AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 04/19/2023

This ATM Scam Is Masquerading As an Act of Kindness 

Taking money out of an ATM can be a fairly nerve-wracking thing to do depending on where you are and what time of the day or night it is. Having someone show you any kind of altruistic behavior, like letting you know you dropped some cash on the floor, can lower your defenses and give you hope that the universe is not out to get you. Except that you’d be wrong: That person could be trying to scam you out of your money with the latest trick that is hitting ATMs in New York City. 

 

FTC says it will target AI that violates civil rights or is deceptive 

Leaders of the U.S. Federal Trade Commission said on Tuesday the agency would pursue companies who misuse artificial intelligence to violate laws against discrimination or be deceptive. The sudden popularity of Microsoft-backed OpenAI’s ChatGPT this year has prompted calls for regulation amid concerns around the world about the possible use of the innovation for wrongdoing even as companies are seeking ways to use it to enhance efficiency.  

 

Microsoft: Iranian hackers behind retaliatory cyberattacks on US orgs 

Microsoft has discovered that an Iranian hacking group known as ‘Mint Sandstorm’ is conducting cyberattacks on US critical infrastructure in what is believed to be retaliation for recent attacks on Iran’s infrastructure. Mint Sandstorm is the new name for the Phosphorous hacking group, believed to work for the Iranian government and linked to the Islamic Revolutionary Guard Corps (IRGC). In a new report, researchers in Microsoft’s Threat Intelligence team explain that a subgroup of Mint Sandstorm switched from performing surveillance in 2022 to performing direct attacks on US critical infrastructure. 

 

Security pros should focus on IAM and insider risks following recent Pentagon leak 

The recent leak of sensitive classified NATO-Ukraine war documents by 21-year-old Air National Guardsman Jack Teixeira to his peers in an online gaming forum shocked the Defense Department and roiled U.S. diplomacy worldwide. It resulted in a rapidfire arrest following a blockbuster report of the inner workings of Teixeira’s group in the Washington Post. Today, Senators are expected to receive a classified briefing on the matter. While it’s an upsetting case, from an IT security perspective, this breakdown in the military’s security shines a light on the proliferation of unsecured email distribution lists and the rise of insider threats in recent years – threats that can – and do –  hit corporate enterprises. 

 

Netflix password-sharing crackdown hits the U.S. next — here’s what you need to know 

The Netflix password-sharing party is coming to an end in the U.S. soon after the streaming giant reported it was “pleased with the results” from its expanded trial that started back in FebruaryIn its letter to shareholders today, the company reported that Q2 will see a broad rollout of paid sharing and that the U.S. will be part of this next phase (via MacRumors). That means that Netflix subscribers in the U.S. should expect the new policies to be enforced by the end of June. 

 

U.S. and U.K. Warn of Russian Hackers Exploiting Cisco Router Flaws for Espionage 

U.K. and U.S. cybersecurity and intelligence agencies have warned of Russian nation-state actors exploiting now-patched flaws in networking equipment from Cisco to conduct reconnaissance and deploy malware against targets. The intrusions, per the authorities, took place in 2021 and targeted a small number of entities in Europe, U.S. government institutions, and about 250 Ukrainian victims. The activity has been attributed to a threat actor tracked as APT28, which is also known as Fancy Bear, Forest Blizzard (formerly Strontium), FROZENLAKE, and Sofacy, and is affiliated with the Russian General Staff Main Intelligence Directorate (GRU). 

Related Posts