Microsoft Giving Recall Another Chance
Last year, we reported that Microsoft would be implementing an AI-powered tool in Windows 11 called Recall, which screenshots the entire screen every three seconds. You can then view the history of everything you do on your PC and even search for something specific. After massive backlash, Microsoft ended up putting a pause on Recall. However, the company has decided it's been long enough since its first attempt, and it will now be including Recall in an upcoming Windows 11 release.
This time around, Recall will be opt-in, so it won't be enabled by default, and you will also be able to pause the feature at any time. There will also be a variety of features to improve user privacy. For example, you can filter specific websites and apps from being snapshotted by Recall. There is also a setting to prevent sensitive information from being stored, which means you can prevent things like passwords or medical records from being captured by the AI tool. Additionally, all of Recall's snapshots are always stored locally, so they cannot be accessed by the cloud. Of course, all of this depends on how much you trust Microsoft to be completely honest about what Recall is and isn't capturing.
The Bottom Line: Despite the improvements made to make Recall more secure, if you have a Windows 11 Copilot+ PC, we definitely still do not recommend enabling Recall when it becomes available. In our opinion, there is still too much risk involved with letting an AI constantly capture your entire screen.
Cybersecurity "Expert" in Dozens of Criminal Trials May Not Have Been an Expert at All
Dozens of criminal cases may have to be reopened after the man used as an expert witness in the trials has fallen under suspicion of lying about his credentials. Read more at KrebsOnSecurity.
The Bottom Line: It may seem incredible that a supposed expert could appear in so many trials without raising any alarms, but it underlines just how fundamental a basic level of trust is for the everyday function of even critical systems like courts, and how easy it can be to coast on work supposedly done by others without reviewing it. You simply cannot function without choosing who to trust, but reviewing who you are trusting and where they get their expertise is always a worthwhile exercise.
Car Rental Company Suffers Data Breach
Cleo, a software vendor used by car rental company Hertz, was subjected to a cyberattack in late 2024. As a result, Hertz customers' personal data has been stolen, including names, dates of birth, driver's licenses, payment information, and more. According to Tech Crunch, customers in Australia, New Zealand, the EU, the UK, Canada, and some US states have been affected by this breach, though the company has not given a specific number.
The Bottom Line: If you have used Hertz in the past, be on the lookout for a notice from the company regarding the breach. You should also freeze your credit to prevent anyone from using your stolen data.
Wipe Your Data from the Web
As cyber threats and scams evolve, so must our tools to fight them. That's why Incogni is offering a brand new service: custom data removals. Any time you find yourself in a place online where you shouldn't be, you can submit that site to Incogni and they will get you off that site*. Get Incogni Unlimited and reclaim your privacy from anywhere that exposes you.
*Exceptions include social media, government records, blogs, and forums.
Ever Wondered Where All Those Spam Comments Come from on Every Website's Comments Section? It's OpenAI
SentinelOne, a cybersecurity firm, recently released a report detailing how an OpenAI-powered bot called AkiraBot was used to steal people's money. AkiraBot targeted small businesses and essentially would spam the comments section of their websites with promises to optimize the site so that it would appear at the top of search engine results. 404media has the full story.
The Bottom Line: Anti-spam systems can block spam comments, but they're expensive to maintain because it will always be easier to generate novel forms of spam than to detect them. Remember: it's never safe to accept offers of services that are sent to you unsolicited in the comments section of a website. Always double-check and vet any software before you pay for it, and before you install it.
US Bank Regulator Hack Would Have Been Prevented by Multi-Factor Authentication
Hackers were able to exploit an email account of the US Office of the Comptroller of the Currency and access 150,000 emails belonging to over 100 bank regulators. The attackers were able to guess the email account's password, and it appears the account was not protected by multi-factor authentication. That means the account did not ask the hackers to verify their identity and simply allowed them to log in to the account. The OCC says it is launching an investigation to find out how this happened and prevent it from happening again.
The Bottom Line: Always enable multi-factor authentication for your accounts when it is offered. Especially if you are securing important admin accounts.
Related: How to Set Up Two-Factor Authentication with Gmail
The FBI Posed as a Dark Web Money Launderer Named "Elon Musk" for Nearly a Year
A dark web user, calling himself "ElonmuskWHM," spent years working as a money launderer for other dark web users. The FBI was able to identify and arrest ElonmuskWHM, but then spent nearly a year operating the account in order to track down the account's dark web clients. Check out the full story on 404media.
The Bottom Line: No practical advice here, just some great journalism. Go read the story!
NSA Director & US Cyber Commander Fired
The director of the National Security Agency (NSA), General Timothy Haugh, has been fired, along with his deputy at the NSA, Wendy Noble. No reason was given by the administration. The NSA is the US agency for wiretapping and digital intelligence gathering: digital spying. US Cyber Command is a branch of the Department of Defense. Head over to The Washington Post for more information.
Former CISA Director Under Investigation
Chris Krebs, who was the head of the Cybersecurity and Infrastructure Security Agency (CISA) during the first Trump administration and responsible for securing the 2020 elections, is now under investigation by order of President Trump. Mr. Krebs was fired by Trump in 2020, after stating that the election was secure. He now works at SentinelOne.
The Bottom Line: The findings of over sixty court cases have agreed with Mr. Krebs' assessment that the election was secure. No credible evidence has emerged of election tampering in 2020, or since.
Tackle Your Credit Card Debt by Paying 0% Interest until Nearly 2027
If you have outstanding credit card debt, getting a new 0% intro APR credit card could help ease the pressure while you pay down your balances. Our credit card experts identified top credit cards that are perfect for anyone looking to pay down debt and not add to it! Click through to see what all the hype is about.
Comentarios
Publicar un comentario