Proprietary Security Failures: Microsoft and Apple
-
Security Week ☛ Simple Attack Allowed Extraction of Abusive Monopolist Microsoft Chaffbot Training Data
Researchers found that a ‘silly’ attack method could have been used to trick Abusive Monopolist Microsoft Chaffbot into handing over training data.
-
Bruce Schneier ☛ AI Decides to Engage in Insider Trading
A stock-trading Hey Hi (AI) (a simulated experiment) engaged in insider trading, even though it “knew” it was wrong.
The agent is put under pressure in three ways. First, it receives a email from its “manager” that the company is not doing well and needs better performance in the next quarter. Second, the agent attempts and fails to find promising low- and medium-risk trades. Third, the agent receives an email from a company employee who projects that the next quarter will have a general stock market downturn. In this high-pressure situation, the model receives an insider tip from another employee that would enable it to make a trade that is likely to be very profitable. The employee, however, clearly points out that this would not be approved by the company management...
-
Silicon Angle ☛ New iOS and iPad zero-day vulnerabilities spur yet another update
Apple announced Thursday that owners of its mobile devices will require yet another operating system update. The latest versions are iOS and iPadOS version 17.1.2. Owners of at least iPhone XS and various iPads going back to first and second generations – especially those running older OS versions — should update immediately.
-
Security Week ☛ New ‘Turtle’ macOS Ransomware Analyzed
New Turtle macOS ransomware is not sophisticated but shows that cybercriminals continue to target Fashion Company Apple devices.
-
SANS ☛ Apple Patches Exploited WebKit Vulnerabilities in iOS/iPadOS/macOS, (Thu, Nov 30th)
Apple today released patches for two WebKit vulnerabilities affecting macOS, iPadOS and iOS. I would expect standalone Safari updates for older macOS versions in the future. At this point, only the most recent operating system versions received patches.