AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 05/03/2023

Western Digital hackers publish leaked images to taunt storage giant

Hackers that breached Western Digital(opens in new tab)’s (WD) systems and stole sensitive data in late March 2023 have posted a series of screenshots of internal emails and other company communication which they say shows WD’s poor efforts to address the incident. Cybersecurity researcher Dominic Alvieri discovered a total of 29 screenshots showing emails, documents, and video conferences, all related to the actions WD took following the breach. While one might think that the hackers still have access to WD’s systems and are taunting them this way, that doesn’t necessarily have to be the case.


Samsung bans use of generative AI tools like ChatGPT after April internal data leak

A month after internal, sensitive data from Samsung was accidentally leaked to ChatGPT, Samsung is cracking down on usage of the generative AI service. The electronics giant is planning a temporary block of the use of generative AI tools on company-owned devices, covering computers, tablets and phones, as well as non-company-owned devices running on internal networks. The ban would cover not just ChatGPT, but services that use the technology like Microsoft’s Bing, as well as competing generative AI services like Bard from Google.


This vicious new malware version is now targeting password managers

A new version of an already active malware is now shifting focus to target 1Password – in our view the best password manager for families – and KeePass. ViperSoftX is an infostealer that has already been after crypto wallets, but its now attacking more of them, in addition to multiple web browsers – not just Google Chrome – and password managers as well. It also has stronger code encryption now and is better at avoiding detection from antivirus tools. 


Rinse and repeat: Iran accelerates its cyber influence operations worldwide

Iran continues to be a significant threat actor, and it is now supplementing its traditional cyberattacks with a new playbook, leveraging cyber-enabled influence operations (IO) to achieve its geopolitical aims. Microsoft has detected these efforts rapidly accelerating since June 2022. We attributed 24 unique cyber-enabled influence operations to the Iranian government last year – including 17 from June to December – compared to just seven in 2021. We assess that most of Iran’s cyber-enabled influence operations are being run by Emennet Pasargad – which we track as Cotton Sandstorm (formerly NEPTUNIUM) – an Iranian state actor sanctioned by the US Treasury Department for their attempts to undermine the integrity of the 2020 US Presidential Elections.


AI is being used to generate whole spam sites

AI chatbots are being used to generate news stories and blog posts for online content farms in the hopes of attracting a trickle of ad revenue from the stray clicks of web users. Experts have been warning for years that such AI-generated content farms will soon become commonplace, but the wider availability of tools like OpenAI’s ChatGPT has now made these warnings a reality. NewsGuard, a for-profit organization that rates the trustworthiness of news sites, highlighted the problem in a recent report identifying 49 sites “that appear to be almost entirely written by artificial intelligence software.”


The first iPhone Rapid Security Response update released by Apple fails to install

On June 2022, Apple announced that the Rapid Security Response feature would be available starting with iOS 16.4.1, iPadOS 16.4.1, and macOS 13.3.1 operating systems. Once a Rapid Security Response has been installed, a letter will appear after the software version (i.e. iOS 16.4.1 will become iOS 16.4.1 (a)). Apple pointed out that if users choose to turn off this feature or not to apply Rapid Security Responses when they’re available, their device will receive relevant fixes or mitigations when they’re included in a subsequent software update.

Related Posts