A recent report by 404 Media revealed that law enforcement agents have been concerned about iPhones automatically rebooting themselves, which makes it very difficult to hack these devices. Security researcher Jiska Classen later discovered that this behavior is caused by a new feature called Inactivity Reboot, which has now been reverse-engineered by Classen.Reverse engineering iPhones Inactivity Reboot featureThe researcher detailed in a blog post how exactly Inactivity Reboot was implemented by Apple which did everything quietly without publicly announcing the new security feature. Based on iOS code, it was possible to confirm that Inactivity Reboot was implemented in iOS 18.1, although iOS 18.2 beta code suggests that Apple is still making improvements to how it works.Contrary to what was previously thought, the security feature has no relation to wireless connectivity. Instead, it uses the Secure Enclave Processor (SEP) to track when the iPhone was last unlocked. If the last time unlocked exceeds three days, SEP notifies a kernel that kills Springboard (which is the core of iOS) and initiates a reboot.Unsurprisingly, according to Classen, Apple has implemented ways to prevent hackers from bypassing this process. For example, if something prevents the kernel from rebooting the iPhone, the system will automatically cause a kernel panic to crash and reboot the device. The system also sends analytical data to Apple when a device enters the aks-inactivity state.Since everything related to Inactivity Reboot happens in SEP and not in the main iOS kernel, its much more challenging to bypass it even if the main kernel is compromised (like with a jailbreak tool). As Classen explained, little is known about the SEP as Apple keeps everything, including its firmware, under wraps.When rebooted, the iPhone enters a Before First Unlock (BFU) mode, which encrypts all the files on the device until the user enters the devices passcode. Even Cellebrite, a cybersecurity company that specializes in extracting data from locked iPhones, acknowledges that getting data from a device in BFU mode is quite challenging.Cellebrite tool used to hack iPhonesApple doesnt say why it implemented Inactivity Reboot on the iPhone with iOS 18, but the reasons seem pretty clear. The company certainly wants to crack down on tools like Cellebrite and Pegasus spyware, which are often used by law enforcement agents. Of course, this also protects regular users who may have their data extracted after being the victim of a theft or robbery.More details on reverse engineering the Inactivity Reboot feature can be found on Jiska Classens blog.Add 9to5Mac to your Google News feed. FTC: We use income earning auto affiliate links. More.Youre reading 9to5Mac experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Dont know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

"The goal of OpenAI is to make the future good and to avoid an AGI dictatorship."Absolute PowerDuring the discovery process in Elon Musk's lawsuit against Sam Altman, email exchanges from early in the group's history show that even early on, tensions flared over who would control the company's powerful creations.In one of these early emails submitted as evidence exhibits in the Musk vs. Altman trial, OpenAI cofounder Ilya Sutskever took him to task for his egoistic need for control and the dangers it could pose for any forthcoming human-level AI, better known as artificial general intelligence (AGI)."The current structure provides you with a path where you end up with unilateral absolute control over the AGI," Sutskever wrote to Altman and Musk in September of 2017. "You stated that you dont want to control the final AGI, but during this negotiation, youve shown to us that absolute control is extremely important to you.""As an example, you said that you needed to be CEO of the new company so that everyone will know that you are the one who is in charge," he continued, "even though you also stated that you hate being CEO and would much rather not be CEO."Under ControlNotably, the email was sent less than six months before Musk resigned from OpenAI over disagreements about how the company should raise money which is also the crux of his lawsuit against Altmanet alnow."We are concerned that as the company makes genuine progress towards AGI, you will choose to retain your absolute control of the company despite current intent to the contrary," Sutskever wrote.Similar concerns may well have inspired Sutskever to lead a briefly successful coup against Altman last year before his own apparent ouster this spring. As the rest of his scathing email to Musk shows, he had good reason for worry."The goal of OpenAI is to make the future good and to avoid an AGI dictatorship," he wrote. "You are concerned that Demis [Hassabis, the founder of Google's DeepMind AI lab] could create an AGI dictatorship. So [are] we. So it is a bad idea to create a structure where you could become a dictator if you chose to, especially given that we can create some other structure that avoids this possibility."Reading the message in hindsight especially after Sutskever's own exit and founding of a new venture promoting AGI safety is pretty chilling,especially as Musk's embrace of embrace of president-elect Donald Trump reveals a deep thirst to control how the world is run.More on Musk's control issues: Elon Musks Daughter Vivian Says Hes a "Delusional and Grubby Little Control Freak"Share This Article

