Microsoft’s LinkedIn sued for disclosing customer information to train AI models
Microsoft’s (MSFT.O), opens new tab LinkedIn has been sued by Premium customers who said the business-focused social media platform disclosed their private messages to third parties without permission to train generative artificial intelligence models. According to a proposed class action filed on Tuesday night on behalf of millions of LinkedIn Premium customers, LinkedIn quietly introduced a privacy setting last August that let users enable or disable the sharing of their personal data.
Researchers say new attack could take down the European power grid
Late last month, researchers revealed a finding that’s likely to shock some people and confirm the low expectations of others: Renewable energy facilities throughout Central Europe use unencrypted radio signals to receive commands to feed or ditch power into or from the grid that serves some 450 million people throughout the continent. Fabian Bräunlein and Luca Melette stumbled on their discovery largely by accident while working on what they thought would be a much different sort of hacking project. After observing a radio receiver on the streetlight poles throughout Berlin, they got to wondering: Would it be possible for someone with a central transmitter to control them en masse, and if so, could they create a city-wide light installation along the lines of Project Blinkenlights?
Subaru’s poor security left troves of vehicle data easily accessible
Subaru left open a gaping security flaw that, although patched, lays bare modern vehicles’ myriad privacy issues. Security researchers Sam Curry and Shubham Shah reported their findings (via Wired) about an easily hacked employee web portal. After gaining access, they were able to remotely control a test vehicle and view a year’s worth of location data. They warn that Subaru is far from alone in having lax security around vehicle data. After the security analysts notified Subaru, the company quickly patched the exploit. Fortunately, the researchers say less-than-ethical hackers hadn’t breached it before then. But they say authorized Subaru employees can still access owners’ location history with only a single piece of the following information: the owner’s last name, zip code, email address, phone number or license plate.
North Korean IT Workers Holding Data Hostage for Extortion, FBI Warns
The FBI has warned that North Korean IT worker schemes are stealing data to extort their victims as part of efforts to generate revenue for the Democratic People’s Republic of Korea (DPRK). The US intelligence agency confirmed it has observed North Korean IT workers engaging in this tactic over recent months. This involves exfiltrating stolen proprietary data and code from their former employers. This information is then held “hostage” until the ransom demand is met. In some cases, this sensitive data has been publicly released when the victim organizations have refused to pay the ransom.
Cyber Insights 2025: Social Engineering Gets AI Wings
Cyber Insights 2025 examines expert opinions on the expected evolution of more than a dozen areas of cybersecurity interest over the next 12 months. We spoke to hundreds of individual experts to gain their expert opinions. Here we discuss what to expect in Social Engineering. Social engineering underpins the greater part of criminal cyber activity. We are yet to find a solution, because social engineering is hard-wired into everyone’s psyche. The internet introduced the citizen journalist. Artificial intelligence introduces the citizen social engineer. Anyone can be a social engineer – in fact, everyone is a social engineer. The problem is that regardless of personal skill levels, AI gives the social engineer wings. What has always been bad, will inevitably get worse.
