Delta Air Lines has enlisted attorney David Boies to seek damages from CrowdStrike and Microsoft following a significant software outage that led to mass flight cancellations. The incident, stemming from a CrowdStrike software update, resulted in extensive disruptions across multiple industries, with Delta being particularly affected. CrowdStrike's shares plummeted by up to 5% in extended trading as a result, and the Department of Transportation is investigating Delta's failures. The outages caused Delta to incur estimated losses between $350 million to $500 million and generated over 176,000 refund requests. Insurance startup Parametrix estimated the total loss for Fortune 500 companies, excluding Microsoft, at $5.4 billion.

Delta hires David Boies to seek damages from CrowdStrike, Microsoft after outage CNBC

New research reveals that over a million domain names, including those registered by major Fortune 100 firms, are susceptible to being hijacked due to weak authentication methods employed by various web hosting providers and domain registrars. The issue stems from "lame" DNS records, which happen when a domain's authoritative name server lacks sufficient information to resolve queries. This vulnerability allows cybercriminals to assume control of these domains without accessing the legitimate owner’s account, a method previously exploited in high-profile cases to send bomb threats and phishing emails. The research, conducted by Infoblox and Eclypsium, notes that this has been an ongoing issue, with numerous DNS providers still failing to implement adequate domain ownership verification. The hijacked domains, termed "Sitting Ducks," are often used for malicious activities, including phishing and malware distribution. Despite some improvements and ongoing efforts by a few providers, more cooperation among all stakeholders and better regulatory measures are necessary to mitigate these risks.

Don’t Let Your Domain Name Become a “Sitting Duck” KrebsOnSecurity

Meta's new AI Studio allows users to create custom AI-powered chatbots with personalized touches, making it accessible even to those without technical skills. Initially available to Instagram Business accounts in the US, it will soon roll out to all Meta users through Instagram, Messenger, and WhatsApp. The tool enables creators to build chatbots that can interact with followers by answering messages and stories. Customization options include naming the AI, setting its personality, tone, avatar, and tagline. Users can manage auto-replies via Instagram’s professional dashboard, ensuring transparent interactions with followers. Additionally, AI Studio chatbots can be tailored to answer questions or simulate social scenarios.

Meta's new AI Studio helps you create your own custom AI chatbots ZDNet

OpenAI has released its latest AI model, GPT-4o, to power the ChatGPT chatbot, highlighting its advanced capabilities while raising significant privacy concerns. The model's enhanced functions, like interpreting emotions and performing intricate tasks, amplify the amount of data it can collect, including personal information. Despite OpenAI's assurances through their privacy policy that collected data is anonymized and primarily used for improving services, experts worry about potential data misuse and privacy invasions. The company offers some user controls to limit data usage, but the collection scope remains vast, encompassing everything from user prompts to geolocation data. Users can manage their privacy settings to some extent, though doing so may reduce the chatbot's functionality.

Can GPT-4o Be Trusted With Your Private Data? wired