Kali Linux

In a surprising move, Japan’s government recently reaffirmed that it will not enforce copyrights on data used in AI training. The policy allows AI to use any data “regardless of whether it is for non-profit or commercial purposes, whether it is an act other than reproduction, or whether it is content obtained from illegal sites or otherwise.” @Kalilinux https://technomancers.ai/japan-goes-all-in-copyright-doesnt-apply-to-ai-training/

https://www.youtube.com/watch?v=LNPqjcP7b7k @Kalilinux

May 25 (Reuters) - Elon Musk's brain-implant company Neuralink on Thursday said the U.S. Food and Drug Administration (FDA) had given the green light to its first-in-human clinical trial, a critical milestone after earlier struggles to gain approval. @Kalilinux https://www.reuters.com/science/elon-musks-neuralink-gets-us-fda-approval-human-clinical-study-brain-implants-2023-05-25

Microsoft has uncovered stealthy and targeted malicious activity focused on post-compromise credential access and network system discovery aimed at critical infrastructure organizations in the United States. The attack is carried out by Volt Typhoon, a state-sponsored actor based in China that typically focuses on espionage and information gathering. Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises. US government agencies, including the National Security Agency, the Cybersecurity and Infrastructure Security Agency (CISA), and the Justice Department published a joint advisory about Volt Typhoon's activity today alongside Canadian, UK, and Australian intelligence. “Private sector partners have identified that this activity affects networks across US critical infrastructure sectors, and the authoring agencies believe the actor could apply the same techniques against these and other sectors worldwide,” the agencies wrote. @Kalilinux https://www.microsoft.com/en-us/security/blog/2023/05/24/volt-typhoon-targets-us-critical-infrastructure-with-living-off-the-land-techniques/

Researchers have developed a point-based image manipulation system that uses generative artificial intelligence (AI) technology to allow users to precisely control the pose, shape, expression, and layout of objects. It’s like Photoshop’s Warp tool, but far more powerful. You’re not just smushing pixels around, but using AI to re-generate the underlying object. You can even rotate images as if they were 3D. @Kalilinux https://www.theverge.com/2023/5/19/23729633/ai-research-draggan-manipulate-images-click-and-drag

Framework announced its new high-performance 16” Laptop with modular upgradable graphics. @kalilinux https://frame.work/blog/introducing-the-framework-laptop-16-and-both-intel-and-amd-powered-framework-laptop-13

https://www.bbc.com/news/science-environment-65557469 @kalilinux

Google took a step toward to a “passwordless future.” The search engine company announced on Tuesday -- the day before World Password Day -- that it's begun rolling out a new security tool that allows you to sign in to your Google accounts using a passkey instead -- no password required. Apple and Microsoft have also said they will embrace passwordless logins. Passkeys are a type of login credential that removes the need for passwords. The authentication requires either biometric authentication -- such as a fingerprint or facial recognition -- or a PIN or swipe pattern for access. https://blog.google/technology/safety-security/the-beginning-of-the-end-of-the-password/ @kalilinux https://www.cnet.com/tech/services-and-software/no-more-passwords-how-to-sign-in-to-your-google-account-using-a-passkey/

Congress is debating, for a third time, the EARN IT Act (S. 1207)—a bill that would threaten encryption, and instead seek to impose universal scanning of our messages, photos, and files. US citizens need to take action now! @kalilinux https://act.eff.org/action/the-earn-it-act-is-back-seeking-to-scan-us-all

Proton, the Geneva, Switzerland-based company behind the end-to-end encrypted email service Proton Mail, as well as Proton VPN, Proton Drive and Proton Calendar, is announcing a brand new product today. And it’s a password manager called Proton Pass. Like other Proton products, the company is insisting on the privacy and security features of this new password manager. Everything you store in Proton Pass is end-to-end encrypted, including passwords (obviously), email addresses, URLs and notes. @kalilinux https://techcrunch.com/2023/04/20/proton-announces-proton-pass-a-password-manager/?guccounter=1

Washingtonpost reported that the spy balloon which overflew the continental U.S. in February had sophisticated reconnaissance capabilities, possibly including "synthetic aperture radar," which can see at night and penetrate clouds, topsoil, and thin materials. Synthetic aperture radar, or SAR, sends pulses of microwaves at the Earth to create images. Unlike traditional optical sensors, this allows SAR to return images at night and to penetrate clouds, smoke, topsoil, ice and snow. SAR has also been shown to penetrate thin materials, including tarps, revealing objects beneath. The amount of power the Chinese balloon could generate was “humongous,” said Paul Byrne, an associate professor at Washington University in St. Louis and a specialist in remote sensing. It was about 100 times that generated by balloons such as Google’s Loon, which provides internet service, and nearly twice that generated by some orbital SAR satellites. @kalilinux

Eric Hughes published the magnificent Cypherpunk's Manifesto 30 years ago. https://nakamotoinstitute.org/static/docs/cypherpunk-manifesto.txt @kalilinux

The encrypted-messaging app Signal has said it would stop providing services in the UK if a new law undermined encryption. If forced to weaken the privacy of its messaging system under the Online Safety Bill, the organisation "would absolutely, 100% walk" Signal president Meredith Whittaker told the BBC @kalilinux https://www.bbc.com/news/technology-64584001

❄️The team that runs the primary Tor Snowflake bridge is raising funds to pay for server operating expenses such as bandwidth, hardware, and maintenance.. You can help the project by donating to the project on Open Collective: https://opencollective.com/censorship-circumvention/projects/snowflake-daily-operations

Balloon shot down in US airspace, official says. @kalilinux ABC News

Chinese spy balloon over Montana, the United States. (Source: KSVI-TV) @kalilinux

Two security flaws have been disclosed in Samsung's Galaxy Store app for Android that could be exploited by a local attacker to stealthily install arbitrary apps or direct prospective victims to fraudulent landing pages on the web. It's worth noting here that the shortcoming only impacts Samsung devices that are running Android 12 and before, and does not affect those that are on the latest version (Android 13). https://thehackernews.com/2023/01/samsung-galaxy-store-app-found.html @kalilinux

https://www.youtube.com/watch?v=-e1_QhJ1EhQ @kalilinux

Just recently, Citizen Lab published an article, uncovering Iran’s Mobile Legal Intercept System. A confidential source sent the online news organization, The Intercept, a series of internal documents and communications providing details on what appear to be plans to develop and launch an Iranian mobile network, including subscriber management operations and services, and integration with a legal intercept solution. Some of this communication included representatives of the Communications Regulatory Authority of Iran (CRA). In October 2022, The Intercept shared this material with Citizen Lab researchers for analysis. The following report provides a summary of Citizen Lab's analysis of this material and discusses its wider implications. https://citizenlab.ca/2023/01/uncovering-irans-mobile-legal-intercept-system/ @kalilinux

Slack discloses security breach, access to code repositories! The company claims that "customers were not affected, no action is required, and the incident was quickly resolved." No downloaded repositories contained customer data, meaning perpetrators could not access user information or Slack's primary codebase. https://cybernews.com/security/slack-admits-security-breach/ @kalilinux