Wednesday Newsbytes: Malware Breaks Google’s OAUTH Security; Microsoft Launches Copilot for Android; 2023: The Year of AI… and more!
Every day we scan the tech world for interesting news in the world of technology and sometimes from outside the world of technology. Every Wednesday, we feature news articles that grabbed our attention over the past week. We hope you find this week’s ‘Wednesday Newsbytes’ informative and interesting!
Malware abuses Google OAuth endpoint to ‘revive’ cookies, hijack accounts
Multiple information-stealing malware families are abusing an undocumented Google OAuth endpoint named “MultiLogin” to restore expired authentication cookies and log into users’ accounts, even if an account’s password was reset.
Session cookies are a special type of browser cookie that contains authentication information, allowing a person to automatically log in to websites and services without entering their credentials.
These types of cookies are meant to have a limited lifespan, so they cannot be used indefinitely by threat actors to log into accounts if they are stolen.
In late November 2023, BleepingComputer reported on two information-stealers, namely Lumma and Rhadamanthys, who claimed they could restore expired Google authentication cookies stolen in attacks.
These cookies would allow the cybercriminals to gain unauthorized access to Google accounts even after the legitimate owners have logged out, reset their passwords…
Read more at Bleeping Computer.
Microsoft quietly launches dedicated Copilot app for Android
The new Copilot app for Android is not entirely a new thing. At first sight, it looks similar to the Bing Chat app, which still lets you access the same chat features. In addition, you can use Copilot within the Microsoft Edge browser for Android, SwiftKey, Skype, and more.
Copilot for Android supports plenty of features (you can also toggle between light and dark themes) that are already available on desktop. You can ask complex questions, generate images using DALL-E 3, draft documents or emails, or just have a casual conversation about anything. In addition, the app lets you turn off or on the recently added GPT-4…
2023: A year of groundbreaking advances in AI and computing
This has been a year of incredible progress in the field of Artificial Intelligence (AI) research and its practical applications.
As ongoing research pushes AI even farther, we look back to our perspective published in January of this year, titled “Why we focus on AI (and to what end),” where we noted:
We are committed to leading and setting the standard in developing and shipping useful and beneficial applications, applying ethical principles grounded in human values, and evolving our approaches as we learn from research, experience, users, and the wider community.
We also believe that getting AI right — which to us involves innovating and delivering widely accessible benefits to people and society, while mitigating its risks — must be a collective effort involving us and others, including researchers, developers, users (individuals, businesses, and other organizations), governments, regulators, and citizens.
We are convinced that the AI-enabled innovations we are focused on developing and delivering boldly and responsibly are useful, compelling, and have the potential to assist and improve lives of people everywhere — this is what compels us.
In this Year-in-Review post we’ll go over some of Google Research’s and Google DeepMind’s efforts putting these paragraphs into practice safely throughout 2023.
Advances in products & technologies
This was the year generative AI captured the world’s attention, creating imagery, music, stories, and engaging conversation about everything imaginable, at a level of creativity and a speed almost implausible a few years ago…
Dell hints at Windows 11’s new AI that automatically changes your settings, fixes bugs
Windows Copilot is limited in its current form, but Microsoft could be working on a new version of AI that could change how you use Windows 11.
In a future release of Windows 11, Microsoft Copilot will be able to detect when your system or an app is having issues and attempt to fix it automatically behind the scenes.
Imagine you’re away from your PC, and some apps are crashing. Instead of asking you to diagnose the problem or send a feedback report, Windows Copilot will try to fix issues independently. For example, if an app is failing to connect to Wi-Fi, AI may try changing network settings or running a troubleshooter to see if it can find a fix on its own.
Similarly, Dell believes the next generation of Windows 11 AI could also attempt to change Settings depending on your location and environment.
For example, if it detects that you are using a public network at the airport, it may turn on the battery saver and improve your Wi-FI security.
A closer look at Dell’s vision of Copilot on Windows
In the above GIF shared by Dell, Copilot can be seen understanding user’s behaviour and environment and automatically applying changes to the system.
In this case, when you, as a user, connect to a public network, possibly at a location like an airport, AI recognizes your location and turns on its contextual awareness.
Due to the public Wi-Fi connection, Windows 11 AI may suggest enhancing security settings for data protection. It may also begin lowering thermal settings and turning on the battery saver. This will likely optimize device performance and battery longevity in a mobile setting…
Passkeys: What They Are and Why You Need Them ASAP
We tell you what passkeys are, how you can get them, and where you can use them to log in securely without exposing your email address or creating a password.
I’m sick of passwords. They’re somehow both easily guessable and hard to remember, and keeping them out of the hands of criminals is tough. To solve that problem, the Fast Identity Online (FIDO) Alliance developed passkeys, a form of passwordless authentication technology. Passkeys eliminate the need to enter your email address or password into login fields all around the web, making it harder for criminals to steal your credentials and get into your accounts.
Passkeys have plenty of benefits; for example, they cannot be guessed or shared. Passkeys are resistant to phishing attempts because they’re unique to the sites they’re created for, so they won’t work on fraudulent lookalike sites. Most importantly, in the age of near-constant data breaches, your passkeys cannot be stolen by hacking into a company’s server or database, making the data extracted in such breaches less valuable to criminals. Best of all, this new technology isn’t just theoretical. We are encouraged to see big tech companies like Amazon adopting passkeys. But what exactly are they? We’re here to explain.
What Is a Passkey?
A passkey is a way to log in to apps and websites without using a username and password combination…
Thanks for reading this week’s Wednesday Newbytes. We hope these articles were informative, interesting, fun, and helpful. Merry Christmas! Darcy & TC
