Google tightens workspace security by disabling “Nearby Share” in Android Work Profiles

0
[ad_1]

For Android users, the “Nearby Share” feature is the closest thing to Apple’s Airdrop, undoubtedly the preferred method when it comes to transferring files between devices. It can be used in a variety of use cases, and up to this point, had been available in Android devices without restrictions other than those imposed by the network you are on.

This comes as no surprise considering how Google usually locks down features when it comes to workspace or business accounts due to privacy and security concerns with larger enterprises. It appears that this has been the culprit here, as I’m sure the ability to openly share company files between corporate and personal devices is frowned upon by I.T. Security professionals.

This is more of a concern when you consider that adoption for “Nearby Share” has now become more commonplace, with devices such as Chromebooks (and now even Windows) supporting it. Unless work devices are completely locked down to the extent where even Bluetooth is disabled or the Network and System Administrators are properly updating the console and closing the required ports on the Firewall, it can become extremely difficult to monitor or stop employees from sharing files with each other, with themselves, or worse – with the outside world.
Google’s solution is simple: Nearby Share is part of Google Play Services, so let’s just disable that on work profiles and that will ensure that it doesn’t appear as an option within that profile. It is, in theory at least, a simple but effective solution for a complicated problem. Only time will tell if this will be just as effective in real life situations.

The changes began to roll out with Google Play Services version 23.41 on October 18th. Google hasn’t provided any info as to why the change was made, so it is unknown whether an option will be available to circumvent these restrictions, other than just uninstalling the work profile.


[ad_2]
Source link

The hot topics from Europe’s largest trade fair for IT security

0
[ad_1]

The major talking points IT-SA included ransomware, ChatGPT, and NIS2.

IT-SA Expo & Congress claims to be Europe’s largest trade fair for IT security. And it really covers a wide range of security and security-related products and services. The event takes place in Nuremberg, Germany and provides an opportunity for vendors to show themselves to the public, create new contacts and leads, and check out what the competition is up to.

As one of the Malwarebytes representatives, I had the opportunity to walk around, talk to people, and listen to some of the talks given by representatives from throughout the industry.

All in all, I observed a lot of talks, and of the ones I heard that weren’t about promoting a product, most of them roughly fell into 3 categories: Ransomware, AI/ChatGPT, and NIS2.

Ransomware

Ransomware is still considered the most alarming cybersecurity threat to businesses, which isn’t surprising given that Germany is regularly in the top five most targeted countries in our monthly ransomware reviews, which often makes it the first country on the list where English is not the primary language. As one of Europe’s leading economies there is some serious money to be made by the cybercriminals.

The focus in ransomware developments is the shift in attention to the earlier stages of the attacks. By the time files are being encrypted, attackers have probably already been in situ for a while, moving laterally through the victim’s network and stealing their data. Some ransomware gangs even stop here and don’t proceed to encryption anymore. Encryption routines are easy to detect and stop, but spotting the suspicious behavior the precedes it turns out to be much harder.

AI and ChatGPT

AI, and ChatGPT in particular, are very much at the forefront of everyone’s attention. Mostly because we are curious, maybe even a bit anxious, to see what the future will bring.

As distinguished researcher Mikko Hyppönen explained, it’s not the tool we should be worried about, but the intentions of its users. Yes, artificial intelligence can find zero-days. Is that great because we can use to find vulnerabilities that need patching, or is it awful, because it will allow the cybercriminals to find vulnerabilities and exploit them?

Mikko slide about AI pros and cons

And another researcher told us that after the introduction of ChatGPT and its peers, they noticed a 27% increase in the linguistic complexity of phishing emails. The times where we could spot the phisher by looking at the number of typo’s might be behind us. LLM’s allow phishers to create long, error-free emails that first gain the trust of the target and then get them to open an attachment or click a link.

NIS2

The NIS2 Directive is EU-wide legislation on cybersecurity. Its purpose is to heighten the security levels for critical infrastructure in the European Union.

