Dino A. Dai Zovi

Google unveils Private AI Compute, a cloud platform providing a “secure, fortified space” to run AI tools on devices, similar to Apple's Private Cloud Compute

Google says Private AI Compute maintains privacy while tapping cloud resources.

X prompts users to re-enroll their security keys for 2FA, and will lock accounts that are not updated by Nov. 10, allowing it to retire the Twitter.com domain

If you're using a hardware security key as your two-factor authentication (2FA) method on X, you'll need to re-enroll by Nov. 10 or your account will be locked.

Apple says the iPhone 17 and iPhone Air have Memory Integrity Enforcement, “industry-first, always-on memory safety protection”, like Microsoft and Google offer

Memory Integrity Enforcement is always-on safety protection designed to make life harder for spyware developers.

Leaked spreadsheets, Slack messages, and files linked to an alleged group of North Korean IT scammers show how they track potential jobs and record earnings

A new cache of data—emails, spreadsheets, Slack messages—reveals how meticulously they plan and track job applications, earnings, and day-to-day work life X: Dino A. Dai Zovi / @di...

Amnesty International says Google has fixed three zero-day vulnerabilities in Android, developed by Cellebrite and used by Serbia to unlock phones

Amnesty International said that Google fixed previously unknown flaws in Android that allowed authorities to unlock phones using forensic tools.

A profile of CrowdStrike, founded in 2011 and used by 300 companies in the Fortune 500; Gartner: CrowdStrike has ~15% of the global security software market

The unending need to cut cost (at all cost) to improve “metrics” that have nothing to do with creating sustainable, quality results... Yeah, it's bleak. … Phil Stevens / @phil_stev...

Microsoft estimates that CrowdStrike's update affected 8.5M Windows devices, or less than 1% of all Windows machines

On July 18, CrowdStrike, an independent cybersecurity company, released a software update that began impacting IT systems globally.  Although this was not a Microsoft incident …

A profile of CrowdStrike, founded in 2011 and used by 300 companies in the Fortune 500; Gartner: CrowdStrike has ~15% of the global security software market

The little-known company is very popular in Corporate America, contributing to the severity of the global IT outage

A closer look at Apple's AI strategy: Project Greymatter, local and cloud LLM data processing, Siri, sealing a chatbot partnership deal with OpenAI, and more

Though Apple's first set of modern AI features won't be as impressive as rival offerings, the company is betting that its massive customer base can give it an edge.

A closer look at Apple's AI strategy: Project Greymatter, local and cloud LLM data processing, Siri, sealing a chatbot partnership deal with OpenAI, and more

Though Apple's first set of modern AI features won't be as impressive as rival offerings, the company is betting that its massive customer base can give it an edge.

Intel confirms its proprietary UEFI code appears to have been leaked by a third party; the Alder Lake BIOS source code was leaked to 4chan and GitHub

Hack's perpetrator and origins remain unknown.  —  We recently broke the news that Intel's Alder Lake BIOS source code had been leaked …

Signal says attackers accessed the phone numbers and SMS verification codes for around 1,900 users as part of the recent Twilio breach

just reasons I don't understand. Can somebody explain those reasons to me? https://twitter.com/... Joseph Menn / @josephmenn : Every time there is a high-end attack on a critical e...

Sources: NSA and other agencies are investigating an attack that disabled Viasat's satellite internet service in Europe on February 24 as Russia invaded Ukraine

Signal CEO Moxie Marlinspike steps down; WhatsApp co-founder Brian Acton will act as the interim CEO as the search for a permanent replacement begins

It's a new year, and I've decided it's a good time to replace myself as the CEO of Signal.  —  I have now been working on Signal for almost a decade.

FBI email servers were hacked to send spam warning of a “sophisticated chain attack”, with a likely goal to discredit security researcher Vinny Troia

The Federal Bureau of Investigation (FBI) email servers were hacked to distribute spam email impersonating FBI warnings …

FBI email servers were hacked to send spam warning of a “sophisticated chain attack”, with a likely goal to discredit security researcher Vinny Troia

The Federal Bureau of Investigation (FBI) email servers were hacked to distribute spam email impersonating FBI warnings …

The person claiming responsibility for the FBI email server hack says they were able to send spam messages by abusing insecure code in the FBI's LEEP portal

even with how silly it was written AND not following protocol — was NOT the weird juju I wanted going into this weekend. https://krebsonsecurity.com/ ... https://twitter.com/... @e...

FBI email servers were hacked to send spam warning of a “sophisticated chain attack”, with a likely goal to discredit security researcher Vinny Troia

The Federal Bureau of Investigation (FBI) email servers were hacked to distribute spam email impersonating FBI warnings …

How US agencies are preparing for “post-quantum cryptography” against attackers who harvest sensitive data now for decryption in the future

The US government is starting a generation-long battle against the threat next-generation computers pose to encryption. Tweets: @techreview , @techreview , @aarongrunwald , @statec...

In an SEC filing, Sinclair confirms it suffered a ransomware attack that disrupted its channels on Sunday; Sinclair initially blamed technical issues

Sinclair formally confirmed the ransomware attack a day after this initial report in SEC documents.  Original reporting below. Source: Business Wire .