ID theft is up

Cybercriminals are using valid passwords to break into networks, making this their favourite trick to cause havoc, according to a new report by IBM.

IBM’s 2024 X-Force Threat Intelligence Index, which is based on watching over 150 billion security events a day across more than 130 countries, shows that cybercriminals are finding it a doddle to log in to systems with stolen details rather than cracking them.

IBM Security UK and Ireland Technical Director Martin Borrett said the report’s findings show that identity is increasingly being used against businesses, using valid accounts and nicking passwords.

 “It tells us that the biggest security worry for businesses comes not from new or mysterious threats, but from old and familiar ones.”

The data reveals half of cyberattacks in the UK involved using valid accounts as the first way in, with another 25 per cent of cases using public-facing apps. Across Europe, IBM saw a 66 per cent rise in attacks caused by using valid accounts, making the region the most hit globally in 2023.

The criminal world has changed quickly, with IBM spotting a 266 per cent increase in malware that steals personal and business details, identities, bank accounts and cryptocurrency wallets.

This “easy entry” method is more challenging to spot and significantly costs businesses. According to IBM, significant incidents caused by attackers using valid accounts needed nearly 200 per cent more complicated response measures by security teams than the average incident, as defenders struggle to tell the difference between good and harmful activity.

“Dealing with cybersecurity problems needs a smart approach, focusing on the basics of security measures,” Borrett said.

“Making identity management simpler through a single Identity and Access Management provider and making old apps more secure with modern security rules are key steps in reducing risks.”

Other key UK findings from the report include malware making up 30 per cent of security incidents, with ransomware (30 per cent) and crypto-miners (20 per cent) being the top malware types. The professional, business and consumer services industry was the most targeted at 39 per cent of cases, followed by energy (30 per cent) and finance & insurance (17 per cent).

Globally, 69.6 per cent of attacks IBM responded to targeted vital infrastructure organisations, showing cybercriminals are betting on the high-value need for uptime.

In 84 per cent of these attacks, the damage could have been stopped by patching, multi-factor authentication or least-privilege rules—showing that getting “basic security” may be more complicated than it seems.

IBM suggests businesses reduce the potential damage of incidents, test their environments with skilled attack teams, develop robust incident response plans, and focus on securing the core infrastructure when using AI technologies.

As cybercriminals keep using identities, businesses must take a proactive, intelligent approach to strengthen their defences against this growing global crisis.

Tame Apple Press brays for blood

Two chaps have been busted for a $3 million iPhone swindle with over 5,000 dodgy devices.

According to 9to5Mac, Haotian Sun and Pengfei Xue, 33, were nailed by a US jury for their cunning con, which involved flogging fake iPhones to Apple for real ones.

The crooks were part of a more prominent gang that ripped off Jobs' Mob by sending them counterfeit iPhones for repair and returning brand new ones. Sun and Xue got their phoney phones from Hong Kong and stashed them in UPS mailboxes across Washington, D.C. They then took them to Apple shops and service providers, including the one in Georgetown, and claimed they were broken.

The jury heard they pulled this stunt with over 5,000 phones, costing Apple a fortune. Sun and Xue used fake names to cover their tracks. They were nabbed on December 5, 2019. If the Tame Apple Press gets its way, they could be locked up for 20 years. They will be sentenced on June 21, 2024.

The scam was just like that run by the Liao brothers, who were jailed for 41 months for a similar scam with iPhones and iPads. They got their knock-offs from China, swapped them for the real deal, and sold them overseas for a profit.

Even if the EU was no where near the problem

Apple has found a new excuse for the security holes in its app store – it is blaming the EU.

Recently a fake cryptocurrency app on Apple’s App Store has ripped off users for thousands of pounds. The app, pretending to be the Rabby Wallet crypto service, got the green light from the App Store.

The real Rabby Wallet app, a product of DeBank Global Pte. Ltd., is still stuck in the App Store review queue.

The dodgy app, called “Rabby Wallet & Crypto Solution,” has been conning users, with one person losing about £3,600.

The app has been available for years, despite loads of complaints to Apple.

So, you would think that Apple would admit it messed up, right? After all, it shows how rubbish Apple’s App Store review process is and how useless it is at protecting users from scam apps.

But Apple seems to be using the recent move by the EU to make Apple open its App store to others.

Boss Tim Cook says the company’s efforts to boost security could be harmed by the European Union’s App Store rules.

Apple old-timer Phil Schiller backed up Cook, warning the EU’s “Alternative App Store” plan could risk the security of iPhones and their users.

These comments are being spread by the Tame Apple Press even though the fake app was nicking fanboy’s money long before the EU told Jobs’ Mob to open its App store.

Even Apple Insider admits that Jobs’ Mob has been very slow at getting rid of dodgy software from its App Store. https://appleinsider.com/articles/24/02/19/fake-crypto-app-on-the-app-store-has-stolen-thousands-of-dollars-already

When it comes to writing medical research AI is mendacem facimus ignis anhelat

A top bone doctor has been testing ChatGPT's ability to research and publish medical papers and found that it was a two-bit cheating liar.

