Only a few months after they officially became available, a security researcher and his friends have managed to pwn California’s new digital license plates.Yes, for the past several years, Cali has been on a weird mission to digitize its car tags. Advocates claims that this modernization effort will offer a host of benefits to drivers, including “visual personalization” and easy in-app registration renewal, but security experts have long warned that if you hook your plates up to the web, somebody will inevitably try to mess with them.

The National Archives and Records Administration has widened its digital records retention guidance for federal government agencies to include other forms of electronic messaging such as text messages.In a bulletin issued Jan. 5, the federal agency set out new rules requiring the preservation of all communication about government business on electronic messaging systems.

Electronic messaging systems are defined as systems that “allow users to send communications in real-time or for later viewing,” and explicitly include texts, chats and instant messages.

“This bulletin recognizes that the use of additional types of electronic messaging often now replaces conversations previously occurring over email,” NARA said in the fresh guidance.

…

Artificial intelligence is all the rage these days. We see various forms of AI used in our lives every day. Real world data is used to train the AI algorithms to improve accuracy. Where does the training data come from? The short answer is you. Adobe found itself in the headlines when it was revealed that Adobe uses user content stored in Creative Cloud services to train AI algorithms by default. The Register reported that users will need to opt out of the service if they don’t want their data to be AI training fodder. Adobe confirmed, “When we analyze your content for product improvement and development purposes, we first aggregate your content with other content and then use the aggregated content to train our algorithms and thus improve our products and services.” Apparently, the policy has been in place for some time, but the action isn’t sitting well with some users, especially artists. To opt out, login to your Adobe account and get to the setting for Privacy and personal data. Turn off the Allow my content to be analyzed by Adobe for product improvement and development purposes setting.

Tainted VPN installers are being used to deliver a piece of surveillanceware dubbed EyeSpy as part of a malware campaign that started in May 2022.It uses “components of SecondEye – a legitimate monitoring application – to spy on users of 20Speed VPN, an Iranian-based VPN service, via trojanized installers,” Bitdefender said in an analysis.

A majority of the infections are said to originate in Iran, with smaller detections in Germany and the U.S., the Romanian cybersecurity firm added.

SecondEye, according to snapshots captured via the Internet Archive, claims to be a commercial monitoring software that can work as a “parental control system or as an online watchdog.” As of November 2021, it’s offered for sale anywhere between $99 to $200.