More stories

  • in

    Deepseek’s AI model proves easy to jailbreak – and worse

    goc/Getty Images Amidst equal parts elation and controversy over what its performance means for AI, Chinese startup DeepSeek continues to raise security concerns.  On Thursday, Unit 42, a cybersecurity research team at Palo Alto Networks, published results on three jailbreaking methods it employed against several distilled versions of DeepSeek’s V3 and R1 models. According to […] More

  • in

    OpenAI tailored ChatGPT Gov for government use – here’s what that means

    Getty Images/lengo ChatGPT excels as a workplace assistant: The AI chatbot makes robust documents searchable, automates complex tasks, assists with writing and coding, and more. As a result, the US government should, in theory, be one of generative AI’s biggest beneficiaries  — and OpenAI thinks so, too.  ChatGPT Gov On Tuesday, OpenAI unveiled ChatGPT Gov, […] More

  • in

    This new Android feature protects your phone, even if someone has your PIN

    ZDNETIn the name of beefing up Android security, Google has added a new feature called Identity Check that automatically locks sensitive settings behind biometric authentication. How Identity Check worksThe feature works when you carry your phone beyond trusted locations. Once Identity Check kicks in, you’ll need to use biometric authentication to access saved passwords and passkeys, autofill passwords in apps, change screen lock and biometrics, factory reset your device, turn off Find My Device and other anti-theft features, set up a new device, add or remove a Google account, and access developer options.Also: How to clear your Android phone’s cache and make it feel like new for 2025The goal of Identity Check is to prevent bad actors from taking control of your Google Account and accessing features that could then enable them to steal data or otherwise compromise the security of your device.How to enable Identity Check More

  • in

    Microsoft Edge offers new tool to combat scareware – here’s how it works

    ZDNETHave you ever encountered a web page that claimed your PC had a virus and asked you to download antivirus software? That type of scam is known as scareware, and it’s a threat that Microsoft is working to counter with a new option in its Edge browser.Also: The Microsoft 365 Copilot launch was a total disasterAvailable in preview mode with the latest version of Edge, the new scareware blocker uses machine learning to identify scareware attacks and help you avoid their usual tactics. After the scareware is thwarted, you can report the malicious site to Microsoft. Here’s how it all works. More

  • in

    The top 10 brands exploited in phishing attacks – and how to protect yourself

    ZDNETCybercriminals who specialize in phishing attacks often spoof popular companies and products to trick unsuspecting users. By impersonating a well-known brand, the scammers try to convince their victims that their malicious emails and web pages are legitimate. A new report from cyber intelligence firm Check Point Research highlights the most spoofed brands so you’ll know which emails and pages to scrutinize.Top 10 most-phished brandsAmong the top 10 most-phished brands in the fourth quarter of 2024, Microsoft remained in the top spot, appearing in 32% of all attacks seen by Check Point. Apple and Google took second and third place, respectively, each appearing in 12% of the attacks.LinkedIn was next with 11%, followed by Alibaba with 4%. Rounding out the list were WhatsApp, Amazon, Twitter, and Facebook, each with 2%. In the tenth spot was Adobe, found in 1% of the phishing campaigns.Also: How to protect yourself from phishing attacks in Chrome and FirefoxAs last quarter marked the traditional holiday season, retail brands were also targeted in phishing attacks. Scammers often create fraudulent retail domains with phony sales and fake discounts to try to steal the passwords and sensitive data of innocent visitors.During the fourth quarter, malicious domains like nike-blazers.fr and adidasyeezy.ro mimicked the legitimate sites of Nike and Adidas. Other retail brands recently exploited included Lululemon, Hugo Boss, Guess, and Ralph Lauren.In its report, Check Point focused on two especially deceptive phishing campaigns. In one attack, the phishing site impersonated PayPal’s login page to try to capture the credentials and financial data of users. In another, a phony website imitated Facebook’s login page to trick people into sharing their account details. Though both sites are now flagged as deceptive, the phishing threat remains in full force. More