Indiana University School of Medicine's Melissa Kacena wanted to see who is better at writing review articles: people or ChatGPT.

For her study in Current Osteoporosis Reports, she split nine students and the AI program into three groups and asked each group to write a review article on a different topic.

For one group, she told the students to write review articles on the topics; for another, she instructed ChatGPT to write articles on the same topics; and for the last group, she gave each of the students their own ChatGPT account and told them to team up with the AI program to write articles.

That let her compare articles written by people, by AI, and by a mix of people and AI. She asked her colleagues and the students to mark the facts in each article and compare the three types of articles on accuracy, readability, and language.

The results were shocking. The articles written by ChatGPT were easy to read and were even better written than the students'. But up to 70 per cent of the references were wrong: they were either mashed up from different studies or made up. The AI versions were also more likely to be plagiarised.

"ChatGPT was pretty convincing with some of the phoney statements it made, to be honest. It used the proper syntax and integrated them with proper statements in a paragraph, so sometimes there were no warning bells. It was only because the faculty members understood the data well, or because the students fact-checked everything, that they were detected."

ChatGPT used better grammar than the students. But it couldn't always read the room: AI tended to employ more flowery language that wasn't always appropriate for scientific journals (unless the students had told ChatGPT to write it from the perspective of a graduate-level science student.)

So the technology is still garbage in, garbage out and is only as good as the information it receives.

While ChatGPT isn't quite ready to author scientific journal articles, she said that with the proper programming and training, it could improve and become a useful tool for researchers.

"Right now, it's not great by itself, but it can be made to work," says Kacena.

For example, if queried, the algorithm was suitable at recommending ways to summarise data in figures and graphical depictions.

"The advice it gave on those was spot on, and exactly what I would have done," she says.

The more feedback the students provided on ChatGPT's work, the better it learned—and that represents its most tremendous promise. In the study, some students found that when they worked with ChatGPT to write the article, the software continued to improve and provide better results if they told it what things it was doing right and what was less helpful.

That means that addressing problems like questionable references and plagiarism could potentially be fixed.

ChatGPT could be programmed, for example, not to merge references to treat each scientific journal article as its separate reference and to limit copying consecutive words to avoid plagiarism.

With more input and some fixes, Kacena believes that AI could help researchers smooth the writing process and gain scientific insights.

"I think ChatGPT is here to stay, and figuring out how to make it better, and how to use it in an ethical and conscientious and scientifically sound manner, is going to be important," Kacena said.

iPhone sushi is not an approved technology solution

Fruity cargo cult Apple has been forced to tell its rather stupid fanboys that sticking their expensive iPhones in a bed of rice will not be good for their health.

Apple users have had a problem: they always need their shiny toy on display to thrust them in the face of those who have bought a cheaper and better phone. This behaviour has resulted in phones being dropped or thrown into water.

However, fanboys claim their devices are so super, cool and perfect that all you need to do is put them into a bag of white rice, and they will be restored to perfect health. One rumour claimed that Steve Job’s coffin was stuffed full of rice so that he could emerge having conquered death.

However, Apple has admitted that turning your iPhone into sushi could “wreck your iPhone” with tiny bits of rice.  Jobs Mob also warned against using other common tricks, such as using a hairdryer or a cotton bud to dry the phone, which doesn’t work either.

Other repair experts have found that the rice trick works slower than leaving your iPhone on a table to dry.

Time is critical in these cases, as the main thing is to stop the water from frying the phone’s guts. Of course, time is not something Apple fanboys have on their side. They have to be out and about showing their phone to others, so serving up in a bed of rice makes sense to those who thought buying the phone in the first place was a good idea.

New network card on Maia AI chip

Software King of the World, Microsoft  is plotting a new network card to boost its Maia AI server chip and cut its ties with chip maker Nvidia.

Microsoft boss Satya Nadella has hired Pradeep Sindhu, who set up networking gear maker Juniper Networks to lead the network card project, the report said quoting a source in the know.

Vole snapped up Sindhu's server chip firm, Fungible, last year.

The new network card is like Nvidia's ConnectX-7 card, which the chip firm flogs with its graphic processor units (GPUs). The kit could take over a year to make and, if it works, could speed up the time it takes for OpenAI to train its models on Microsoft servers and make the process cheaper, according to the report.

Vole  has splashed out billions of pounds on ChatGPT-creator OpenAI and has used its technology in loads of products, giving the Windows-maker an edge in the race to sell artificial-intelligence software.

The company had launched Maia, a chip meant to run big language models and back AI computing, in November.

Meta mystery unfolds

Meta maestro Mark Zuckerberg says he plans to release a wristband humming with neural secrets to revolutionise the digital underworld.

Zuckerberg spilt the beans on the Morning Brew Daily talk show, saying Meta was close to having something here that will have in a product in the next few years.

It involves an entirely different approach to finger tracking: to sense the neural electrical signals passing through your wrist to your fingers from your brain, using electromyography (EMG).