Businesses identified by the member states as operators of essential services in sectors such as energy, transport, water, banking, financial market infrastructures, healthcare, and digital infrastructure, will have to take appropriate security measures and notify relevant national authorities of serious incidents. Key digital service providers, such as search engines, cloud computing services, and online marketplaces, will have to comply with the security and notification requirements under the directive.

NIS2 has to be turned into laws by EU member states, which means it can be incorporated differently in every member state to functionally harmonize with local legislation. In Germany the third draft bill was presented in September 2023. So, while it’s slowly shaping up there is nothing definite about what will be included in the final draft.

A few things have been in all three drafts and seem likely to survive the cut. As a result, there was a lot of speculation, but nobody exactly knows what is going to happen. The NIS Implementation Act is scheduled to be announced in March 2024 and then come into force in October 2024 if everything goes as planned.

To anyone who I had the pleasure of meeting at IT-SA, I hope you had a successful event and let’s meet again some time.


Malwarebytes Managed Detection and Response (MDR) simply and effectively closes your security resources gap, reduces your risk of unknown threats, and increases your security efficiency exponentially. Malwarebytes MDR staffs highly experienced Tier 2 and Tier 3 analysts who are hands-on with customer endpoints, ensuring critical threats are quickly identified and a thorough response is rapidly deployed.

Want to learn more about MDR? Get a free trial below.

TRY NOW


[ad_2]
Source link

Threads finally fixed its notification issue

0
[ad_1]

Threads seems to be entering its redemption arc, as it’s looking to recapture the massive audience it enjoyed soon after it launched. Thus, it’s delivering new features for its users. Not only that but it’s also fixing issues that are affecting its users. According to a new report, it seems that Threads finally fixed the notification issue that has been upsetting users.

The issue in question had to do with post notifications. If you have new post notifications turned on, then you’ll be notified when a person makes a new post. However, when you get a notification about a reply to that post, it will just take you back to the same place that the first notification sent you. The only way to solve the issue, you had to restart the app.

It looks like Threads fixed its notification issue

When it comes to keeping up with posts from the people you follow, you’ll rely on notifications to stay on top of things. So, as you can imagine, this problem has been annoying for most people.

However, according to the report, Threads has finally fixed the notification issue. We didn’t get any insight from the company about when it fixed it, however. The Threads app was just updated on Friday, so it most likely came in that update. In any case, it’s always nice to see annoying issues being fixed.

It seems that Threads is on the way up. Right now, X (formerly Twitter) is struggling to keep people from leaving the platform. With that app about to become a fully paid platform, people will need somewhere to go. At the moment, the best options are Bluesky and Threads. Both are pretty bare bones compared to X, but Threads just came out with a feature that free X users have been waiting for.

Now, people are able to edit their posts in Threads. This is something that free X users have been wanting ever since Elon Musk promised it more than a year before. After you make a post, you have five minutes to make changes before you can’t. It’s not as long as an hour, but it’s still a nice feature to have.


[ad_2]
Source link

Wi-Fi issues on the iPhone 15 series are not fixed yet

0
[ad_1]

The launch of the iPhone 15 series hasn’t been as smooth as Apple thought, considering users are facing a plethora of issues ranging from display burn-in problems to the phone overheating for no reason (fixed). However, adding to these troubles, many iPhone 15 users report that even after updating to iOS 17.1, the Wi-Fi issues still persist.

The drama began two weeks ago when multiple iPhone 15 users started experiencing issues with their Wi-Fi, such as the inability to load content and painfully slow connection speeds. Frustrated by this problem, users turned to platforms like Reddit and Apple’s community forums to voice their concerns.

One affected person, TG2557, expressed his problems, saying, “It’s very disappointing that this issue hasn’t been resolved with the 17.1 release. I’ve given my iPhone 13 Pro to a family member, so I can’t revert back to that. I’ll be travelling during the winter and will be on the road for six months, and changing or altering a router at an Airbnb isn’t an option. I’m becoming very concerned that I won’t be able to use my brand-new phone while on the road.”

Furthermore, the fact that the iPhone 15 cannot load content while other devices on the same network work fine, and no workarounds like switching to the 2.4G band seem to consistently work makes the situation even worse.