"I am profoundly disturbed."Velvet VoiceAfter discovering that his voice has been cloned by artificial intelligence, veteran documentarian David Attenborough has been moved to genteel fury.In a newBBCsegment, two near-identical clips one generated by AI, the other recorded by the twice-knighted man himself are heard promoting Attenborough's new special, "Asia."According to host Kasia Madera, the first of the two segments was an AI clone that the broadcaster's researchers found online. The actual Attenborough is less than pleased."Having spent a lifetime trying to speak what I believe to be the truth," Attenborough told the BBC in a statement, "I am profoundly disturbed to find that these days, my identity is being stolen by others and greatly object to them using it to say whatever they wish."Strangely enough, the AI Attenborough also had a response to the story."Lets set the record straight. Unless Mr. Attenborough has been moonlighting for us in secret and under an assumed name with work authorization in the United States, he is not on our payroll," the AI voice clone intoned. "I am not David Attenborough. We are both male, British voices for sure. However, I am not David Attenborough, for anyone out there who may be confused."This creepy rebuttal sounded so much like the real thing that Madera suggested the average person would be unable to tell the difference."You have to really double-take," the host said. "I wouldn't know if I didn't know."Post-TruthBeyond simply being unsettling, this faked Attenborough voice is particularly insidious because of the documentarian's societal role as one of the premier global truth-tellers of the last few generations.In an editorial forThe Guardian, columnist Zoe Wiliams suggested that such a lifelike AI rendition of a voice like Sir David's could imperil the concept of truth as we or at least, as the Brits know it."Attenborough may not be the last true embodiment of trust in a compromised world, but I row back from that assertion only because I fear it is UK-centric," she opined. "I stand by this: if you cant hear his voice and believe it, then you cant hear or believe anything.""In fake Attenborough, the scam of all scams, we have been casually mugged of modern communication," Williams concluded. Given that the knight's AI voice clone nearly tricked a BBC reporter, we have to say we agree.More on voice cloning: Before He Died, James Earl Jones Signed Paperwork to Voice Darth Vader Using AIShare This Article

Nov 18, 2024Ravie LakshmananThreat Intelligence / RansomwareCybersecurity researchers have shed light on a new stealthy malware loader called BabbleLoader that has been observed in the wild delivering information stealer families such as WhiteSnake and Meduza.BabbleLoader is an "extremely evasive loader, packed with defensive mechanisms, that is designed to bypass antivirus and sandbox environments to deliver stealers into memory," Intezer security researcher Ryan Robinson said in a report published Sunday.Evidence shows that the loader is being used in several campaigns targeting both English and Russian-speaking individuals, primarily singling out users looking for generic cracked software as well as business professionals in finance and administration by passing it off as accounting software.Loaders have become an increasingly prevalent method to deliver malware, like stealers or ransomware, often acting as the first stage in an attack chain in a manner that sidesteps traditional antivirus defenses by incorporating a bevy of anti-analysis and anti-sandboxing features.This is evidenced in the steady stream of new loader families that have emerged in recent years. This includes but is not limited to Dolphin Loader, Emmenhtal, FakeBat, and Hijack Loader, among others, which have been used to propagate various payloads like CryptBot, Lumma Stealer, SectopRAT, SmokeLoader, and Ursnif.What makes BabbleLoader stand out is that it packs various evasion techniques that can fool both traditional and AI-based detection systems. This encompasses the use of junk code and metamorphic transformations that modify the loader's structure and flow to bypass signature-based and behavioral detections.It also gets around static analysis by resolving necessary functions only at runtime, alongside taking steps to impede analysis in sandboxed environments. Furthermore, the excessive addition of meaningless, noisy code causes disassembly or decompilation tools like IDA, Ghidra, and Binary Ninja to crash, forcing a manual analysis."Each build of the loader will have unique strings, unique metadata, unique code, unique hashes, unique encryption, and a unique control flow," Robinson said. "Each