Reading view
Moondrop Isle
Click on the dock by the shore to start. It's pretty new so you will find some some unpolished or even buggy things if you spend much time with it, but it's fun to explore. Your progress in the game will be saved in your browser but you can also type
>saveto download an interesting form of save file. If you've never played this type of game before, A Beginner's Guide to Interactive Fiction has some tips for you.
Apple Intelligence and Privacy @ WWDC '24
The system will debut in the pending iOS 18, iPadOS 18, and macOS Sequoia releases and is composed of three separate layers: 1) On device, the primary mode which draws upon all personal information across apps, contacts, conversations, etc. to create a highly-detailed, user-specific context Apple refers to as a "semantic index." In addition to the ability to parse information currently displayed on screen when requested, there is a new developer API so that third-party applications can specify what kind of information Siri can draw from them, and request appropriate generated text and images. The specific information gathered and any derived data or personalized fine-tuning remains on your device, with the limited exception of difficult queries which are handed off to... 2) Private Cloud Compute, a semi-anonymous cloud-based neural network inference service hosted by Apple with exposure of personal data limited specifically to the query at hand, using a cryptographically-signed software stack and operating with a no-data-retention policy. The segment on Private Cloud Compute featured an unusually candid critique of the data harvesting common to machine learning systems by competing tech giants, without specifically naming... 3) OpenAI's ChatGPT, which will be available later this year and only with explicit user opt-in (on each individual query) for queries the new Siri detects as likely to benefit from scale beyond both on-device hardware and Private Cloud Compute. Data sent to OpenAI is heavily anonymized and multi-modal (meaning combined text and images) for asking questions about an image. Apple mentioned that other models may later become available, but did not specify whether this meant Google's Gemini, Facebook's Llama-3, or potentially even self-hosted endpoints based on open source models like Mistral 8x7b.
OpenText Boosts MDR Offering for MSPs With Pillr Acquisition β Source: www.databreachtoday.com
Source: www.databreachtoday.com β Author: 1 Governance & Risk Management , Managed Detection & Response (MDR) , Managed Security Service Provider (MSSP) Purchase Fills Gap in OpenTextβs Cyber Offering for Small and Mid-Sized Businesses Michael Novinson (MichaelNovinson) β’ May 22, 2024 Β Β OpenText will fill the managed detection and response gap in its cyber platform [β¦]
La entrada OpenText Boosts MDR Offering for MSPs With Pillr Acquisition β Source: www.databreachtoday.com se publicΓ³ primero en CISO2CISO.COM & CYBER SECURITY GROUP.
19 million plaintext passwords exposed by incorrectly configured Firebase instances
Three researchers scanned the internet for vulnerable Firebase instances, looking for personally identifiable information (PII).
Firebase is a platform for hosting databases, cloud computing, and app development. Itβs owned by Google and was set up to help developers build and ship apps.
What the researchers discovered was scary. They found 916 websites from organizations that set their Firebase instances up incorrectly, some with no security rules enabled at all.
One of the researchers told BleepingComputer that most of the sites also had write enabled (meaning anyone can change it) which is bad, and one of them was a bank.
During a sweep of the internet that took two weeks, the researchers scanned over five million domains connected to Googleβs Firebase platform.
The total amount of exposed data is huge:
- Names: 84,221,169
- Emails: 106,266,766
- Phone Numbers: 33,559,863
- Passwords: 20,185,831
- Billing Info (Bank details, invoices, etc): 27,487,924
And as if that isnβt bad enough, 19,867,627 of those passwords were stored in plaintext. Which is a shame given that Firebase has a built-in end-to-end identity solution called Firebase Authentication that is specifically designed for secure sign-in processes and does not expose user passwords in the records.
So, an administrator of a Firebase database would have to go out of their way and create an extra database field in order to store the passwords in plaintext.
The researchers have warned all the affected companies, sending 842 emails in total. Only 1% of the site owners replied, but about a quarter of them did fix the misconfiguration.
In this case we can consider it a blessing that these researchers managed to get a lot of those instances correctly configured. On the other hand itβs frightening that the rest lives on in a state of insecurity.
Check your digital footprint
If you want to find out how much of your data has been exposed online, you can try our free Digital Footprint scan. Fill in the email address youβre curious about (itβs best to submit the one you most frequently use) and weβll send you a free report.
We donβt just report on threats β we help safeguard your entire digital identity
Cybersecurity risks should never spread beyond a headline. Protect yourβand your familyβsβpersonal information by using identity protection.