Netflix is cracking down on users who share passwords to access their streaming service. With its new policy, the company is emailing users who appear to be sharing accounts with people outside of their home. Netflix allows extra users to be added in the US under its Standard ($7.99/month) and Premium ($7.99/month for 2 extra users) plans. A Transfer Profile tool has been made available to set up personal accounts in the case of account sharing.
This week, intelligence and security organizations reported that critical infrastructure networks in some US states were attacked Chinese-government-backed hacking group. NSA recognized Turla as “adversary number one” and found proof of its cyber espionage activities. On the other hand, researchers have discovered manipulations known as indirect prompt-injection attacks that can facilitate scams and data theft in generative AI systems.
The famous password hashing function bcrypt was celebrated on its 25th anniversary, with the co-creators expressing their disappointment that the state of password security had not progressed more over the quarter-century. Google’s recent top-level domains like “.zip” and “.mov” have stirred controversy due to its possible overlap with file extensions and potential for phishing.
Recently, it has been revealed that Chinese labs are selling fentanyl precursor ingredients online, with 90 percent of the firms accepting cryptocurrency payments. Similarly, an internal security review of the hacked cryptocurrency exchange Bitfinex showed how attackers exploited weaknesses to steal millions of dollars worth of bitcoin.
However, researchers from software supply chain company Chainguard made a new approach to secure an overlooked piece of cloud infrastructure known as “container registries.” This provides a glimmer of hope in this week’s security stories.
