AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 03/04/2021

An AI Was Taught to Play the World’s Hardest Video Game and Still Couldn’t Set a New Record

What’s the hardest video game you’ve ever played? If it wasn’t QWOP then let me tell you right know that you don’t know how truly difficult a game can be. The deceptively simple running game is so challenging to master that even an AI trained using machine learning still only mustered a top 10 score instead of shattering the record. Wesley Liao was curious how well a tool like AI, which has been trained to do things like realistically animate old photos of deceased loved ones, would do playing QWOP. After first creating a Javascript adapter that would allow an AI tool to actually play and interact with the game, Liao’s first attempt at machine learning simply had the AI playing the game by itself and learning which actions resulted in positive outcomes (the sprinter moving forward and increasing its velocity) and which ones resulted in negative results (the sprinter’s torso bending too close to the ground.) Through this approach the AI learned a “knee-scraping” technique that would successfully get it across the 100-meter finish line, but not at record-setting speeds.

 

Tether faces 500 Bitcoin ransom: We are ‘not paying’

Tether has revealed a ransomware demand in which threat actors are allegedly demanding 500 Bitcoin ($24 million).  Over the weekend, the blockchain and cryptocurrency organization said on Twitter that a demand for payment had been made, on pain of documents being leaked online that would “harm the Bitcoin ecosystem.” The wallet address associated with the demand, at the time of writing, has $72 in BTC stored. Tether said that the payment deadline is March 1, but added, “We are not paying.” “It is unclear whether this is a basic extortion scheme like those directed at other crypto companies or people looking to undermine Tether and the crypto community as a whole,” Tether says. “Either way, those seeking to harm Tether are getting increasingly desperate.”

 

Perl.com theft blamed on social engineering attack

The short-lived theft of Perl.com in late January is believed to have been the result of a social engineering attack that convinced registrar Network Solutions to alter the domain’s records without valid authorization. In a blog post published on Sunday, Perl.com website editor Brian D. Foy said as much, noting that while Network Solutions has not confirmed this theory, he spoke with other domain owners who reported a similar scheme. Perl.com is a website focused on articles about the Perl programming language, overseen by managing editor David Farrell. The Perl Foundation (perl.org) is said to be involved in the .com site though Foy insists that’s not the case. The foundation’s post on the subject and Foy’s reply in the comments section suggests an arm’s length relationship between the two groups.

 

Twitter will ban you for spreading COVID-19 vaccine misinformation

As vaccines are rolling out across the world, Twitter wants to curb misinformation related to it by introducing a new strike system. The company said repeated offenders — accounts with five strikes against them — will get banned permanently. Last December, Twitter said that it’ll start removing tweets with harmful misinformation related to the coronavirus vaccines; the company said today it has deleted 8,400 such posts to date. Starting today, the social network will begin to label tweets with vaccine misinformation. They’ll also point to curated content related to COVID-19 vaccines in the local context. Initially, human moderators will do this work, and the data will be used to train the company’s machine learning algorithms. Eventually, Twitter wants to use a combination of human and automated moderators.

 

Cybersecurity firm Qualys likely latest victim of Accellion hacks

Cybersecurity firm Qualys is likely the latest victim to have suffered a data breach after a zero-day vulnerability in their Accellion FTA server was exploited to steal hosted files. In December, a wave of attacks targeted the Accellion FTA file-sharing application using a zero-day vulnerability that allowed attackers to steal files stored on the server. Clop ransomware has been extorting these victims by posting the stolen data on their ransomware data leak site. As Accellion FTA devices are standalone servers designed to be outside the security perimeter of a network and accessible to the public, there have been no reported attacks on these devices leading to internal systems compromise. Before today, the known victims extorted by Clop include Transport for NSW, Singtel, Bombadier, geo-data specialist Fugro, law firm Jones Day, science and technology company Danaher, and technical services company ABS Group.

 

Scammers Posing as Border Patrol Agents Are Attempting to Swindle Banking Info

Fraudsters impersonating U.S. Border Patrol agents and other federal officials are trying to steal unsuspecting targets’ private financial information through a relatively new telephone-based scam, U.S. Customs and Border Protection warned this week. The alert came after the Homeland Security Department subcomponent received numerous reports from concerned individuals who encountered the unsolicited, scammy calls.  On the other end of those calls is a pre-recorded message that, according to CBP, would specifically say “a box of drugs and money being shipped has your (resident’s) name on it and it has been intercepted.” Potential victims of the scam are then prompted to press #1 to speak with a CBP officer and subsequently told to enter their banking information.

Related Posts