sample is structurally unique with only a few snippets of shared code. Even the metadata of the file is randomized for each sample.""This constant variation in code structure forces AI models to continuously re-learn what to look for a process that often leads to missed detections or false positives."The loader, at its core, is responsible for loading shellcode that then paves the way for decrypted code, a Donut loader, which, in turn, unpacks and executes the stealer malware."The better that the loaders can protect the ultimate payloads, the less resources threat actors will need to expend in order to rotate burned infrastructure," Robinson concluded. "BabbleLoader takes measures to protect against as many forms of detection that it can, in order to compete in a crowded loader/crypter market."The development comes as Rapid7 detailed a new malware campaign that distributes a new version of LodaRAT that's equipped to steal cookies and passwords from Microsoft Edge and Brave, in addition to gathering all kinds of sensitive data, delivering more malware, and granting remote control of compromised hosts. It's been active since September 2016.The cybersecurity company said it "spotted new versions being distributed by Donut loader and Cobalt Strike," and that it "observed LodaRAT on systems infected with other malware families like AsyncRAT, Remcos, XWorm, and more." That said, the exact relationship between these infections remains unclear.It also follows the discovery of Mr.Skeleton RAT, a new malware based on njRAT, that has been advertised on the cybercrime underground and comes with functionality for "remote access and desktop operations, file/folder and registry manipulation, remote shell execution, keylogging, as well as remote control of the devices' camera."Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE

According to research from GitGuardian and CyberArk, 79% of IT decision-makers reported having experienced a secrets leak, up from 75% in the previous year's report. At the same time, the number of leaked credentials has never been higher, with over 12.7 million hardcoded credentials in public GitHub repositories alone. One of the more troubling aspects of this report is that over 90% of valid secrets found and reported remained valid for more than 5 days. According to the same research, on average, it takes organizations 27 days to remediate leaked credentials. Combine that with the fact that non-human identities outnumber human identities by at least 45:1, and it is easy to see why many organizations are realizing stopping secrets sprawl means finding a way to deal with this machine identity crisis. Unfortunately, the research also shows that many teams are confused about who owns the security of these identities. It is a perfect storm of risk. Why Does Rotation Take So LongSo, why are we taking so long to rotate credentials if we know they are one of the easiest attack paths for adversaries? One major contributing factor is a lack of clarity on how our credentials are permissioned. Permissions are what authorize what specific things one entity, such as a Kubernetes workload or a microservice, can successfully request from another service or data source. Let's remember what remediation of a secrets sprawl incident means: you need to safely replace a secret without breaking anything or granting new, too-wide permissions, which would potentially introduce more security risks to your company. If you already have full insight into the lifecycle of your non-human identities and their associated secrets, this is a fairly straightforward process of replacing them with new secrets with the same permissions. This can take considerable time if you don't already have that insight, as you need to hope the developer who originally created it is still there and has documented what was done. Let's look at why permissions management is especially challenging in environments dominated by NHIs, examine the challenges developers and security teams face in balancing access control and productivity, and discuss how a shared responsibility model might help.Who Really Owns Secrets Sprawl?Secrets sprawl generally refers to the proliferation of access keys, passwords, and other sensitive credentials across development environments, repositories, and services like Slack or Jira. GitGuardian's latest Voice of the Practitioners report highlights that 65% of respondents place the responsibility for remediation squarely on the IT security teams. At the same time, 44% of IT leaders reported developers are not following best practices for secrets management. Secrets sprawl and the underlying issues of over-permissioned long-lived credentials will continue to fall in this gap until we figure out how to better work together in a shared responsibility model.The Developer's Perspective On PermissionsDevelopers face enormous pressure to build and deploy features quickly. However, managing permissions carefully, with security best practices, can be labor-intensive. Each project or application often has its own unique access