Environment Integrity API, which will allow sites to block client applications that change their code. In addition to the obvious security benefits, the new API will actually allow Google and site operators to effectively deal with ad blockers. As you… Continue reading Google Is Working on an Information Security Project Called Web Integrity API

The post Google Is Working on an Information Security Project Called Web Integrity API appeared first on Gridinsoft Blog.

]]>
A team of four Google engineers is working on a new project called the Web Environment Integrity API, which will allow sites to block client applications that change their code.

In addition to the obvious security benefits, the new API will actually allow Google and site operators to effectively deal with ad blockers.

Users often depend on sites that trust the client environment in which they operate. This trust assumes that the client environment is honest about a number of aspects of its own activities, ensures the security of user data and intellectual property, and is also transparent about whether a person uses it.the description of the Web Integrity API project says.

As you can easily guess from this introduction, the main goal of the project is to learn more about the person on the other side of the browser, to make sure that he is not a robot, and the browser has not been modified or faked in any way.

The developers say that such data will be useful for advertisers to count ad impressions, help fight bots on social networks, protect intellectual property rights, counter cheating in web games, and also increase the security of financial transactions.

That is, at first glance, the Web Environment Integrity API is designed as a security solution so that sites can detect malicious code modifications on the client side and disable malicious clients. The developers list several scenarios for the possible use of the new API:

  1. detection of manipulation in social networks;
  2. detection of bot traffic in ads to improve customer experience and access to web content;
  3. detection of phishing campaigns (for example, Webview in malicious applications);
  4. detection of mass takeover or account creation attempts;
  5. detection of large-scale cheating in web games with fake clients;
  6. Detection of compromised devices where user data may be at risk;
  7. detecting account takeover attempts by guessing a password.

At the same time, the authors of the Web Integrity API write that they were inspired by “existing native attestation signals, including [Apple] App Attest and [Android] Play Integrity API.”

It’s worth clarifying here that Play Integrity (formerly SafetyNet) is an Android API that allows apps to find out if a device has been rooted. Root access allows you to take full control of the device, and many application developers do not like this. Therefore, after receiving the appropriate signal from the Android Integrity API, some types of applications may simply refuse to start.

As a rule, banking applications, Google Wallet, online games, Snapchat, as well as some multimedia applications (for example, Netflix) refuse to work in such cases. After all, it is believed that root access can be used to cheat in games or phish banking data. Although root access may also be needed to configure the device, remove malware, or create a backup system, Play Integrity does not consider such uses and in any case blocks access.

As experts now assume, Google aims to do the same across the Internet.

By Google’s design, during a web page transaction, the server may require the user to pass an environment attestation test before they receive any data. At this point, the browser will contact a third-party attestation server and the user will have to pass a certain test. If the verification is passed, the user receives a signed IntegrityToken that confirms the integrity of their environment and points to the content to be unlocked.

Then the token is transferred back to the server, and if the server trusts the tester company, then the content is unlocked, and the person finally gets access to the necessary data.

Web Integrity API

As many now assume, if the browser in this example is Chrome, and the attestation server is also owned by Google, then Google will decide whether or not to allow a person access to sites.

The company assures that Google is not going to use the described functionality to the detriment. Thus, the creators of the Web Integrity API “firmly believe” that their API should not be used for fingerprinting people, but at the same time they want to get “some kind of indicator that allows you to limit the speed in relation to the physical device.”

It also states that the company does not want to “interfere with browser functionality, including plugins and extensions.” Thus, the developers make it clear that they are allegedly not going to fight ad blockers, although the company has been working on the scandalous Manifest V3 for many years, whose goal is precisely this. We, by the way, wrote how the developers will implement these rules. And the new API can be used to detect when an ad blocker is tampering with ad code. After that, the site operator will be free to simply stop providing services.

The discussion of this topic on the network has already provoked a wave of criticism against Google, and the project has been dubbed DRM for the Internet. For example, developers, information security specialists, and ordinary users note that the Web Integrity API project intends to be hosted on GitHub by one of the developers, and Google is trying to distance itself from development that can literally poison existing web standards, helping the company save the advertising business.

The discussion on the project’s Issues page on GitHub also deals primarily with the ethical aspects of what is happening, and Google is accused of trying to become a monopolist in another area and “kill” ad blockers.