Apple’s response

Unlike the overheating issue, which prompted the company to release an immediate update, Apple has not acknowledged the Wi-Fi issue and has not made any official comments regarding these persistent Wi-Fi problems. Additionally, to make matters worse, there are a staggering 19 pages of complaints regarding the issue on the community site.

Possible fixes?

While there doesn’t appear to be a permanent fix for the problem, different users have found various ways to deal with the issue. One user mentioned that changing the Wi-Fi channel range to 20 MHz, 40 MHz, or 80 MHz solves the problem. Others claimed that turning airplane mode on and off fixed their devices.

“I have the same issue (15 pro). I tried all the solutions mentioned here, and none of them worked. Switching the 2.4G band off gave me a good 30 minutes of Wi-Fi, then it kept disconnecting again,” said user AliAmer1.


[ad_2]
Source link

PDF Security – How To Keep Sensitive Data Secure in a PDF File

0
[ad_1]

Dive into PDF security in the digital era and learn how tools like PDF Expert ensure data protection in electronic documents.

At present, in our digital era, protecting confidential data cannot be overstated. With an ever-increasing array of electronic documents like PDFs, protecting sensitive information has become even more critical. This article delves deep into safeguarding PDF files for confidential data — paying special consideration to PDF Expert as a leading tool in this domain.

Understanding the Importance of PDF Security

PDF Expert stands out as an industry leader among apps that allow you to edit pdf on iPhone and other Apple devices — offering intuitive PDF editing functions and sophisticated security measures essential for protecting confidential data.

Their universal compatibility across platforms makes PDFs the go-to document option. However, with widespread use comes responsibility in protecting confidential information, including proprietary business data, personal details, or sensitive financial information. This kind of data needs protection from being accessible by third parties.

Utilize PDF Expert’s Power for Editing PDFs on iPhone & iPad

PDF Expert has become renowned for its speed, reliability, and user-friendly interface. Not just limited to minor edits, PDF Expert allows users to make major alterations — editing text and adding links, redacting information, altering images, and even electronically signing documents. For business people in particular, quickly signing and sending contracts is often crucial.

Advanced Security Features for Increased Protection

  • Text Recognition: One of PDF Expert’s most impressive capabilities is Optical Character Recognition (OCR, also known as text recognition). OCR lets users recognize text from scanned documents to make searchable, highlightable, and editable text — something especially helpful when dealing with older PDFs or documents that haven’t yet been digitized.
  • Enhance Scans: Scanned documents from years past may not always look their best due to shadows, distortions, and other imperfections in their contents. PDF Expert’s AI-powered enhanced feature rectifies these problems so every PDF looks perfect regardless of where its origination may lie.
  • Customization and Personalization: PDF Expert recognizes that every user has individual requirements. Therefore, it offers customizable features that enable users to arrange their most utilized tools according to their workflow; an example of this is using multiple pens for annotations or quickly adding markup tools for fast access. These tools ensure that users can tailor this platform according to their specifications.

Every Professional Needs the Appropriate Tool

PDF Expert can meet the needs of educators, students, construction professionals, and managers across various industries.

Evolution of PDF Security Solutions

As we progress further into digital life, PDF security has evolved increasingly complex. Gone are the days when simple password protection would suffice — modern threats require advanced solutions like PDF Expert to combat them effectively.

Encryption Is A First Line Of Defense

Encryption is one of the cornerstones of PDF security, ensuring data contained within PDF documents remains unreadable to unauthorized users. Only those possessing a valid decryption key (typically a password) may access its contents; PDF Expert employs advanced algorithms for encryption that ensure your documents remain hidden from prying eyes.

Redaction: Removing Sensitive Data

At times, certain parts of a document need to be shared while keeping other sections — which contain sensitive data — confidential. With PDF Expert, redacting information is a seamless process that ensures once data has been redacted, it’s gone for good.

Digital Signatures Provide Authenticity and Integrity Protection

When PDF Expert is used to sign PDFs digitally, recipients receive assurances that documents have not been modified while also verifying the signer(s) identity.

