virtual reality | Breaking Cybersecurity News | The Hacker News

Details have emerged about a now-patched security flaw impacting Apple's Vision Pro mixed reality headset that, if successfully exploited, could allow malicious attackers to infer data entered on the device's virtual keyboard. The attack, dubbed GAZEploit , has been assigned the CVE identifier CVE-2024-40865. "A novel attack that can infer eye-related biometrics from the avatar image to reconstruct text entered via gaze-controlled typing," a group of academics from the University of Florida, CertiK Skyfall Team, and Texas Tech University  said . "The GAZEploit attack leverages the vulnerability inherent in gaze-controlled text entry when users share a virtual avatar." Following responsible disclosure, Apple addressed the issue in visionOS 1.3 released on July 29, 2024. It described the vulnerability as impacting a component called Presence. "Inputs to the virtual keyboard may be inferred from Persona," it said in a security advisory, addin...

2017 is the year of Artificial Intelligence (A.I.), Big Data, Virtual Reality (VR) and Cyber Security with major companies like Google, Facebook, Apple, IBM and Salesforce and technology pioneers like SpaceX founder Elon Musk investing in these hot technologies. Since everyone seems to be talking about the hottest trend — artificial intelligence and machine learning — broadly, 62 percent of large enterprises will be using AI technologies by 2018, says a report from Narrative Science. But why AI is considered to be the next big technology? Because it can enhance and change everything about the way we think, interact, manufacture and deliver. Last year, we saw a significant number of high-profile hacks targeting big organizations, governments, small enterprises, and individuals — What's more worrisome? It's going to get worse, and we need help. No doubt, we, the human, can find vulnerabilities but can not analyze millions of programs with billions of lines of codes at o...

Cybersecurity isn't just another checkbox on your business agenda. It's a fundamental pillar of survival. As organizations increasingly migrate their operations to the cloud, understanding how to protect your digital assets becomes crucial. The shared responsibility model , exemplified through Microsoft 365's approach, offers a framework for comprehending and implementing effective cybersecurity measures.  The Essence of Shared Responsibility  Think of cloud security like a well-maintained building: the property manager handles structural integrity and common areas, while tenants secure their individual units. Similarly, the shared responsibility model creates a clear division of security duties between cloud providers and their users. This partnership approach ensures comprehensive protection through clearly defined roles and responsibilities.  What Your Cloud Provider Handles  Microsoft maintains comprehensive responsibility for securing the foundational eleme...

Pokémon GO has yet not been officially launched in India, but the location-based augmented reality game has already fueled a privacy debate and request for Ban. Isn't that weird? A Gujarat resident, Alay Anil Dave has recently filed a Public Interest Litigation (PIL) in the Gujarat High Court against Niantic, developers of Pokémon Go , over allegations that the game is hurting religious sentiments of Hindus and Jains by showing virtual eggs in places of worship of different religious groups. The launch date of Pokémon GO for India has not been announced so far, but millions of Indians have already downloaded the game from 3rd-party app markets and playing it on the streets. However, there are many still waiting for an official release of the game in India, as they don't want to end up installing malicious versions of Pokémon GO that could install malware on their phones, allowing hackers to compromise their devices. Pokémon GO has become the most successful game lau...