You might also be interested in our article on how Google membership rewards scam is a new popular type of online fraud.

The post Google Is Working on an Information Security Project Called Web Integrity API appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/web-integrity-api/feed/ 0 16462
Snappy Tool Helps Avoid Fraudulent Wi-Fi Hotspots https://gridinsoft.com/blogs/snappy-wifi-tool/ https://gridinsoft.com/blogs/snappy-wifi-tool/#respond Thu, 06 Jul 2023 14:24:31 +0000 https://gridinsoft.com/blogs/?p=15766 Trustwave has created a Snappy tool that will make it easy to determine if the Wi-Fi network is fake or fraudulent. The utility particularly checks whether the network spoofs the MAC address and SSID. The solution is available for free downloading on the company’s GitHub repository. For years, security experts have been warning about the… Continue reading Snappy Tool Helps Avoid Fraudulent Wi-Fi Hotspots

The post Snappy Tool Helps Avoid Fraudulent Wi-Fi Hotspots appeared first on Gridinsoft Blog.

]]>
Trustwave has created a Snappy tool that will make it easy to determine if the Wi-Fi network is fake or fraudulent. The utility particularly checks whether the network spoofs the MAC address and SSID. The solution is available for free downloading on the company’s GitHub repository.

For years, security experts have been warning about the dangers of using Wi-Fi hotspots in public places, as in cafes, airports, hotels, or shopping malls. The fact is that these access points may turn out to be devices of intruders who will eventually be able to carry out a man-in-the-middle attack, intercept the victim’s traffic, credentials from her accounts, and payment information.

Consider reading our other articles regarding Wi-Fi usage dangers. We talked about FrAg attacks on Wi-Fi access points – one of the most widespread attack types. There was also an interesting experiment where a guy hacked 70% of Tel Aviv routers. Also, there was an article where specialists explained danger of Wi-Fi devices on airplanes

Snappy tool allows detecting fake Wi-Fi networks

Trustwave expert Tom Neaves writes that spoofing MAC addresses and SSIDs of real access points in open networks is a trivial task for attackers. As a result, people’s devices often try to automatically connect to networks they have previously connected to using a saved access point, but in fact connect to a malicious device. To make it easier to avoid such situations, Neaves has created a Python script called Snappy that helps determine whether the access point the user is connecting to is the same as always, or the user is dealing with a fake device of hackers.

Explaining the mechanism

After analyzing the Beacon Management Frames, the expert found certain static elements, including data about the provider, BSSID, supported speeds, channel, country, maximum transmit power, and so on. This data varies for different 802.11 wireless access points, but remains the same for a particular access point over time.

Beacon management frames Snappy
Beacon Management Frames, that may uncover the Wi-Fi spoofing attempt

Neaves concluded that it was possible to concatenate these elements and hash them using SHA256, creating a unique access point signature that could then be used to detect matches or mismatches. >So, matches mean that the access point is the same as always (that is, trustworthy), while a signature mismatch means that something has changed, and the access point may be malicious.

Snappy interface
Console interface of the Snappy tool

In addition, Snappy is able to detect hotspots created with Airbase-ng. This tool is often used by attackers to create fake access points, intercept packets of connected users, and inject data into other people’s network traffic.

The post Snappy Tool Helps Avoid Fraudulent Wi-Fi Hotspots appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/snappy-wifi-tool/feed/ 0 15766
LastPass Users Can’t Login to App after Resetting MFA https://gridinsoft.com/blogs/reset-mfa-in-lastpass/ https://gridinsoft.com/blogs/reset-mfa-in-lastpass/#respond Tue, 27 Jun 2023 14:16:41 +0000 https://gridinsoft.com/blogs/?p=15581 Since May 2023, users of the LastPass password manager have been experiencing severe login issues after resetting their MFA. It all started when people were asked to reset multi-factor authentication (MFA) applications. The fact is that users are required to re-login to their LastPass account and reset the MFA after the company was hacked at… Continue reading LastPass Users Can’t Login to App after Resetting MFA

The post LastPass Users Can’t Login to App after Resetting MFA appeared first on Gridinsoft Blog.

]]>
Since May 2023, users of the LastPass password manager have been experiencing severe login issues after resetting their MFA.