Access Control: Directing Who Views What

PDF Expert’s features allow document creators to set user permissions, enabling you to determine who can view, edit, print, or copy from their PDF document — providing finely controlled access that ensures even though someone might possess your file, they might not necessarily gain full access.

Keep Current With Threats With Regular Updates: Staying Abreast

As digital threats emerge regularly, PDF Expert ensures its software is regularly updated with security patches to stay ahead of them and give its customers access to the safest version possible. PDF Expert’s software updates deliver new features and patch potential vulnerabilities for a safer experience. So, users always receive the safest versions possible of its applications.

PDF Security and Compliance

Compliance with data protection regulations has become essential across industries. PDF security has to comply with various regulations, ranging from compliance with trading and investment banking regulations to compliance with regulations like Europe’s General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA), which mandate stringent data security measures for many organizations such as trading.

How PDFs Fit Into Digital Workflows

PDFs are indispensable in digital collaboration across various spheres — from contract negotiations to research. With increased reliance on PDF documents comes increased responsibility for maintaining their security at every point during their lifespan. PDF Expert’s suite of tools is tailored specifically towards this responsibility, guaranteeing documents remain protected whether in transit, at rest, or actively edited by staff members.

Education of the Masses: Awareness Is Required

PDF Expert provides advanced security features, but humans remain an insecure link in any security network. Therefore, users must be educated on the significance of PDF security best practices, including sharing unprotected documents without first understanding the risks involved, regularly updating software applications, and the need for unique passwords when encrypted.

Future of PDF Security Solutions

As technology progresses, so will the methods utilized by malicious actors. Artificial Intelligence, Quantum Computing, and other innovative solutions may present new risks to PDF security. However, with continuous innovation and commitment to staying ahead of the curve, tools like PDF Expert are prepared to face these threats head-on and provide robust protection.

Accept Feedback and Improve continuously

PDF Expert, as a user-centric tool, regularly solicits feedback from its user community to meet both current needs and anticipate any upcoming challenges and requirements. By regularly soliciting user input through this feedback loop, PDF Expert ensures it remains current while anticipating any foreseeable challenges or needs in its response to users.

Conclusion

PDF security in our increasingly digital world cannot be stressed enough. As physical and digital realms continue to merge, software providers and users must prioritize data protection. PDF Expert is leading this charge so we can hope for a future where our digital documents are as safe as their physical equivalents.

  1. Editing Text in a PDF File
  2. Top 7 PDF Tools to Edit, Merge/Split and Protect PDF
  3. MalDoc in PDF Attack: Hackers Hiding Malicious Word Files within PDFs

[ad_2]
Source link

Google Wallet is finally getting its own notifications

0
[ad_1]

On the spectrum of news stories, this one isn’t exactly hard-hitting. However, it’s the latest change in a spree of updates to Google Wallet. According to a new report, the Google Wallet app is now getting its own notifications.

Google Wallet has its own app, but it’s not entirely a free agent. While having its own app, Google Wallet doesn’t have its own notifications. They actually come from Google Play Services. When you make a purchase using Wallet, you’ll get a notification with a brief summary of the transaction. Well, Google thinks that it’s time for Google Wallet to strike out on its own.

Google Wallet is getting its own notifications

We’re not 100% sure why the company is untethering Wallet from Play Services. What we do know is that Google is working on a new update for the Wallet app. For all we know, Google could be working on a larger overarching change for Wallet. We’ll have to wait for more information about this to know for sure.

In any case, when you get your notification from Google Wallet, it will have the Google Wallet icon next to it. So, if you want to disable those notifications, then you’ll need to go through the app’s notifications and not through Google Play Services.

More updates are coming to Google Wallet

When you open Google Wallet, you should be familiar with how the app uses space. There’s a ton of empty space in the app that goes unused. The cards are on a large horizontally scrolling carousel with a huge NFC icon above them. On the top right of the interface, you’ll see your profile picture that takes you to the settings. At the bottom of the screen, you’ll see additional cards.

