A whistleblower's disclosure details how DOGE may have taken sensitive labor data
The DOGE team demanded and obtained high-privilege accounts, turned off logging, disabled two-factor authentication, and exfiltrated a large amount of data using DNS tunneling and other methods. When the NLRB security tech complained, a threatening note was taped to his door, including threatening language, sensitive personal information and overhead pictures of him walking his dog, apparently from a drone.
Within minutes after DOGE accessed the NLRB's systems, someone with an IP address in Russia started trying to log in, using one of the newly created DOGE accounts — and the person had the correct username and password,
The NLRB's acting press secretary, denied that the agency granted DOGE access to its systems and said DOGE had not requested access to the agency's systems. Bearese said the agency conducted an investigation after Berulis raised his concerns but "determined that no breach of agency systems occurred."
Europe's cloud customers eyeing exit from US hyperscalers
"There are three factors. The first is really the unreliability, because we see what Trump is doing and the danger is that things will be just switched off from one day to another for negotiation purposes. Then we see the whole question around pricing with the tariffs. And then the other thing is really the espionage factor. This is relatively new and surprising to me ... but now you see what Musk is doing, that you can access really confidential databases ... I think this is a realistic fear nowadays."
Alex Stamos’ Post Supporting Chris Krebs
Patrick Gray from the Risky Business podcast has cancelled his trip to RSA
"It's not worth the risk to travel to the USA under this administration"
A weird phrase is plaguing scientific papers – and we traced it back to a glitch in AI training data
Earlier this year, scientists discovered a peculiar term appearing in published papers: “vegetative electron microscopy.”
It came from parsing errors in digitized papers from the 1950s, combining words from two columns together.
This ‘College Protester’ Isn’t Real. It’s an AI-Powered Undercover Bot for Cops
Massive Blue is helping cops deploy AI-powered social media bots to talk to people they suspect are anything from violent sex criminals all the way to vaguely defined “protesters.”
To Make Language Models Work Better, Researchers Sidestep Language
By performing reasoning in "latent space," the stage of computation that merely works in weights and signal strengths without resolving the answer to words (tokens), reasoning models can run far more efficiently.
LAPD Publishes Crime Footage It Got From a Waymo Driverless Car
Police are starting to realize they can demand footage from driverless cars.
CCSF is #3 out of 116 colleges on the eCTF Contest
OpenAI is building a social network
A social app would give OpenAI its own unique, real-time data that X and Meta already have to help train their AI models.
New Okta Platform features help control surge of non-human identities (NHI)
Most of the user identities in the modern workplace aren't human, and the number of NHIs is rapidly growing.
Their passwords tend to not be regularly rotated, they often have more privileges than they need, they may not be adequately monitored, and they may not use multi-factor authentication (MFA). Even worse, a NHI can cause a very big mess if it's compromised, as it can give attackers a hidden, powerful way into a network.
Okta limits NHI's duration of privileges and access to secrets, rotates secrets, and audits access logs.
Monk Trapped in Fake Police Call, Loses Rs 2.5 Crore During 26-Day Virtual Arrest