Motherboard: ‘Chronicle Is Dead and Google Killed It’

Motherboard: ‘Chronicle Is Dead and Google Killed It’. “Employees have left because of a combination of Chronicle losing its original vision, a distant CEO, a lack of clarity about Chronicle’s future, and disappointment that the startup has been swallowed into Google, according to interviews with five current and former employees who were present across different stages of Chronicle’s growth. Motherboard granted them anonymity to speak candidly about internal company events.”

CNET: Google workers sidestepping controversial Chrome tool spark security concerns

CNET: Google workers sidestepping controversial Chrome tool spark security concerns. “Google is facing a backlash over an internal tool on the company’s Chrome browser that some employees worry is intended to spy on workers organizing protests and discussing workplace issues. To get around using the tool, some workers have turned to third-party browsers. That’s prompted at least one security engineer at Google to voice concern over the possible vulnerabilities that using outside software could bring.”

BetaNews: New open source tool helps prevent brute force and ransomware attacks

BetaNews: New open source tool helps prevent brute force and ransomware attacks. “Ransomware attacks are a major problem and they often gain access to systems via brute-force attacks against open and exposed remote access points such as Remote Desktop Protocol. Cloud-native virtual application delivery platform Cameyo is launching its new RDP Port Shield security technology, along with a free, open source monitoring tool that any organization can use to identify attacks taking place over RDP in their environment.”

Ars Technica: Hackers are actively trying to steal passwords from two widely used VPNs

Ars Technica: Hackers are actively trying to steal passwords from two widely used VPNs. “Hackers are actively unleashing attacks that attempt to steal encryption keys, passwords, and other sensitive data from servers that have failed to apply critical fixes for two widely used virtual private network (VPN) products, researchers said.”

Microsoft: Russian state hackers are using IoT devices to breach enterprise networks (ZDNet)

ZDNet: Microsoft: Russian state hackers are using IoT devices to breach enterprise networks. “One of Russia’s elite state-sponsored hacking groups is going after IoT devices as a way to breach corporate networks, from where they pivot to other more high-value targets. Attacks have been observed in the wild said the Microsoft Threat Intelligence Center, one of the OS maker’s cyber-security divisions.”

Bleeping Computer: Misconfigured JIRA Servers Leak Info on Users and Projects

Bleeping Computer: Misconfigured JIRA Servers Leak Info on Users and Projects. “Jira is a popular solution for project management, developed by Atlassian for agile teams. It is used by Fortune 500 companies for easy tracking the progress of various tasks and issues. Organizations like Google, Yahoo, NASA, Lenovo, 1Password, Zendesk, as well as governing bodies across the world left unprotected private details that could have jeopardized their developments.”

The Cutting Edge of AI Cyber Attacks: Deepfake Audio Used to Impersonate Senior Executives (CPO Magazine)

CPO Magazine: The Cutting Edge of AI Cyber Attacks: Deepfake Audio Used to Impersonate Senior Executives. “There is a great deal of public concern about deepfakes, most of it centered on the ramifications of being able to quickly and easily face-swap videos. That concern is certainly well-founded, but it may be obscuring an even more immediate threat – deepfake audio. Voice-swapping has already been put to use in at least a handful of artificial intelligence (AI) cyber attacks on businesses, enabling attackers to gain access to corporate networks and convince employees to authorize a money transfer.”