Jurgita Lapienytė
Painful cybersecurity lesson
Cybercriminals have leveraged USB devices to deliver malware for ages, perhaps unsurprisingly since the urge to plug in an unknown device is stronger than common sense for all too many people.
Now, attackers crafted something even more dangerous – flash drives with military-grade explosives. When an Ecuadorian journalist plugged an unknown USB device into his computer, it immediately exploded, causing minor injuries.
At least two more journalists plugged in similar devices loaded with explosives. Luckily, the drives were not inserted properly, and therefore, there were no more explosions.
Cybernews exclusive investigations
Our own research team relentlessly scours the depths of the internet to warn organizations and consumers alike about looming threats.
This week, we’ve shared our findings about two significant data leaks. If not mitigated in time, they could have led to grave consequences for businesses and their clients.
In one case, a streaming giant with 37 million subscribers, Lionsgate, leaked users’ IP addresses and information about their favorite content.
Another leak by the South Korean beauty content platform, PowderRoom, exposed a million users’ phone numbers and home addresses. Assuming the platform is predominantly used by young females, criminals could have abused the leak for stalking.
At the time of writing, both issues have been fixed, and we’ll have more exclusive research content for you as soon as next Tuesday.
Cl0p’s shiny victim list
Cl0p ransom gang kept its pace this week, adding dozens of victims to its data leak site. Virgin Group, Procter & Gamble, and Hormel Foods are among the names that came up. Naturally, we’ve reached out to many of the victims to hear their side of the story. Some, for example, Procter & Gamble, admitted the breach, others like Munich Re downplayed the attack saying crooks stole "meaningless content".
For now, the gang’s spree remains a story about the gang itself rather than its victims, so we prepared an analysis of this criminal cartel, closely examining its ups and downs, as well as its modus operandi.
ChatGPT woes
ChatGPT going down for users worldwide is troubling enough for those who’ve heavily relied on OpenAI's tool in their work since its debut.
Yet the rash mainstream adoption of generative AI tools might result in far worse consequences for many.
It’s yet another online tool that we feed sensitive information to, meaning a bigger exposure of our personal and business data. OpenAI disclosed a flaw that allowed users to peek into other user conversations. The bug, which has been fixed, is a stellar example that online privacy is something we strive for and not something we already have.
Generative AI is also here to disrupt the labor market. And there are many reports to corroborate the hypothesis, from OpenAI’s estimates that the technology might impact 80% of workers’ positions, to academic studies saying the higher the entry requirements for a job, the easier it will be for AI to do.
The bizarre East
When it comes to technology, the Eastern part of the world has its own thing going on. And I’m not talking about TikTok or mass surveillance of the population in China, for example. This week, a couple of apps drew our attention.
First one, Palm Guixi matchmaking service, was designed by the local Chinese authorities in an attempt to boost falling marriage rates. The country, which limited the population growth with a number of policies, including forced terminations of six-month or even longer pregnancies, is now trying to fix the problem with an app.
Meanwhile, Indian developers are promising parents their dream child. Their app offers a range of activities for the education of the fetus so that parents could have a “happy, healthy, divine, and dynamic child.”
News you don’t want to miss:BreachForums, an illegal marketplace often dubbed as ‘script-kiddie forum’, was taken down by crooks following the arrest of the forum’s administrator Conor Brian Fitzpatrick, aka Pompompurin. While this may be a temporary win for law enforcement, many believe that the forum will come back to life, the same way it rose from the ashes after the suspension of RaidForums.Speaking of resurrection, many anticipate Linus Tech Tips will be restored. The popular YouTube channel with over 15 million subscribers was terminated after it was hijacked and forced to stream crypto-scam content featuring a faked version of Elon Musk. The channel’s creators must be hopeful, too, since they appear to have been joking about the suspension on Twitter.Another big brand that took a blow this week was Ferrari. The company said it was contacted by a threat actor with a ransom demand, which it refused to pay. Last October, RansomEXX claimed the luxury car brand as a victim: while some experts speculate the two incidents are unrelated, we were not able to verify the claims independently.TikTok went to lengths this week to convince the US lawmakers that it didn’t share any data with Beijing. From updating its content guidelines, to starting a PR campaign, and, finally, testifying at the US Congress, its CEO Shou Chew seemingly did everything he could to show he cared about 150 million American users. While the US-China tech war is in full swing, human rights organizations believe banning TikTok, or any other platforms for that matter, wouldn’t do any good
No comments:
Post a Comment