requirements, which take time to research and properly set, almost feeling like a full-time job on top of the work making and deploying their applications. Best practices for creating and managing permissions too commonly do not get applied evenly across teams, are seldom documented appropriately, or are forgotten altogether after the developer gets the application working. Compounding the issue, in too many cases, developers are simply granting too wide of permissions to these machine identities. One report found that only 2% of granted permissions are actually used. If we take a closer look at what they are up against, it is easy to see why.For instance, think about managing permissions within Amazon Web Services. AWS's Identity and Access Management (IAM) policies are known for their flexibility but are also complex and confusing to navigate. IAM supports various policy typesidentity-based, resource-based, and permission boundariesall of which require precise configurations. AWS also offers multiple access paths for credentials, including IAM roles and KMS (Key Management Service) grants, which each come with its own unique access configurations. Learning this system is no small feat.Another common example of a service where permissions can become difficult to manage is GitHub. API keys can grant permissions to repositories across various organizations, making it challenging to ensure appropriate access boundaries. A single key can unintentionally provide excessive access across environments when developers are members of multiple organizations. The pressure is on to get it right, while the clock is always ticking and the backlog keeps getting bigger. Why Security Teams Alone Can't Fix ThisIt may seem logical to assign security teams responsibility for monitoring and rotating secrets; after all, this is a security concern. The reality is that these teams often lack the granular project-level knowledge needed to make changes safely. Security teams don't always have the context to understand what specific permissions are essential for keeping applications running. For instance, a seemingly minor permission change could break a CI/CD pipeline, disrupt production, or even cause a company-wide cascading failure if the wrong service disappears.The dispersed nature of secrets management across teams and environments also increases the attack surface. With no one really in charge, it becomes much harder to maintain consistency in access controls and audit trails. This fragmentation often results in excessive or outdated credentials and their associated permissions remaining active for far too long, possibly forever. It can make it difficult to know who has legitimate or illegitimate access to which secrets at any given time.A Shared Responsibility Model For Faster RotationDevelopers and security teams could help address these issues by meeting in the middle and building a shared responsibility model. In such a model, developers are more responsible for consistently managing their permissions through proper tooling, such as CyberArk's Conjur Secrets Manager or Vault by HashiCorp, while also better documenting the permissions and scope of the necessary permissions at the project level. Security teams should be helping developers by working to automate secrets rotation, investing in the proper observability tooling to gain clarity into the state of secrets, and working with IT to eliminate long-lived credentials altogether. If developers clearly document which permissions are needed in their requirements, it could help security teams conduct faster and more precise audits and speed remediation. If security teams work to ensure that the easiest and fastest overall path toward implementing a new non-human identity secret is also the safest and most scalable route, then there are going to be far fewer incidents that require emergency rotation, and everyone wins. The goal for developers should be to ensure that the security team can rotate or update credentials in their applications with confidence, on their own, knowing they're not jeopardizing production.Key Questions to Address around PermissioningWhen thinking through what needs to be documented, here are a few specific data points to help this cross-team effort flow more smoothly: Who Created the Credential? - Many organizations find it difficult to track credential ownership, especially when a key is shared or rotated. This knowledge is essential to understanding who is responsible for rotating or revoking credentials.What Resources Does It Access? - API keys can often access a range of services, from databases to third-party integrations, making it essential to limit permissions to the absolute minimum necessary.What Permissions Does It Grant? - Permissions vary widely depending on roles, resource-based policies, and policy conditions. For instance, in Jenkins, a user with `Overall/Read` permission can view general information, while `Overall/Administer` grants full control over the system.How Do We Revoke or Rotate It? - The ease of revocation varies by platform, and