It all started when people were asked to reset multi-factor authentication (MFA) applications. The fact is that users are required to re-login to their LastPass account and reset the MFA after the company was hacked at the end of last year. And by the way, we also talked that LastPass Breach Investigation Goes On, Things are Even Worse.

Let me remind you that media also wrote that Hackers Broke into the Home PC of the Developer of the LastPass Password Manager and Penetrated the Company’s Cloud Storage, and also that Hunter Biden’s top-secret laptop was protected with a simple password.

The new security measures that will be introduced as part of the planned improvements in this area were announced by the company on May 9th.

Reset MFA in LastPass

As a result, many users were off their accounts and lost access to the LastPass vault, even after successfully resetting MFA apps (eg LastPass Authenticator, Microsoft Authenticator, Google Authenticator).

The problem is exacerbated by the fact that victims cannot even contact LastPass support for help, since it requires logging into their account, and people are locked in an endless loop where they are prompted to reset the MFA.

Reset MFA in LastPass

Forced MFA resync now prevents me from logging in because LastPass doesn’t recognize the new MFA code.says one affected user.
After resetting the MFA, I completely lost access to my storage. The master password does not work, the reset does not work, and even the reset email does not come at all.writes another.
I was prompted to re-enter the master password, then I was forced to reset the MFA, which I successfully did, and now I cannot log in. I can’t even contact support because I need to be logged in to do it.complains another victim.

At the same time, LastPass developers report that they warned about the upcoming reset of the MFA through messages in the application “several weeks” before the start.

Since the warnings clearly didn’t work, the company is now issuing security patch newsletters explaining to users that these changes are necessary to increase the password iterations to the new default value of 600,000.

To increase the security of your master password, LastPass uses a stronger version of the Password-Based Key Derivation Function (PBKDF2). At its core, PBKDF2 is a “password strengthening algorithm” that makes it difficult for a computer to verify that any 1 password is the correct master password during a compromising attack.the developers explain in a bulletin sent to affected users.
Forced logout + MFA resync happens as we increase the number of password iterations for clients. This is due to the encryption of your LastPass vault.the company adds on Twitter.

In another newsletter, the company says users need to re-enable multi-factor authentication to stay secure when logging into LastPass.

You must log into the LastPass website in your browser and re-register your MFA app before you can access LastPass on your mobile device again. You cannot reconnect using the LastPass browser extension or the LastPass Password Manager app.the developers explain.

The entire procedure required to reset the pairing between LastPass and an authenticator app (LastPass Authenticator, Microsoft Authenticator, or Google Authenticator) is now detailed in a separate document.

As part of security enhancements, users are now prompted to verify their location when they sign in to a website or app using LastPass. Also, if you sign in to a site or app that used LastPass to sign in, you’ll need to re-enter your credentials and authenticate with the authenticator app. The next time you sign in to a site or app using LastPass, you are asked to repeat the same process as an added security measure.

Following an incident in 2022, we sent email and in-product messages to our entire customer base recommending that they reset their MFA secrets with their preferred authenticator app as a precautionary measure. This recommendation was also included in the security bulletins we sent to our B2C and B2B customers in early March and follow-up emails in early April. However, some of our customers still haven’t completed these steps, so we’ve asked them to take action when logging into LastPass. We launched this built-in messaging product in early June in the hope that we would get more response than our emails.a LastPas spokesperson told Bleeping Computer.

The post LastPass Users Can’t Login to App after Resetting MFA appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/reset-mfa-in-lastpass/feed/ 0 15581
BatCloak’s New Obfuscation Engine Outperforms 80% of Antiviruses https://gridinsoft.com/blogs/batcloak-obfuscation-engine/ https://gridinsoft.com/blogs/batcloak-obfuscation-engine/#respond Tue, 13 Jun 2023 15:53:53 +0000 https://gridinsoft.com/blogs/?p=15288 Trend Micro researchers reported recently that since September 2022, attackers have been actively using a malware obfuscation engine called BatCloak, which allows cybercriminals to effectively hide malicious code from antivirus solutions. According to experts, with BatCloak attackers can easily download different families of malware and exploits through heavily obfuscated batch files. Of the 784 malware… Continue reading BatCloak’s New Obfuscation Engine Outperforms 80% of Antiviruses

The post BatCloak’s New Obfuscation Engine Outperforms 80% of Antiviruses appeared first on Gridinsoft Blog.

