Google’s Chatbot Bard Now Available in Europe with Privacy Hub Google released its chatbot Bard to the European public yesterday, after previously being blocked by the Irish Data Protection Commission (DPC). The tech giant has made a number of changes to the chatbot, including more transparency and changes to user controls. “We will continue our partnership with Google regarding Bard after launch and Google has agreed to conduct an assessment and provide a report to the DPC once Bard has been up and running in the EU for three months,” said Graham Doyle, Responsible Media and communication a ..read more

Microsoft Office Products to Replace Calibri with Aptos Font Microsoft Office products are set to move away from Calibri as the default font. The Aptos font, formerly known as Bierstadt, will become the default choice for all users within the next few months. Calibri has been the standard option in Word, Excel, PowerPoint and all other Office products since 2007, when it replaced Times New Roman, the last serif font. Serif fonts have guides above and below the letters, which makes the text easier to read. However, sans-serif fonts are more aesthetically pleasing to most people, which is why ..read more

Leaked BlackLotus Bootkit Source Code Discovered on GitHub The source code for the BlackLotus UEFI bootkit, which was previously sold on the dark web for $5,000, has been discovered by Binarly analysts on GitHub. The researchers say the leaked sources are not entirely complete and contain mostly a rootkit and a bootkit to bypass Secure Boot. BlackLotus was first spotted in October 2022. Its seller claimed that the bootkit had a built-in Secure Boot bypass, built-in Ring0/Kernel deletion protection, and also ran in recovery mode and safe mode. It was reported that the malware is equipped with ..read more

XDSpy Cyberspy Group Launches Phishing Campaign Targeting Russian Organizations This week, FACCT specialists discovered a phishing campaign conducted by the XDSpy cyberspy group. The attack targeted Russian organizations, including one of the well-known research institutes. The text of the letter, signed by the Ministry of Emergency Situations, asked recipients to look at a list of company employees who “may sympathize with groups that destabilize the internal situation in Russia.” The senders of the letter threatened that in the absence of a response, legal action would be taken against the ..read more

AIOS Plugin Security Breach: Developers Release Patch and New Version Bug Found in Version 5.1.9 The developers of the All-In-One Security (AIOS) plugin, installed on more than a million sites, have released a patch after users recently discovered that the plugin remembers passwords in plain text format and stores them in a database accessible to site administrators. AIOS is a security plugin designed to prevent cyber attacks, including brute force attempts. It warns about using the default administrator username for logging in, prevents bot attacks, captures user activity, and fights spam i ..read more

AVrecon Linux Malware Infects Over 70,000 SOHO Routers Since May 2021, the AVrecon Linux malware has infected more than 70,000 SOHO routers and made most of them part of a botnet that specializes in creating hidden residential proxies, according to Lumen Black Lotus Labs. What Are Residential Proxies? Residential proxies allow botnet operators to mask a wide range of malicious activities, from digital advertising fraud to password spraying attacks. AVrecon Botnet Remained Undetected for Two Years Despite the fact that the AVrecon Remote Access Trojan (RAT) compromised more than 70,000 device ..read more

Twitter Launches Revenue Model for Creators Twitter has announced a new revenue model for creators on the platform, allowing them to share in the ad revenue generated by displaying ads between replies to their posts. The model is only available to creators who have paid for the blue badge and have more than 5 million views on their posts in the past three months. Eligibility Criteria The amount that the creator eventually gets paid depends on the number of views. However, there are certain conditions attached to the payment. Content about criminal activity, gambling, alcohol consumption, sex ..read more

AIOS WordPress Security Plugin Collects Passwords and Stores Them as Plain Text WordPress security plugin All-In-One Security (AIOS) has been found to do the exact opposite of what it was designed to do. A bug in the version 5.1.9 update caused users’ passwords to be stored as plain text in a database, leaving them vulnerable to misuse by website administrators. AIOS is installed on over 1 million websites and provides security for WordPress websites. After the update in May this year, it was discovered that the tool was collecting passwords and storing them as plain text in a database. This ..read more

Google Play to Make it Harder to Upload Malicious Apps Google Play will make it more difficult to upload malicious apps to its app store from August 31. Developers will be required to provide a Data Universal Numbering System (DUNS) registration number for identification. The DUNS number is a nine-digit registration number developed by the data and business analytics company Dun & Bradstreet. Companies must go through a lengthy administrative process to obtain the business identification number. Google hopes that by identifying themselves with this new registration number when uploading ..read more

Microsoft Releases New Features for Windows’ Rust Kernel in Latest Insider Build Microsoft has been working on initiatives around the Rust programming language for a while now. At the end of April, it was revealed that the tech giant was working on a major project to rewrite Windows in this more efficient code. Now, the company has released more features for Windows’ Rust kernel in the latest Insider build. Insider Build 25905 Insider Build 25905 was released on Wednesday and comes with a Rust-based GDI Regions implementation. This means that the win32kbase_rs.sys driver in System32 is now e ..read more