Wednesday Newsbytes: Billions of Passwords Stolen; Microsoft Considers Going Nuclear to Power AI; Google Patches Serious Chrome Flaw; Gmail Gets Even Tougher on Spam … and more!
Every day we scan the tech world for interesting news in the world of technology and sometimes from outside the world of technology. Every Wednesday, we feature news articles that grabbed our attention over the past week. We hope you find this week’s ‘Wednesday Newsbytes’ informative and interesting!
Billions of passwords and email addresses have been leaked online – so change your logins now
Huge online database of personal info left open
Billions of user records, combinations of usernames and passwords compromised in earlier data breaches, were left unprotected in an online database, available to anyone who knew where to look.
This is according to a new report from Cybernews, citing CEO of SecurityDiscovery, Bob Diachenko. Apparently, a digital risk protection firm called DarkBeam was collecting credentials stolen in both reported and non-reported data breaches, to notify the affected individuals. But the database was easy to find, it seems, with a little help from Elasticsearch and Kibana (a database system and a specialized search engine).
Diachenko found a database containing more than 3.8 billion records. Soon afterward, he contacted DarkBeam who managed to quickly lock the doors and protect the database. There’s no word if any threat actors found the database before the researchers, though.
Identity theft galore
The database contained, among other things, 16 collections named “email 0-9” and “email A-F”, each holding almost 240 million records. It seems to have been well organized, and if any hackers had obtained it, they would have gotten a treasure trove of sensitive data, perfect for phishing, identity theft, wire fraud, and other cybercriminal activity…
Microsoft Needs So Much Power to Train AI That It’s Considering Small Nuclear Reactors
It’s a highly ambitious plan.
Going Nuclear
Training large language models is an incredibly power-intensive process that has an immense carbon footprint. Keeping data centers running requires a ludicrous amount of electricity that could generate substantial amounts of greenhouse emissions — depending, of course, on the energy’s source.
Now, The Verge reports, Microsoft is betting so big on AI that its pushing forward with a plan to power them using nuclear reactors. Yes, you read that right; a recent job listing suggests the company is planning to grow its energy infrastructure with the use of small modular reactors (SMR.)
At least in theory, SMRs are cheaper to build and more flexible than full-scale nuclear power stations. And there’s at least some momentum behind the idea in the US — the US Nuclear Regulatory Commission a greenlit a design by Oregon-based nuclear reactor company NuScale Power just last year.
Small and Modular
But before Microsoft can start relying on nuclear power to train its AIs, it’ll have plenty of other hurdles to overcome.
For one, it’ll have to source a working SMR design. Then, it’ll have to figure out how to get its hands on a highly enriched uranium fuel that these small reactors typically require, as The Verge points out. Finally, it’ll need to figure out a way to store all of that nuclear waste long term…
Google Catches Surveillance Company Exploiting Serious Flaw in Chrome
Google issued a patch today, two days after security researcher Clément Lecigne spotted it—the latest in a string of actively exploited zero-day attacks targeting Chrome this year.
A mysterious surveillance company is exploiting a new flaw in the Chrome browser to attack users, according to a Google security researcher.
Google security researcher Clément Lecigne discovered the threat on Monday, which prompted the company to issue an emergency patch since an exploit for the vulnerability existed “in the wild.” Google security researcher Maddie Stone tweeted that the bug was “in use by a commercial surveillance vendor,” but she did not name the company.
Google rated the threat as a “high” severity bug. The vulnerability, dubbed CVE-2023-5217, involves how the Chrome browser processes the VP8 video compression format. It can trigger a “heap buffer overflow” in a VP8 library, meaning data can be overwritten in the browser’s adjacent memory locations. Such errors can be exploited to execute rogue computer code, like triggering a browser to open a hacker-controlled web page or to download malware.
The fix arrives as the security community has spotted a surge in zero-day exploits from commercial spyware companies. Earlier this month, Google patched a separate flaw in Chrome that appeared to be tied to the notorious surveillance NSO Group, a company that sells spyware to foreign governments…
Gmail to enforce harsher rules in 2024 to keep spam from users’ inboxes
Google today is announcing a series of significant changes to how it handles email from bulk senders in an effort to cut down on spam and other unwanted emails. The company says that starting next year, bulk senders will need to authenticate their emails, offer an easy way to unsubscribe and stay under a reported spam threshold.
The changes will impact any bulk sender, which Google defines as those who send more than 5,000 messages to Gmail addresses in one day. That could include virtually any business with a decently-sized mailing list, from large retailers to big tech companies to even smaller startups and B2C companies or newsletter writers looking to market themselves through email messaging.
Google claims that it already leverages AI technology to stop more than 99.9% of spam, phishing and malware from reaching users’ inboxes, and it blocks 15 billion unwanted emails per day. But as technology improves, so must Google’s defenses for its now 20-year-old email system.
For starters, Gmail will be building on a policy it introduced last year that requires emails sent to Gmail addresses to have some form of authentication to validate that the sender is who they claim to be…
Microsoft Brings DALL-E AI-Powered Features to Paint
Microsoft continues to incorporate AI into its product line, bringing the power of the DALL-E image generator to Paint.
The new feature is called Paint Cocreator and is rolling out to Windows Insiders in the latest build. The company announced the feature in a blog post:
‘With this update, we are excited to introduce Paint Cocreator, a new AI-powered experience powered by DALL-E that helps you create amazing artwork in Paint by describing in a few words what you’d like to create. You can optionally select an art style, and when you click Create, Paint Cocreator will generate three variations of artwork for you to choose from. Select any of them to add to the canvas to start creating!
‘We will be rolling out access slowly at first, so when you get the update, you must first join the waitlist by signing in with your Microsoft account and clicking on the new Cocreator button in the toolbar. You will get an email notification when you are in the preview, and we will give you 50 credits to get started. Each credit lets you generate a new set of images…’
The company says it it committed to responsible AI use and has put safeguards in place…
Astronomers Worry About Bright Object in Night Sky
A new satellite has become one of the brightest objects in the night sky, sparking concerns among scientists for the future of astronomy.
The bright paths of BlueWalker 3 and other new satellites may approach the magnitude of our neighboring planets in the night sky, making it harder for astronomers to observe the universe without streaks of light pollution from such satellites, a new study in the journal Nature has shown.
BlueWalker 3, a prototype communications satellite launched on 10 September, has a 692-square-foot array, a large flat surface capable of reflecting sunlight back to Earth, like a mirror. According to the study, it has a peak brightness of magnitude of 0.4.
“The startling conclusion from our study is that the BlueWalker 3 satellite is one of the brightest things in the sky,” Meredith L. Rawls, co-author of the paper and astronomy research scientist in the Department of Astronomy and DiRAC at the University of Washington, told Newsweek…
Thanks for reading this week’s Wednesday Newbytes. We hope these articles were informative, interesting, fun, and helpful. Darcy & TC