]]>

Trend Micro researchers reported recently that since September 2022, attackers have been actively using a malware obfuscation engine called BatCloak, which allows cybercriminals to effectively hide malicious code from antivirus solutions.

According to experts, with BatCloak attackers can easily download different families of malware and exploits through heavily obfuscated batch files. Of the 784 malware detected by researchers, almost 80% were not detected by any of VirusTotal’s antivirus engines.

Let me remind you that we also wrote that ChatGPT Has Become A New Tool For Cybercriminals In Social Engineering, and also that Russian Hacker Sells Terminator Tool That Is Allegedly Able To Bypass Any Antivirus Programs.

BatCloak is the basis for a batch file building tool called Jlaive that can bypass the Antimalware Scan Interface (AMSI) and compress and encrypt the main payload to increase evasion levels.

The Jlaive tool was published on GitHub and GitLab in September 2022 by a developer under the pseudonym ch2sh as “EXE to BAT crypter“. It has since been copied, modified and ported to other programming languages.

The final payload is a “three-layer loader” – a C# loader, a PowerShell loader, and a batch loader. The latter serves as the starting point for decoding and unpacking each stage, and ultimately launching the hidden virus.

Batcloak obfuscation engine
BatCloak attack chain

BatCloak has received many updates and adaptations since it first appeared in the wild (ITW). Its latest version is called ScrubCrypt and was isolated by Fortinet experts during an investigation into a cryptojacking operation by the 8220 gang.

The decision to move from an open framework to a closed one, made by the ScrubCrypt developer, can be explained by the achievements of previous projects, such as Jlaive, as well as the desire to monetize the project and protect it from unauthorized copying.Trend Micro experts suggested.

In addition, ScrubCrypt is designed to be compatible with various well-known malware families such as Amadey, AsyncRAT, DarkCrystal RAT, Pure Miner, Quasar RAT, RedLine Stealer, Remcos RAT, SmokeLoader, VenomRAT, and Warzone RAT.

The evolution of BatCloak highlights the flexibility and adaptability of this engine and highlights the development of batch file FUD obfuscators.the researchers concluded.

The post BatCloak’s New Obfuscation Engine Outperforms 80% of Antiviruses appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/batcloak-obfuscation-engine/feed/ 0 15288
CAPTCHA in Discord Asks Users to Find Non-Existent Objects Created by AI https://gridinsoft.com/blogs/captcha-in-discord-and-ai/ https://gridinsoft.com/blogs/captcha-in-discord-and-ai/#respond Mon, 29 May 2023 09:51:36 +0000 https://gridinsoft.com/blogs/?p=14735 Users complain that the Discord CAPTCHA provided by hCaptcha forces them to look for non-existent objects created by AI in the provided photos. For example, an object called “Yoko”, which looks like a hybrid of a snail and a yo-yo, which is invented and created by AI and does not exist in reality. Let me… Continue reading CAPTCHA in Discord Asks Users to Find Non-Existent Objects Created by AI

The post CAPTCHA in Discord Asks Users to Find Non-Existent Objects Created by AI appeared first on Gridinsoft Blog.

]]>
Users complain that the Discord CAPTCHA provided by hCaptcha forces them to look for non-existent objects created by AI in the provided photos. For example, an object called “Yoko”, which looks like a hybrid of a snail and a yo-yo, which is invented and created by AI and does not exist in reality.

Let me remind you that we also wrote that GPT-4 Tricked a Person into Solving a CAPTCHA for Them by Pretending to Be Visually Impaired, and also that New hCaptcha bypass method may not affect Cloudflare’s security.

Discord CAPTCHA Created by AI Confuses Users

According to Vice Motherboard journalists, several people immediately complained on social networks about the strange object Yoko, which was required to be found among other photos to enter Discord.

CAPTCHA in Discord and AI

At the same time, other users found that they were asked to find images of a puzzle cube, which was also created by artificial intelligence and did not look too much like a real-life object. In addition, all the objects in the task look like they came straight from the Uncanny Valley.

CAPTCHA in Discord and AI

CAPTCHAs for Discord are provided by hCaptcha, and Discord representatives told reporters that the technology that generates these prompts “is the property of a third party partner and Discord does not directly determine what will be presented to users”. In turn, representatives of hCaptcha explained that what happened was “a short test that a small number of people saw.” Since hundreds of millions of users use the technology in total, even this “brief test” resulted in the tweets shown above.

