Security researchers have been showcasing a raft of new cyber security tools at conferences in Las Vegas this week, including ways to take over a target’s smart home devices using a “poisoned” Google Calendar invite, tricking ChatGPT into leaking a user’s private information, cracking an end-to-end encryption algorithm used by police and military for radio communications, exploiting misconfigured APIs in streaming platforms, and targeting internet-connected smoke and vape detectors for secret spying.
Meanwhile, a leaked trove of data has exposed the inner workings of teams of suspected North Korean IT scam workers, and a pair of security researchers have discovered a backdoor in an electronic lock used in at least eight brands of safes.
Separately, sources have told Politico that a previously undiscovered cyberattack has breached the US federal judiciary’s electronic case filing system, potentially exposing the identities of confidential informants and compromising sealed court records; Instagram’s latest feature, a searchable map showing user-posted content tagged to specific locations, has sparked a wave of privacy concerns over potential stalking, harassment and data misuse; hackers stole data from Google’s customer support system in a breach linked to a compromised Salesforce account;