However, Google is planning on pushing a redesign that will help the UI utilize the space more efficiently. For starters, the NFC logo will go away, and your cards will fill that space. Right under your cards, you’ll see your other passes like gift cards, rewards cards, etc.

All in all, the cards and passes will better fill out the interface. We’re not sure when Google is going to push this update to more devices, but it shouldn’t take too much time.


[ad_2]
Source link

Do young people trust AI with their data? The answer is No

0
[ad_1]

No major technology emerges without its major controversies, and generative AI is no exception. As innovative and potentially helpful as it is, many people have their concerns about the technology. Aside from it killing off jobs and bringing The Terminator movies into reality, people worry about their data. Thanks to a new survey, it turns out that many young people worry about companies using their data to train AI.

This is something that would come off as surprising. There’s a general consensus that those in Gen Z are indifferent to major topics; They only care about the TikToks! However, the results from the survey shine a light on the fact that just about everyone is aware of the potential effects of AI (both the good and bad.)

A survey shows that young people have concerns about AI

This survey was performed by Cisco (via Techradar), and it sampled 2600 people between the ages of 18 and 24. Digging into it, about 62% of the people surveyed revealed that they’re concerned about companies using their data to train their AI. They worry that the companies that they’ve trusted over the years could be secretly scraping their data.

About 42% of the people surveyed are more likely to exercise DSAR (data subject access rights). This grants people the right to access a copy of their data. The number of people willing to do that is actually on the rise compared to last year, according to the report. Also, it’s much more than the 6% of individuals 75 years+ who would exercise the right.

Distrust

The results from the survey show that people are growing to distrust the companies they’ve supported over the years. About 60% of the people said that they’ve already lost trust in their favorite companies. This should come as no surprise. Tons of people like artists, writers, composers, and other creators have been betrayed by their favorite companies by having their data scraped for the use of AI.

For example, Deviant Art, a platform that’s supported millions of artists throughout the years, brought its own AI image generator. That’s like Spotify using its artists’ data to train a music generator.

This trend is only going to continue, as AI becomes more prevalent. More chatbots, image generators, and music generators are going to pop up as time goes on. We’re already seeing existing companies hop onto the AI train.

However, not everyone is down on AI

Among the survey results, about 48% of the people said that they believe AI could be helpful. This also should come as no surprise, as there are some areas where AI could be legitimately helpful. 54% of them actually said that they’d give up some anonymous data in order to use better AI products.

We’re only one year into the new AI world, and we’re all still learning about the effects that AI will have on people. This survey shows that people are thinking more about the technology and how it affects their data. A significant number of people are concerned about their data. However, an also significant number are willing to give up their data for AI.


[ad_2]
Source link

Chinese Scammers Use Fake Loan Apps for Money Laundering

0
[ad_1]

Beware of fake banking and loan apps that offer instant loans but, in reality, collect your Personal Identifying Information (PII) and financial data, while also requesting excessive permissions to access data on your phone.

The cybersecurity researchers at CloudSEK have found a new scam campaign in which Chinese scammers are targeting the Indian digital payment system using illegal instant loan apps. The scammers have lured thousands of victims, making false promises of substantial loans on easy instalments and after obtaining personal details and fees, they vanish. 

The researchers have identified that the reason why law enforcement agencies have been unable to trace their malicious activities is that scammers are using Chinese payment gateways and Indian money mules.

The campaign was discovered between 22nd July and 18th September 2023. The researchers claimed that there have been around 30,000 Adhaar cards and bank accounts have been breached, 40,000 devices compromised, and thousands of users have been tricked.

CloudSEK initiated an investigation on 8 September 2023 after identifying a malicious app advertised by cybercriminals. This app impersonated a well-known bank headquartered in Tamil Naidu, India recording a revenue of $23million. The fake domain name of the C2 server followed this pattern: .online.