The publication notes that hCaptcha positions itself as a privacy-focused alternative to reCAPTCHA. According to a 2018 blog post, hCaptcha prompts are self-generated by clients who need “high-quality, human-generated annotations for their machine learning needs.”

That is, hCaptcha makes money both from clients like Discord who buy professional and enterprise subscriptions to run CAPTCHA services, and from clients who create prompts. In fact, hCaptcha uses its own CAPTCHA for machine learning systems and generative adversarial networks.

And this is not the first time that people have noticed the appearance of strange images in hCaptcha services and note that the company apparently trains AI with the help of users. So, two months ago, a Reddit user noticed that Discord asked him to find among the images of people playing hockey and golf, football players, which was clearly created by artificial intelligence. In March, another Reddit user complained that Discord’s CAPTCHA had become almost unsolvable.

For example, in the “Choose a robot” task, any of the images looked like created by a person. I end up not getting an account verification email at all, even after all these hoop jumps. Seriously, blocking bots is fine, but trying to train AI with crappy CAPTCHA images is another thing.wrote the user FunnerThanUsual in the Discord subreddit.

CAPTCHA in Discord and AI

Journalists summarize that the work of hCaptcha is a prime example of the problems that arise with machine learning systems. The first is that AI systems require significant human input. For example, as a rule, indexing and categorization of images is transferred to outsourcers from developing countries, whose work is extremely poorly paid. Another problem is data drift: the longer machine learning systems work, the more data they need. Ultimately, they begin to use data that they themselves have generated for self-learning. And systems that train for a long enough time on themselves eventually come to the point that they issue requests for the definition of incomprehensible objects, like Yoko.

CAPTCHA in Discord Asks Users to Find Non-Existent Objects Created by AI

The post CAPTCHA in Discord Asks Users to Find Non-Existent Objects Created by AI appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/captcha-in-discord-and-ai/feed/ 0 14735
Microsoft Edge Exposes Bing API Addresses of Attended Sites https://gridinsoft.com/blogs/microsoft-edge-and-bing/ https://gridinsoft.com/blogs/microsoft-edge-and-bing/#respond Wed, 03 May 2023 08:19:34 +0000 https://gridinsoft.com/blogs/?p=14398 Users have noticed that a bug seems to have crept into Microsoft Edge – the fact is that, starting with build 112.0.1722.34, the browser passes all the URLs that users visit to the Bing API. In theory, this allows Microsoft to monitor all online activity of Edge users if the company decides so. Let me… Continue reading Microsoft Edge Exposes Bing API Addresses of Attended Sites

The post Microsoft Edge Exposes Bing API Addresses of Attended Sites appeared first on Gridinsoft Blog.

]]>

Users have noticed that a bug seems to have crept into Microsoft Edge – the fact is that, starting with build 112.0.1722.34, the browser passes all the URLs that users visit to the Bing API. In theory, this allows Microsoft to monitor all online activity of Edge users if the company decides so.

Let me remind you that we also wrote that Bing Chatbot Could Be a Convincing Scammer, Researchers Say, and also that Phishers Can Bypass Multi-Factor Authentication with Microsoft Edge WebView2.

The problem was first discovered by a Reddit user with the nickname HackerMcHackface. In his opinion, the error is related to a disabled content aggregation feature in Edge called Collections, which prompts content creators to create special offers for users.

Apparently, since the release of Microsoft Edge build 112.0.1722.34, the default behavior of Collections has changed. Whereas in previous versions of Edge this feature was limited to a subset of social networking sites, including YouTube and Pinterest, it’s clearly more widespread now.

For example, when visiting whitelisted pages, URLs are typically sent to the Bing API to determine whether the browser should show a pop-up window with some kind of recommendation that will appear in the user’s address bar. If the user clicks on such a popup, content from that author will be added to Collections.

Microsoft Edge and Bing
Collections example

However, according to HackerMcHackface, a request to bingapis.com, with the full URL of the page being visited, is now almost always transmitted, allowing Microsoft to monitor all Internet activities of Edge users.

Let me also remind you that the media wrote that Microsoft to Limit Chatbot Bing to 50 Messages a Day.

