AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 03/09/2023

Meta’s powerful AI language model has leaked online — what happens now? 

Two weeks ago, Meta announced its latest AI language model: LLaMA. Though not accessible to the public like OpenAI’s ChatGPT or Microsoft’s Bing, LLaMA is Meta’s contribution to a surge in AI language tech that promises new ways to interact with our computers as well as new dangers. Meta did not release LLaMA as a public chatbot (though the Facebook owner is building those too) but as an open-source package that anyone in the AI community can request access to. The intention, said the company, is “further democratizing access” to AI to spur research into its problems. Meta benefits if these systems are less buggy, so will happily spend the money to create the model and distribute it for others to troubleshoot with. 


TSA issues emergency cybersecurity orders for airports and aircraft operators 

The Transportation Security Administration handed down new emergency cybersecurity protocols for airports and aircraft operators that require them to have pre-approved implementation plans for increased security measures. The TSA said it was issuing the cybersecurity amendments “because of persistent cybersecurity threats against U.S. critical infrastructure, including the aviation sector” but did not respond to requests for comment about what specific issues prompted the measure. “This amendment to the aviation security programs extends similar performance-based requirements that currently apply to other transportation system critical infrastructure,” said TSA Administrator David Pekoske. 


FBI investigates data breach impacting U.S. House members and staff 

The FBI is investigating a data breach affecting U.S. House of Representatives members and staff after their account and sensitive personal information was stolen from DC Health Link’s servers. DC Health Link is the organization that administers the health care plans of U.S. House members, their staff, and their families. Impacted individuals were notified today of the breach in an email from Catherine L. Szpindor, the U.S. House Chief Administrative Officer, as first reported by DailyCaller. 


Suspected Chinese cyber spies target unpatched SonicWall devices 

Suspected Chinese cyber criminals have zeroed in on unpatched SonicWall gateways and are infecting the devices with credential-stealing malware that persists through firmware upgrades, according to Mandiant. The spyware targets the SonicWall Secure Mobile Access (SMA) 100 Series – a gateway device that provides VPN access to remote users. The networking vendor confirmed the malware campaign in a statement emailed to The Register. 


Iran-linked hackers used fake Atlantic Council-affiliated persona to target human rights researchers 

On the face of it, the Twitter profile of a person calling herself Sara Shokouhi looks like any other earnest Middle East-focused researcher. Her tweets are a litany of retweets of various voices protesting the Iranian government. Her bio claims she’s completed a PhD from Northwestern State University of Louisiana. At the top of her profile, the person calling herself Sara Shokouhi peers into the camera with her hands folded over a stack of books. 


Massive GitHub analysis reveals 10 million secrets hidden in 1 billion commits 

GitGuardian scanned 1.027 billion new GitHub commits in 2022 (+20% compared to 2021) and found 10,000,000 secrets occurrences (+67% compared to 2022). What is interesting beyond this ever-increasing number is that 1 code author out of 10 exposed a secret in 2022. The widespread belief that hard-coded secrets are primarily committed by junior developers is a misconception. In truth, any developer, regardless of their level of experience or seniority, can fall into this practice. 

Related Posts