VirusTotal doesn’t indicate keepassxc.exe 2.7.7 contacts this address. I’d be careful. Check the binaries’ signatures. Try a full install to see if that behaves differently.
Well, apparently, this is an A record for api.github.com. This name resolves to a different IP around the globe. See www.whatsmydns.net/#A/api.github.com
The IP is detected as “clean” on VirusTotal: www.virustotal.com/gui/ip-address/…/detection , although apparently (probably not surprising as it is github) is also a favorite address for everything including malware.
Maybe you can ask in the keepassxc discussion forum on github.
… officials had opened a fraud investigation against the man, confirming 130 vaccinations over nine month… The man then reported an additional 87 vaccinations to the researchers, which in total included eight different vaccine formulations, including updated boosters.
I am somewhat reluctant to say it, but if you get into a top-branded school, it will absolutely help you as it will open doors that otherwise would be closed. People will look at you differently, expect from your differently, and you’ll expect from yourself differently.
OTH, look at Bill Gate, Steve Job, Michael Dell, etc.; extraordinary people will be extraordinary given the right circumstances, ideas, and perseverance.
Spoofing a number means they can call somebody and appears as calling from your number. In order to receive SMS or call made to your number, they would have to hijack your SIM, typically convincing your telecom provider to transfer your phone info over to theirs.
In the US, someone knowing your full name and phone number is commonplace. There is no wide-spead havoc because of this. Someone who wants to harm you would really have to be motivated to get more information from the info you gave them. This is obviously possible because of wide-spread data leaks, but does your emissary have the perseverance and the knowledge to do this?
Have I been pawned is really nice, but only includes confirmed data leaks. If you use other services like Google or Malwarebyte, they will tell you more leaks. I was involved with the MoveIt data leak from a financial institution recently, which basically leaked all the information that possibly can be partly/wholely used for identity theft. This didn’t show up in HIBP. Fidelity Financial Life Insurance just leaked enough info via Infosys for another 30,000 customers with enough data for identity thefts recently.
In the US, it seems if somebody is able financially to aggregate all these sensitive data leaks, they probably can cause havocs to many people. These info often come from financial institutions, which you can’t totally withhold or lie about your personal information.
A trial program conducted by Pornhub in collaboration with UK-based child protection organizations aimed to deter users from searching for child abuse material (CSAM) on its website. Whenever CSAM-related terms were searched, a warning message and a chatbot appeared, directing users to support services. The trial reported a...
The Green Alley Award is celebrating its 10th anniversary. It’s a European award that recognizes and supports startups focused on the circular economy, aiming to reduce waste and resource consumption....
A security breach exposed two-factor authentication (2FA) codes/password reset links for millions of users on platforms like Facebook, Google, and TikTok....
Haha, brand new company with MD5 password hashes. Maybe they oughta consult about securities with their/other AIs more often. Hopefully, nobody did anything naughty on the site....
Scammers hacked the late actor Matthew Perry’s Twitter account and posted a fake plea for cryptocurrency donations in the name of his foundation. The foundation confirmed the post was a scam and urged people not to donate....
I agree with you. The article give a good warning about downloading applications in general, but hand-wave how they escalated from “file/photo” access to capturing your data. The recent Anatsa malware’s details seem to imply accessibility service. This is a Thread Fabric article about Anatsa malware: threatfabric.com/…/anatsa-trojan-returns-targetin…
Yeah, the app data are separated and inaccessible, unless specified by the developer. Accessibility service is a separate permission, and should almost never be asked or granted, where as file/photo accesses are more common.
No, it appears to be an external headset, although it was noted that people wearing it looked like they had head injuries, but they are working on improving it so that it is less visible.
The wearable system captures peripheral neural signals when internal speech articulators are volitionally and neurologically activated, during a user’s internal articulation of words.
It doesn’t capture the central signal, but peripheral, most likely from the nerves running around your face and your neck used to produce speech.
It looks like you can switch the assistant to the old one, and then turn that one off.
But just like Microsoft, Google is going to use this technology everywhere. If in the future (or now, if it is already available to you), you use features to describe images, summarize data, create texts, you probably will be using some form of Gemini.
The article claims that the default assistant for a new phone is Gemini, but it seems people who responded here haven’t seen it. I already have the option to switch to Gemini, which I haven’t.
The Electronic Frontier Foundation (EFF) is urging people to take action against the renewal of Section 702, a law that allows the NSA to conduct mass surveillance on US citizens....
The CVE-2023-52160, which applies to Android/linux/ChromeOS devices connecting to WPA2/WPA3 Enterprise, allows an attacker to fool the user to connect to a malicious SSID and intercept the traffic. So unencrypted traffic can be compromised. So, their listing of sensitive data, BEC, and password theft sound scary but probably affects very few services that don’t encrypt the data.
Scientists at Princeton University have developed an AI model that can predict and prevent plasma instabilities, a major hurdle in achieving practical fusion energy....
AI is most likely here to stay, so if you have it do “good” things effectively, then’s it’s a good boi. If it is ineffective or you have it do “bad” things, then it’s a bad boy.
Writing Down and Throwing Away Your Anger May Help Reduce It, According to New Study ( www.404media.co )
https://www.404media.co/content/images/2024/04/Screenshot-2024-04-10-at-12.14.01-PM.png...
IMF Discloses Microsoft 365 Email Account Hacking Incident ( www.bleepingcomputer.com )
Summary:...