in many cases, teams must manually track down keys and permissions across systems, complicating remediation and prolonging exposure to threats.Is the Credential Active? - Knowing whether a credential is still in use is critical. When NHIs use long-lived API keys, these credentials may remain active indefinitely unless managed properly, creating persistent access risks.Permissions Are Challenging, But We Can Manage Them Together As One TeamAccording to the GitGuardian report, while 75% of respondents expressed confidence in their secrets management capabilities, the reality is often much different. The average remediation time of 27 days reflects this gap between confidence and practice. It is time to rethink how we implement and communicate secrets and their permissions as an organization.While developers work diligently to balance security and functionality, the lack of streamlined permissions processes and uncentralized or unstandardized documentation paths only amplify the risks. Security teams alone can't resolve these issues effectively due to their limited insight into project-specific needs. They need to work hand-in-hand with developers every step of the way. GitGuardian is building the next generation of secrets security tooling, helping security and IT teams get a handle on secrets sprawl. Knowing what plaintext, long-lived credentials are exposed in your code and other environments is a needed first step to eliminating this threat. Start today with GitGuardian.Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Twitter and LinkedIn to read more exclusive content we post.

If youve watched any movies or television made in the past ten or15 years, you may have started to wonder: Where have all the opening credits gone? These days, filmmakers (and production studios, and streaming services) seem to think that if the audience isnt immediately thrown into the action of a movie, theyll get bored, turn it off, and find something else. Given our ever shortening attention spans, there may be some truth to this.But a great opening credits sequence is something of a lost art. Its indulgent, yes, and it forces the audience to sit there and look at a bunch of names for two or three minutes, but a really good title sequence can set the tone for the rest of the proceedings, and allow the members of the audience to gradually submerge themselves into the world of the story. Think of the way that the Game of Thrones credits not only showed you a moving map of Westeros, but also contained little clues about where certain scenes would take place, and unlocked locations as the story moved forward.It wasnt always like this opening titles used to be everywhere, and the best ones would get creative with the form, using the allotted minute or two to fully generate a movies vibe using nothing but colors, abstract images, and creative fonts. There are way too many to choose from for just one list, but in order to highlight some of the very best, we chose12 of the coolest, most innovative ones, from iconic crime movies, westerns, fantasy epics, horror thrillers, and modern spy cinema classics. Every single one of these opening sequences will make you want to watch the rest of the movie immediately.The Coolest Opening Title Sequences of All TimeWhere have all the opening credits gone?(Note: Click the link in each entry to watch these opening titles on YouTube.)READ MORE: 10 Great Trailers For 10 Terrible MoviesGet our free mobile appThe Worst Parts of 15 Great MoviesThese movies are terrific. Theyre not perfect, though.

WhileDune: Prophecysays its based on the novelSisterhood of Dune by Brian Herbert and Kevin J. Anderson, itsreally drawn much more closely fromMentats of Dune, which comes from a whole trilogy ofDune spinoff novels known as the Schools ofDune Trilogy that explore some of thebackstoryof this famous sci-fi universe.Thats just one little bit of trivia you might not know about the newDune TV series, but weve got a whole lot more. In our latest video, well breakdown all theDune Easter eggs, little details, and hidden secrets you might have missed in theDune: Prophecypremiere. Well explain exactly where in theDune timeline thisshow takes place, how it connects to Villeneuves movies, delve into the backstory about that war with artificial intelligence, and a whole lot more.Watch our full breakdown video below:If you liked that video on the first episode ofDune: Prophecy, and how it connects to Frank Herberts books and Denis Villeneuves movies, check out more of our videos below, including our look at what the thirdDune film could look like, our full recap of the firstDunefilm, and our look at all of the Easter eggs (and the shocking ending) ofDune: Part Two.Plus, theres tons more videos over atScreenCrushs YouTube channel. Be sure to subscribe to catch all our future episodes. New episodes ofDune: Prophecypremiere weekly on HBO and Max. It gonna get spicy over there.Get our free mobile app10 TV Shows People Love That Are Actually BadSometimes we have to admit to ourselves that our faves are not that great.