In theory, this could have zero or even negative latency, perfect accuracy, work regardless of lighting conditions, and not be subject to occlusion.

Occlusion-free finger tracking of this quality and reliability could allow precise control of complex interfaces with incredibly subtle movements of your hand resting on your lap, making it an ideal input method for headsets and AR glasses.

In early 2023, an internal Meta AR/VR hardware roadmap leaked to The Verge, revealing details about Quest 3, the existence of the headset now rumoured to be called Quest 3 Lite, and the cancellation of the 2024 candidate for Quest Pro 2 in favour of a more ambitious but “way out” model. But this roadmap also mentioned that Meta planned to release the neural wristband alongside the third-generation Ray-Ban smartglasses in 2025 as the input method.

According to that roadmap, two wristband models will be offered at different price points - one with the neural input tech only and another with a display and camera to act as a smartwatch. A second wristband generation will also be the input device for the true AR glasses Meta plans to launch in 2027.

This plan or the timeline may have changed in the year since, but based on Zuck’s comments, the technology is coming out.

Fixes some minor issues as well

Bethesda has released the new Starfield 1.9.67 update that adds official support for AMD FSR 3.0 and Intel XeSS, as well as some stability improvements to the game.

Bethesda has already added AMD FSR 3.0 support with its previous beta patch, but the latest one pulls the support from beta and also adds support for Intel XeSS. The new update is available on both Steam and the Microsoft Store.

Bethesda's Starfield now supports all upscaling technologies, as the Nvidia DLSS support was added back in November last year.

In addition to AMD FSR 3.0 and Intel XeSS support, the latest patch also fixes some minor graphics issues with clouds while using DLSS, and minor visual artifacts when aiming or task swapping. It also adds stability improvements, fixing various crashes in the game, and fixes an issue with the resolution scale when switching from fullscreen to windowed mode.

You can check out the full release notes over at Bethesda's Starfield support page.

No word on compact Zenfone 11

Asus has confirmed the official announcement date for its upcoming Zenfone 11 Ultra smartphone, which will take place on March 14, simultaneously in Taipei, New York, and Berlin, suggesting a global launch of the phone. Unfortunately, there is still no word on a more compact Zenfone 11 version.

The Twitter post detailing the announcement also briefly details AI integration and previously released teasers detailed some camera features like video stabilization. portrait mode, and more. Thankfully, an earlier leak showed that the Zenfone 11 Ultra is a ROG Phone 8 Pro in disguise, which means it will share a lot of specifications but lack gaming-oriented features like RGB lights and AirTriggers.

This means the Zenfone 11 Ultra will be built around a 6.78-inch AMOLED screen with 2400x1080 resolution and 1-120Hz refresh rate, and be powered by Qualcomm's flagship Snapdragon 8 Gen 3 SoC paired up with 16GB of LPDDR5X RAM and 512GB of UFS 4.0 storage.

It also gets the same rear main camera setup with a 50MP main IMX890 sensor, a 13MP one behind a 120-degree ultrawide lens, and a 32MP sensor behind a telephoto lens with 3x optical zoom and built-in OIS.

It also comes with a hefty 5,500mAh battery with 65W wired and 15W wireless charging and will be available in five color options, Eternal Black, Skyline Blue, Misty Gray, Verdure Green, and Desert Sienna.

More details will be unveiled on March 14, and hopefully, Asus will have some details about its compact Zenfone 11, as these cover a specific part of the market and are quite popular phones among those looking for a flagship performance in a more compact chassis.

In addition to 5G, the latest Bluetooth, C-V2X, and positioning

Qualcomm has announced the newest addition to its Snapdragon Auto Connectivity Platform, the Qualcomm QCA6797AQ, which is the industry’s first Automotive Grade Wi-Fi 7 Access Point solution.

The complete Snapdragon Automotive Connectivity platform adds a complete portfolio of connectivity solutions to vehicles, including Cellular 5G/4G, Wi-Fi, Bluetooth, C-V2X, and precise positioning technologies, and with the new Qualcomm QCA6797AQ, it now gets Wi-Fi 7 capabilities.

The Wi-Fi 7 brings several key features, including High Band Simultaneous (HBS), Multi-link Multi-Radio (MLMR), 320 MHz channel bandwidth, 4K Quadrature Amplitude Modulation (QAM), and Adaptive Puncturing. Thanks to HBS, it brings improved link reliability and lower latency, and by operating simultaneously on 5GHz and 6GHz channels, Wi-Fi 7 continuously selects the best available channel for communicating to each device in the vehicle. Thanks to 320 MHz channel bandwidth and 4K QAM, it comes with increased capacity as well as peak throughputs of up to 5.8Gbps.

Qualcomm has big names on its customer list and, back in September last year, Jaguar Land Rover (JLR) and BMW were added to that list. Qualcomm will be showing off the new Snapdragon Auto Connectivity Platform at the Mobile World Congress 2024 in Barcelona later this month.