Microsoft representatives told The Verge journalists that they already know about this problem, and the company’s specialists are already investigating.

According to the publication, the idea seemed to be to notify Bing when a user is on certain pages (like YouTube or Reddit), but something went wrong and now Bing gets information about almost every domain a person visits. .

Until the issue is fixed, Edge users are strongly advised to disable this feature by going to settings, under the “Privacy, search, and services” tab, and unchecking “Show suggestions to follow creators in Microsoft Edge” at the bottom of the page.

The post Microsoft Edge Exposes Bing API Addresses of Attended Sites appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/microsoft-edge-and-bing/feed/ 0 14398
Blogger Forced ChatGPT to Generate Keys for Windows 95 https://gridinsoft.com/blogs/chatgpt-and-windows-95-keys/ https://gridinsoft.com/blogs/chatgpt-and-windows-95-keys/#respond Tue, 04 Apr 2023 09:27:08 +0000 https://gridinsoft.com/blogs/?p=14028 YouTube user Enderman demonstrated that he was able to force ChatGPT to generate activation keys for Windows 95. Let me remind you that we also wrote that Russian Cybercriminals Seek Access to OpenAI ChatGPT, and also that GPT-4 Tricked a Person into Solving a CAPTCHA for Them by Pretending to Be Visually Impaired. Our colleagues… Continue reading Blogger Forced ChatGPT to Generate Keys for Windows 95

The post Blogger Forced ChatGPT to Generate Keys for Windows 95 appeared first on Gridinsoft Blog.

]]>

YouTube user Enderman demonstrated that he was able to force ChatGPT to generate activation keys for Windows 95.

Let me remind you that we also wrote that Russian Cybercriminals Seek Access to OpenAI ChatGPT, and also that GPT-4 Tricked a Person into Solving a CAPTCHA for Them by Pretending to Be Visually Impaired.

Our colleagues warned that Amateur Hackers Use ChatGPT to Create Malware.

At the same time, a direct request for keys from the Open AI chatbot did not give anything, and the YouTuber approached the problem from a different angle.

After refusing to generate a key for Windows 95, ChatGPT explained that it could not complete the task and instead suggested that the researcher consider a newer and more supported version of Windows (10 or 11).

However, the format of activation keys for Windows 95 is quite simple and has been known for a long time (see the image below), and Enderman converted it into a text query and asked the AI to create the desired sequence.

ChatGPT and Windows 95 keys

Although the first attempts were not successful, a number of changes to the request structure helped to solve the problem.

ChatGPT and Windows 95 keys

The researcher ran tests and tried to activate the new Windows 95 in a virtual machine. It turned out that about 1 out of 30 keys generated by ChatGPT worked as it should.

The only problem that prevents ChatGPT from successfully generating valid Windows 95 keys every time is that it can’t sum the digits and doesn’t know about divisibility.the blogger Enderman said.

So, in a five-digit string, the sum of the digits which must be a multiple of seven, the AI substitutes a series of random numbers and fails this simple mathematical test.

After creating many activation keys for Windows 95, the researcher thanked the AI by writing, “Thanks for the free Windows 95 keys!” In response to this, the chatbot stated that it was strictly forbidden for him to create keys for any software, but Enderman continued to configure and said that he had just activated the installation of Windows 95 using such a key. Then ChatGPT replied that this was impossible because support for Windows 95 was discontinued in 2001, all keys for this OS have long been inactive, and it is strictly forbidden for him to create keys.

The post Blogger Forced ChatGPT to Generate Keys for Windows 95 appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/chatgpt-and-windows-95-keys/feed/ 0 14028
ChatGPT Users Complained about Seeing Other People’s Chat Histories https://gridinsoft.com/blogs/other-peoples-chats-in-chatgpt/ https://gridinsoft.com/blogs/other-peoples-chats-in-chatgpt/#comments Wed, 22 Mar 2023 10:18:26 +0000 https://gridinsoft.com/blogs/?p=13890 Some ChatGPT users have reported on social media that their accounts show other people’s chat histories. Let me remind you that we also wrote that Russian Cybercriminals Seek Access to OpenAI ChatGPT, and also that Bing Chatbot Could Be a Convincing Scammer, Researchers Say. The media also reported that Amateur Hackers Use ChatGPT to Create… Continue reading ChatGPT Users Complained about Seeing Other People’s Chat Histories

The post ChatGPT Users Complained about Seeing Other People’s Chat Histories appeared first on Gridinsoft Blog.