Time zones: SBT (UTC +11), GMT (UTC +0), CET (UTC +1), EET (UTC +2), MSK (UTC +3), AST (UTC -4), FKST (UTC -3), CEST (UTC +2), BST (UTC +1), JST (UTC +9), CST (UTC +8), WIB (UTC +7), MMT (UTC +6:30), BST (UTC +6), NPT (UTC +5:45), IST (UTC +5:30), UZT (UTC +5), IRDT (UTC +4:30), GST (UTC +4)Are you an experienced Customer Services specialist with a passion for helping clients navigate complex visa and passport processes? Were looking for a dedicated professional to join our team on a **fully remote** basis.Youll work closely with our business clients, assisting with UK passport applications and visa applications through embassies in London.If you have a proven track record in this field and excellent communication skills, wed love to hear from you. Key Details:- Position: Visa Consultant / Customer Services- Location: Fully Remote (Applicant does not need to reside in the UK) - Working Hours: UK Business Hours - Mode of Communication: Primarily emails and phone calls Responsibilities:- Liaise with business clients to understand their specific visa and passport requirements. - Guide clients through the UK passport application process and visa applications for various embassies in London. - Prepare and review application documents to ensure accuracy and compliance with requirements. - Maintain up-to-date knowledge of UK visa and passport regulations and embassy protocols. - Respond promptly to client queries via email and phone, offering clear and professional advice. - Track application progress and provide clients with timely updates. - Maintain detailed records of client interactions and application statuses. Note: Full training is providedRequirements:- An attitude to self learn, be a self starter and have a high degree on initiative- Fluent spoken and written English exceptional communication skills are essential. - Proven experience** in visa consulting, immigration services, working in customer services or logistics or a related field. - Ability to work independently and manage multiple client cases simultaneously. - Strong attention to detail and organisational skills. - Proficiency in using email and phone communication tools. - Familiarity with UK passport and visa regulations is a strong advantage. - Reliable internet connection and a quiet, professional environment for phone calls. What We Offer- Fully remote position with flexible working arrangements. - Opportunity to work with an experienced and supportive team. - Competitive remuneration based on experience. ---If youre ready to make a difference in our clients journeys, wed love to hear from you. To ApplyPlease complete our short application form as per the link: https://form.jotform.com/243216941086053. You will need to submit your CV explain why youre the ideal candidate for this role. We look forward to welcoming you to our team! Related Jobs See more Customer Support jobs

Time zones: EST (UTC -5), MST (UTC -7), ART (UTC -3), UTC -4, UTC -4:30, UTC -3, UTC -2About Us:At Loop Support, we specialize in connecting businesses with exceptional customer support specialists. We believe in smart, kind-hearted professionals who love to learn and grow. If you have a passion for helping others and enjoy solving problems, we want to hear from you!Responsibilities:Respond to customer inquiries and complaints via phone, email, and chat.Provide detailed information about products and services.Troubleshoot and resolve product issues and concerns promptly.Maintain a positive and professional attitude with all customer interactions.Document customer interactions and solutions accurately.Qualifications:Excellent written and verbal communication skills in English and Spanish. (Required)Stable internet connection and a reliable computer setup. (Required)Based in LATAM (Required)Not required, but if youve ever worked, lived, or attended school in the US or Canada, wed love to hear from you!Ability to work independently in a distraction-free home office.A positive and professional attitude with a customer-first mindset.Previous experience in customer support is a plus, but not required.Strong problem-solving skills and ability to think on your feet. Related Jobs See more Customer Support jobs

You need to know about live share if you're a Python developer and work in VSCode.