Chinese Scammers Use Fake Loan Apps for Money Laundering
Screenshot: CloudSEK

Further probing, according to CloudSEK’s report, revealed a sophisticated scam operation orchestrated by Chinese scammers. So far, scammers have collected more than INR 37 lakhs (equivalent to $46,000) via 55 malicious Android applications. The lure involved offering a loan of 641 crore INR. CloudSEK claims to have identified over 15 obscure payment gateways operated by Chinese scammers.

Their modus operandi relies on false promises in which scammers create fake loan apps and promote them for offering huge loans and flexible repayment packages. Victims are lured into giving away sensitive personal data, including name, phone number, bank account details, and address.

The malicious apps demand excessive permissions, prompting users to grant access to contacts, photos, and other sensitive information. The scammers vanish after extracting their desired information and receiving loan processing fees from the victims, typically 5% of the promised loan amount.

The entire campaign was difficult to track due to its transnational reach. However, it is worth noting that the scam is not confined to India; in fact, scammers are operating a vast network that spans multiple countries, including the following:

  • Brazil
  • Turkey
  • Mexico
  • Vietnam
  • Malaysia
  • Colombia
  • Indonesia
  • Philippines
  • South Africa

Moreover, scammers exploit regulatory gaps such as the UPI service providers (Unified Payments Interface) in India do not come under the PMLA (Prevention of Money Laundering Act) purview, which is a significant loophole that scammers are actively exploiting.

A notable trend we’ve observed is scammers exploiting Chinese payment gateways due to their relative ease of use and limited regulatory scrutiny. These gateways offer a convenient bridge to funnel funds outside India, leveraging sophisticated techniques that blur jurisdictional lines, making it challenging to track and intercept the money trail, said Sparsh Kulshrestha, Senior Security Analyst at CloudSEK.

This enables scammers to sidestep the legal and financial roadblocks, making it imperative for authorities to enhance cooperation and adopt advanced measures to counter this sophisticated threat,” added Kulshrestha.

The scammers have a robust money mule network where intermediaries receive funds from scammers and transfer them to other accounts for a commission ranging from 1% to 2% of the total transaction amount. Indian bank customers are the primary targets of this campaign. to entice potential money mules, scammers use several different tactics like face-to-face meetings and sponsored travel.

Chinese Scammers Use Fake Loan Apps for Money Laundering
How it is done Screenshot: CloudSEK

An analysis of the fraudulent payment gateways revealed that money is transferred either through online (UPI) or offline (debit card) methods and distributed between multiple recipients. However, fraudsters maintain a presence within India to collect SIM cards and bank accounts for money laundering.

Mitigation efforts involve collaboration between banks and NPCI for enhancing security measures such as the verification of new mobile numbers added to bank accounts. In addition, organizations and regulatory bodies must remain informed about evolving scam tactics and devise reliable fraud detection and prevention measures.

Additionally, it is essential to strengthen UPI security, and service providers must consider additional security measures to protect users. Finally, common sense is your most effective defence against such scams, as the saying goes, “There’s no such thing as a free lunch.” Therefore, don’t anticipate receiving free loans without any consequences.

  1. Hacker Leaks 73M Records from Indian HDFC Bank Subsidiary
  2. Indian Ticketing Platform RailYatri Hacked – 31 Million Impacted
  3. Chinese Spyware on Google Play Store Apps had 2M Downloads
  4. China’s insidious surveillance against Uyghurs with Android malware
  5. Covid antigen test results of 1.7m Indian, foreign nationals leaked online

[ad_2]
Source link

IT administrators’ passwords are awful too

0
[ad_1]

Are IT administrators any better at coming up with decent passwords? Research says they aren’t.

The key is under the doormat by the front door.

The administrator password is “admin”.

These are easy to remember clues when you are providing entrance to someone you trust. The problem is that they are also enormously easy to guess. It’s where we would expect an unwanted visitor to check first, before breaking out the toolbox.

Random end users could be forgiven for relying on such obviously insecure habits, but what about professionals who job it is to keep things safe and secure? Research has revealed that IT administrators are just as likely to do the tech equivalent of putting the key under the mat as end users, with both groups using similarly predictable passwords.