]]>

Some ChatGPT users have reported on social media that their accounts show other people’s chat histories.

Let me remind you that we also wrote that Russian Cybercriminals Seek Access to OpenAI ChatGPT, and also that Bing Chatbot Could Be a Convincing Scammer, Researchers Say.

The media also reported that Amateur Hackers Use ChatGPT to Create Malware.

As a result, the OpenAI developers were forced to temporarily disable this functionality in order to fix the bug. The company emphasized that because of the bug, people saw only the headlines of other people’s conversations, but not their content.

The ChatGPT interface has a sidebar that displays past conversations with the chatbot, visible only to the account owner. However, yesterday several people reported that ChatGPT began showing them other people’s chat histories. At the same time, one of the users emphasized that he does not see all someone else’s correspondence, but only the names of different conversations with the bot.

Other people's chats in ChatGPT
Alien logs in the sidebar

After a number of messages about this problem, the chat histories began to give an error “Unable to load history”, and then the service was completely disabled. According to the OpenAI status page and company representatives’ comments, given by Bloomberg, the problem did not extend to the full conversation logs, and only their titles were disclosed.

The developers are now saying they have found the cause of the crash, which appears to be related to unnamed open-source software used by the OpenAI.

The service has been restored, but many users still do not see the old conversation logs, and the team assures that they are already working on restoring them.

The media note that this is an important reminder of why you should not share any sensitive information with ChatGPT. After all, the FAQ on the OpenAI website has its reasons to say: “Please do not share any confidential information in your conversations.” The fact is that the company cannot remove certain data from the logs, and conversations with the chatbot can be used to train AI.

As part of our commitment to safe and responsible AI, we review conversations to improve our systems and to ensure the content complies with our policies and safety requirements.the Open AI FAQ says.

The post ChatGPT Users Complained about Seeing Other People’s Chat Histories appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/other-peoples-chats-in-chatgpt/feed/ 1 13890
Nearly 50% of Cybersecurity Leaders Will Change Jobs by 2025 https://gridinsoft.com/blogs/heads-of-cybersecurity-departments/ https://gridinsoft.com/blogs/heads-of-cybersecurity-departments/#respond Tue, 28 Feb 2023 17:04:13 +0000 https://gridinsoft.com/blogs/?p=13540 According to a new report from Gartner, by 2025, nearly 50% of cybersecurity leaders will change jobs, and 25% will move to other roles solely because of multiple job-related stressors. Let me remind you that we also wrote that Malware developers are increasing the use of the unusual programming languages, and also that Microsoft estimated… Continue reading Nearly 50% of Cybersecurity Leaders Will Change Jobs by 2025

The post Nearly 50% of Cybersecurity Leaders Will Change Jobs by 2025 appeared first on Gridinsoft Blog.

]]>

According to a new report from Gartner, by 2025, nearly 50% of cybersecurity leaders will change jobs, and 25% will move to other roles solely because of multiple job-related stressors.

Let me remind you that we also wrote that Malware developers are increasing the use of the unusual programming languages, and also that Microsoft estimated that ransomware attacks take less than 45 minutes.

Also the media noted that The number of ransomware DDoS attacks has dropped significantly.

Deepti Gopal
Deepti Gopal
Cybersecurity professionals face an unacceptable level of stress. CIOs are constantly on the defensive, with the only possible outcome being that their company gets hacked or it doesn’t. The psychological impact of this directly affects the quality of decisions and the effectiveness of cybersecurity leaders and their teams.chief analyst at Gartner Deepti Gopal said.

Given these dynamics, as well as the huge market opportunities for security professionals, employee turnover is a major threat to security teams.

Gartner research shows that compliance-focused cybersecurity programs, low management support, and poor industry maturity are all signs of an organization that does not consider security risk management critical to business success. Such companies are likely to have higher turnover rates as talents move into positions where their impact is felt and appreciated.

Eliminating work stress is nearly impossible, according to Gartner experts, but employees can handle incredibly complex and stressful work in teams where they are supported.

Gartner predicts that by 2025, the lack of highly qualified specialists or human error will be the cause of more than 50% of disruptive cyber incidents. The number of cyberattacks and social engineering attacks is on the rise as attackers increasingly see humans as the most vulnerable point of exploitation.