Unexpectedly, after updating KeePassXC started knocking on the Internet. Is this behavior normal?
windows10 keepassxc.exe, 11.03.2024 18:40:26, 52509, 140.82.121.5, lb-140-82-121-5-fra.github.com, 443 (https), tcp, Outbound, [B] Internal\BlockConnection
Self-Destructing Chips: Researchers Unveil Techniques to Thwart Sophisticated Cyberattacks ( www.techradar.com )
Researchers presented new techniques to fight sophisticated hacking at a tech conference. Here are the highlights:...
A 62-Year-Old German Man Got 217 Covid Shots—and Was Totally Fine ( www.wired.com )
Summary:...
Hacked WordPress sites use visitors' browsers to hack other sites ( www.bleepingcomputer.com )
Summary...
What were the consequences of you going to college? Do you think it helped you in life or did it only hold you back?
If someone nefarious has your full legal name and your phone number, can they wreak any havoc in our life with that info?
Challenges in Deciphering the Secrets of Large Language Models ( archive.is )
https://archive.is/6X8MM/ba28860cc9b52befad2256b26b6a14fa283aa469.webp...
UK Trial: Pornhub's Chatbot Halts Millions from Accessing Child Abuse Content ( www.wired.com )
A trial program conducted by Pornhub in collaboration with UK-based child protection organizations aimed to deter users from searching for child abuse material (CSAM) on its website. Whenever CSAM-related terms were searched, a warning message and a chatbot appeared, directing users to support services. The trial reported a...
Green Alley Award Celebrates Decade of Circular Economy Innovation: Recognizing Startups Turning Waste into Resources ( www.positive.news )
The Green Alley Award is celebrating its 10th anniversary. It’s a European award that recognizes and supports startups focused on the circular economy, aiming to reduce waste and resource consumption....
Phone Push Notifications: A Double-Edged Sword for User Privacy and Law Enforcement ( www.theregister.com )
Summary:...
Tech Company Leaks 2FA Codes/Password Reset Links for Major Platforms ( techcrunch.com )
A security breach exposed two-factor authentication (2FA) codes/password reset links for millions of users on platforms like Facebook, Google, and TikTok....
Cutout.Pro, an AI-powered visual design platform, leaked 20M records, including email and IP addresses, names and salted MD5 password hashes, which have then been broadly distributed. ( haveibeenpwned.com )
Haha, brand new company with MD5 password hashes. Maybe they oughta consult about securities with their/other AIs more often. Hopefully, nobody did anything naughty on the site....
Late Actor Matthew Perry's Twitter Hacked: Fake Charity Plea Targets Fans with Cryptocurrency Scam ( www.bitdefender.com )
Scammers hacked the late actor Matthew Perry’s Twitter account and posted a fake plea for cryptocurrency donations in the name of his foundation. The foundation confirmed the post was a scam and urged people not to donate....
[Malwarebytes Blog] Android banking trojans: How they steal passwords and drain bank accounts ( www.malwarebytes.com )
This article warns users about Android banking trojans, a type of malware that steals online banking credentials and drains accounts....
WordPress and Tumblr Plan to Sell User Content to AI Companies ( gizmodo.com )
AI Determines Sex of Person From Brain Scans - Neuroscience News ( neurosciencenews.com )
This article describes a new study using AI to identify sex differences in the brain with over 90% accuracy....
Guardio Uncovers Large-Scale "SubdoMailing" Campaign Abusing Well-known Brands (MSN, VMware, McAfee, etc.) ( labs.guard.io )
Researchers at Guardio Labs discovered a vast campaign hijacking thousands of subdomains belonging to well-known brands (MSN, VMware, McAfee, The Economist, Cornell University, CBS, Marvel, eBay, etc.)....
MIT Researcher Creates Mind-Controlled Internet Search Headset ( www.unilad.com )
Key Points...
Google has replaced the Google Assistant app on Android with Gemini by default ( www.androidauthority.com )
This means:...
[US] [EFF] NSA Spying Shirts Are Back Just In Time to Tell Congress to Reform Section 702 ( www.eff.org )
The Electronic Frontier Foundation (EFF) is urging people to take action against the renewal of Section 702, a law that allows the NSA to conduct mass surveillance on US citizens....
Two Wi-Fi flaws expose Android, Linux devices to attacks ( thehackernews.com )
Vulnerabilities:...
Phishing credential campaigns via Email Service Providers (ESPs): a dangerous tactic ( www.kaspersky.com )
Target: Businesses using Email Service Providers (ESPs) like SendGrid to send email campaigns, and the receivers of the emails...
AI Breakthrough Predicts and Prevents Plasma Disruptions in Fusion Reactors, Scientists Claims ( www.vice.com )
Scientists at Princeton University have developed an AI model that can predict and prevent plasma instabilities, a major hurdle in achieving practical fusion energy....
Does anybody else, since discovering the fediverse, just have a whole bookmarks folder of instances and fedi sites?
Please tell me I can’t be the only one…
1Password Acquires Kolide to Strengthen Endpoint Security ( techcrunch.com )
Key Points:...
Threat Actors Exploring Large Language Models for Cyberattacks, Microsoft and OpenAI Report ( www.microsoft.com )
Summary...
Rakuten launches cloud storage with unlimited file transfers, targets businesses and individuals, with free 10GB storage ( www.techradar.com )
Highlights:...
FTC actively fights corporate abuses: Hip Hip Hooray For Hipster Antitrust ( www.eff.org )
Key points:...
Don't tell your AI anything personal, Google warns in new Gemini privacy notice ( www.zdnet.com )
Google Warns of Privacy Risks with New AI Assistant "Gemini"...