The top 10 passwords assembled by the researchers looks like this:

    1. Admin
    2. 123456
    3. 12345678
    4. 1234
    5. Password
    6. 123
    7. 12345
    8. admin123
    9. 123456789
    10. adminisp

The first 10 entries in a password dictionary we found online:

    1. 123456
    2. Password
    3. 12345678
    4. Qwerty
    5. 12345
    6. 123456789
    7. Letmein
    8. 1234567
    9. Football
    10. iloveyou

Part of the popularity of passwords like admin, password, and 12345 might lie in the fact that they are often used as defaults. You know, the ones used during an initial setup that are supposed to be changed. Default passwords, even if they are more complex, have the huge disadvantage that they can be found by simply looking up the product documentation in a search engine.

For that reason, using default passwords is considered a serious security risk. There are three different types of password attack that will discover passwords like admin or 12345 almost immediately:

  • Password spraying uses short lists of the most well known passwords on as many computers as possible.
  • Credential stuffing looks for reused passwords by trying usernames and passwords from breached websites.
  • Dictionary attacks look for passwords by trying password dictionaries of common words.

Do you see the resemblance? Added with a little knowledge about the required length of the password, the attacker is going to have a field day. They wouldn’t even need a program to try these options. This can easily enough be done manually.

There is one glimmer of hope remaining after we read this. We hope that IT administrators know that passwords alone are not secure enough for important assets and will have added an extra layer of security in the form of multi-factor authentication (MFA).

As I wrote before, and will probably repeat in the future, multi-factor authentication is so much more secure, and with that a lot more forgiving, than passwords alone. I would not recommend it, but writing down your password on a Post-It and pasting it on your monitor won’t do an attacker any good if you have set up your MFA properly. Also not recommended, but you could even re-use your weak password on every site, as long as all those accounts were protected with the most effective form of MFA.

So, dear IT administrators, we can only hope that MFA is your defense strategy. But you should realize that by making your passwords so easy to guess, it doesn’t really deserve to be categorized as “multi” factor authentication, because you are giving the first factor away.

Your access rights are something that any cybercriminal would love to take over. Think of what they might be able to do, by being able to log in as you, so don’t give them that chance. Don’t be the weak link. While end users sometimes complain about the hassle of using a password manager, they shouldn’t really be a problem for you. Be a shining example.


Malwarebytes EDR and MDR removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.

TRY NOW


[ad_2]
Source link

YouTube could use AI to make you sound like your favorite music artist

0
[ad_1]

Sure, you idolize the music artists who fill streaming services, but wouldn’t you want to sound like them? Well, this is something that YouTube wants to help you do with an AI tool it’s working on. However, the company is facing some hurdles with it.

We’re all familiar with AI voice cloning. Artificial intelligence has the ability to emulate a person’s voice. It’s another technology that we first saw in the sci-fi movies. Now, it’s a reality, and we’ve seen some major effects thus far. We all remember the fake song by Drake and The Weeknd. Also, CD Projekt Red used AI to clone the voice of one of its deceased voice actors.

YouTube is working on an AI tool to make you sound like your favorite artists

At the moment, we have no idea if this tool will actually see the light of day. Sources close to the matter told Bloomberg (via Phone Arena) that the company has been reaching out to different record labels to discuss the tool. The sources have chosen to remain anonymous.

So, the company is asking record labels if they’d be happy with YouTube using its artists’ voices to train its AI models. That sounds like a steep ask, and as of yet, none of the labels gave YouTube the thumbs-up.

This is a controversial move

AI is nothing if not controversial. At this point, we’re starting to see the effects of AI on the tech, music, and art industries among others. Not everyone is too happy with the course of AI, and that’s for good reason.

With this YouTube AI tool, it’s obvious why this is an iffy move. YouTube is contacting the record labels and music companies for this tool. However, we have to think about how the individual artists feel about this. If you’ve built a career on your voice, you wouldn’t want to give that up for everyone to use. However, it seems that, if a music company accepts YouTube’s offer, the artists won’t have a say in the matter.

In any case, we should hear more about this feature as time goes on. For all we know, this tool could never happen.


[ad_2]
Source link