A Gartner survey conducted in May and June 2022 of 1,310 employees found that 69% of employees violated their organization’s guidelines for cybersecurity over the past 12 months. In a survey, 74% of employees said they would be willing to bypass cybersecurity guidance if it helped them or their team achieve a business goal.

Gartner vice president of analytics Paul Furtado argues that contention, which slows down employees and leads to unsafe team behavior, is an important factor in an insider attack.

To counter this growing threat, Gartner predicts that by 2025, 50% of midsize and large businesses will implement insider attack risk management programs (compared to 10% currently).

A targeted insider attack risk management program should proactively identify behavior that could lead to potential theft of corporate assets or other malicious activities and provide corrective recommendations.

Furtado noted that cybersecurity directors should consider the risk of insider attacks when developing a cybersecurity program. Traditional cybersecurity tools have limited visibility into threats coming from within.

Reference:

Gartner is an American research and consulting company specializing in information technology markets. Considered a key researcher of IT markets.

The post Nearly 50% of Cybersecurity Leaders Will Change Jobs by 2025 appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/heads-of-cybersecurity-departments/feed/ 0 13540
Change in the IP Address of the Router Caused a Massive Outage of Microsoft Services https://gridinsoft.com/blogs/mass-outage-of-microsoft-services/ https://gridinsoft.com/blogs/mass-outage-of-microsoft-services/#respond Tue, 31 Jan 2023 09:10:54 +0000 https://gridinsoft.com/blogs/?p=13322 Last week, Microsoft 365 services around the world suffered a major outage that lasted about five hours. As the company said now, the problem was caused by a mistake when changing the IP address of the router, which led to problems with forwarding packets between other WAN routers and cascading. Let me remind you that… Continue reading Change in the IP Address of the Router Caused a Massive Outage of Microsoft Services

The post Change in the IP Address of the Router Caused a Massive Outage of Microsoft Services appeared first on Gridinsoft Blog.

]]>

Last week, Microsoft 365 services around the world suffered a major outage that lasted about five hours. As the company said now, the problem was caused by a mistake when changing the IP address of the router, which led to problems with forwarding packets between other WAN routers and cascading.

Let me remind you that we also wrote that Facebook explained the reasons for the global failure, and also that Janet Jackson Song Killed Hard Drives on Old Laptops.

You might also be interested in: First Patches of 2023: Microsoft Fixes 98 Vulnerabilities, Including 0-Day under Attacks.

Initially, immediately after the problems occurred, Microsoft reported that the failure was caused by problems with the DNS and WAN configuration, which provoked a WAN update. This led to erratic crashes that peaked about every 30 minutes, as evidenced by the Microsoft Azure status page (which was also affected by the problems, since the page periodically showed the “504 Gateway Time-out” error).

Mass outage of Microsoft services

The affected services include Microsoft Teams, Exchange Online, Outlook, SharePoint Online, OneDrive for Business, PowerBi, Microsoft 365 Admin Center, Microsoft Graph, Microsoft Intune, Microsoft Defender for Cloud Apps, and Microsoft Defender for Identity.

As the company now said, the problem arose after changing the IP address of the WAN router using a command that “was not thoroughly tested and showed different behavior on different network devices.”

As part of a scheduled IP update on the WAN router, a command given to the router caused it to send messages to all other WAN routers, causing them all to recalculate their adjacency and forwarding tables. During this process, the routers could not correctly forward the packets passing through them.the report says.

Although the network eventually began to recover on its own, the automated systems responsible for keeping the WAN up and running were suspended due to the impact on the network. The shutdown affected systems for identifying and eliminating inoperable devices, as well as traffic management and optimization systems.

As a result of this pause, some network paths continued to lose packets until the systems were manually restarted and the WAN returned to optimal operating conditions, completing the recovery process.

Microsoft specialists assure that they will now block the execution of commands that can lead to such a “resonance”, and will also require that all commands executed strictly comply with the recommendations for safe configuration changes.

The post Change in the IP Address of the Router Caused a Massive Outage of Microsoft Services appeared first on Gridinsoft Blog.

]]>
https://gridinsoft.com/blogs/mass-outage-of-microsoft-services/feed/ 0 13322