There's a Sriracha Shortage. Here Are 10 Excellent Alternatives to Try - CNET

Since Sriracha was in short supply this summer (sad news), grocery shelves have had less of the product stocked. But these excellent spicy sauce substitutes will tide you over.

from CNET https://ift.tt/KhXT0qw

Latest Tech News

Russian cybercriminals have been discovered trying to circumvent the restrictions on  ChatGPT and use the advanced AI-powered chatbot for their nefarious purposes.

Check Point Research (CPR) said they spotted multiple discussions on underground forums where hackers discussed various methods, including using stolen payment cards to pay for upgraded user accounts on OpenAI, bypassing geofencing restrictions, and using a “Russian semi-legal online SMS service” to register ChatGPT.

ChatGPT is a new artificial intelligence (AI) chatbot that made huge headlines due to its versatility and ease of use. Cybersecurity researchers have already seen hackers use the tool to generate believable phishing emails, as well as code for malicious, macro-laden Office files.

Paper roadblocks

However, it’s not that easy to abuse the tool as OpenAI put a number of restrictions. Russian hackers, due to the invasion of Ukraine, have even more roadblocks to overcome.

For Sergey Shykevich, Threat Intelligence Group Manager at Check Point Software Technologies, the roadblocks aren’t good enough:

“It is not extremely difficult to bypass OpenAI’s restricting measures for specific countries to access ChatGPT. Right now, we are seeing Russian hackers already discussing and checking how to get past the geofencing to use ChatGPT for their malicious purposes. 

Read more

> Fake ChatGPT apps are everywhere on Android and iOS app stores

> Hackers are using ChatGPT to write malware

> These are the best firewalls around

We believe these hackers are most likely trying to implement and test ChatGPT into their day-to-day criminal operations. Cybercriminals are growing more and more interested in ChatGPT, because the AI technology behind it can make a hacker more cost-efficient,” Shykevich said.

But hackers are not just looking to use ChatGPT - they’re also trying to cash in on the rising popularity of the tool to spread all kinds of malware and steal money. For example, Apple’s mobile app repository, the App Store, hosted an app pretending to be the chatbot, but with a monthly subscription costing roughly $10. Other apps (some of which were found on Google Play, as well), charged as much as $15 for the “service”.

• These are the best endpoint protection services around

from TechRadar - All the latest technology news https://ift.tt/nWtPrEB

Best AirPods accessories for 2023 - CNET

The Apple AirPods are a super popular iPhone accessory that have spurred a cottage industry of more accessories. Here are some of our top picks.

from CNET https://ift.tt/en24SIy

Latest Tech News

CircleCi has confirmed that a recent security incident it has been investigating was malware-powered grand theft data.

The company revealed the news in a blog post that described what recently happened, what it did to minimize the damage, and how it plans on keeping its users safe in the future.

In the blog, it was said that an employee with high privileges has had their laptop infected with token-stealing malware which gave the attackers keys to the kingdom.

Stealing data for weeks

The malware apparently managed to run on the endpoint despite the device having an antivirus program installed. The attackers used the tool to grab session tokens which kept the employee logged in to some applications. 

When a user logs into an app, even if they did so with a password and a multi-factor authentication (MFA) tool, some apps drop session tokens which allow the users to remain logged into the app for prolonged periods of time. In other words, by stealing session tokens, the attackers effectively bypassed any MFA the company had set up. 

After that, it was only a question of accessing the right production systems in order to compromise sensitive data.

“Because the targeted employee had privileges to generate production access tokens as part of the employee’s regular duties, the unauthorized third party was able to access and exfiltrate data from a subset of databases and stores, including customer environment variables, tokens, and keys,” the blog notes. 

The threat actors lingered around CircleCI’s infrastructure for roughly three weeks - from December 16, 2022, to January 4, 2023.

Read more

> CircleCI tells users to move their secrets following security alert

> GitHub accounts are being stolen by fake CircleCI accounts

> These are the best ID theft protection tools right now

Even the fact that the stolen data was encrypted didn’t help much, as the attackers obtained encryption keys, too. 

“We encourage customers who have yet to take action to do so in order to prevent unauthorized access to third-party systems and stores,” the blog concluded.

CircleCi had asked its customers to rotate any and all secrets stored in its systems. “These may be stored in project environment variables or in contexts”. 

• Check out the best firewalls today

Via: TechCrunch

from TechRadar - All the latest technology news https://ift.tt/PhMZB14

The Biggest Toys From 2022 That You Need In 2023 - CNET

Just because it's a new year doesn't mean that last year's hottest toys are irrelevant.

from CNET https://ift.tt/MoDGsv2

Everything I Learned Taking Only Cold Showers for an Entire Year - CNET

Was it worth it in the end?

from CNET https://ift.tt/u57pAdF

NFL Wild Card Sunday: How to Watch, Stream Giants vs. Vikings Without Cable - CNET

The Giants are heading back to Minnesota to battle the Vikings in the NFC's second Wild Card game.

from CNET https://ift.tt/vZr2n9o

Best Samsung Galaxy S21, S21 Plus and S21 Ultra Cases of 2023 - CNET

Looking for a new Galaxy S21, S21 Plus or S21 Ultra case? You've come to the right place. Here are our top picks.

from CNET https://ift.tt/qey4K9m

Samsung Galaxy S23: Everything You Need to Know - CNET

Samsung's next Unpacked event, where the S23 should be revealed, is set for February.

from CNET https://ift.tt/bv6McoC

Best Budget Laptop 2023: Our Top 6 Picks Starting at $300 - CNET

Find a great laptop for less. Here are the best budget laptops under $600 tested and reviewed by CNET editors.

from CNET https://ift.tt/xuAhmJZ

The Absolute Best Sci-Fi Movies on Prime Video - CNET

Searching for tonight's viewing? Strap on your miner's hat -- we're tunnelling deep into Amazon's back catalogue.

from CNET https://ift.tt/c9Dwfgl

Is the Google Pixel 7 Pro Worth Buying in 2023? - CNET

You may want to wait.

from CNET https://ift.tt/onO0lqk

This Craftsman V20 5-Tool Combo Kit Is Down to Just $149 - CNET

Tackle your next home improvement project with $80 off this multi-tool combo kit.

from CNET https://ift.tt/ZDdMzjk

NFL Playoffs 2023: Schedule, Bracket and How to Watch and Stream With or Without Cable - CNET

The NFL playoffs are upon us.

from CNET https://ift.tt/0jUsmQ7

Everything We Know About the Samsung Galaxy S23 - CNET

The S23 is expected to be announced at Samsung's next Unpacked event.

from CNET https://ift.tt/DQ5KSCn