AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 05/11/2023

Hackers attempt to extort Dragos and its executives in suspected ransomware attempt 

Unknown hackers attempted to infiltrate Dragos, one of the leading industrial cybersecurity firms that works with government agencies and utilities globally, in a unsuccessful campaign that targeted the company’s executives and their family members, the firm said on Wednesday. “We are confident that our layered security controls prevented the threat actor from accomplishing what we believe to be their primary objective of launching ransomware,” the company wrote in a blog post that said extortion attempts began on Monday and that no corporate systems or products were breached. 


Google Touts Security Features for Gmail, Drive 

Google made a number of security announcements at Google I/O on Wednesday to help users access the Internet safely. Google reaffirmed its commitment to passwordless last week by enabling passkey sign-on for Google Accounts. At Google I/O, Google also released a new version of its Safe Browsing API to help check and identify dangerous sites and files faster than before. Coming soon in a few weeks, Gmail users would be able to scan the dark web for their Gmail addresses and receive guidance on what actions to take if their addresses are found. 


Twitter launches encrypted DMs for verified users with security drawbacks 

After talking about it for months, Twitter has finally released its first version of encrypted DMs — but there are a few limitations. Currently, this feature is only available to verified users (such as Blue subscribers) or accounts associated with verified organizations. Additionally, the encryption feature isn’t compatible with group messages and Twitter doesn’t offer protection against man-in-the-middle attacks. Twitter said that while encryption works across platforms, the recipient has to follow the sender to enable it. Alternatively, encryption can be enabled if a user has chatted with the sender before, or accepted their DM request. If users are eligible for an encrypted conversation, the sender will get an option to turn on encryption through a toggle on the new chat screen. 


Bad Bots Now Account For 30% of All Internet Traffic 

The volume of internet traffic stemming from malicious automated software has increased by 2.5% since 2021 to over 30% – the highest figure since Imperva’s first Bad Bot Report in 2013. Billions of dollars are lost annually due to bad bot attacks, which can lead to account compromise, data theft, spam, higher infrastructure and support costs, customer churn and degraded online services, Imperva claimed in its latest edition of the long-running report. 


How Europe is building artificial intelligence guardrails 

Authorities around the world are racing to draw up rules for artificial intelligence, including in the European Union, where draft legislation faces a pivotal moment on Thursday. A European Parliament committee is set to vote on the proposed rules, part of a yearslong effort to draw up guardrails for artificial intelligence. Those efforts have taken on more urgency as the rapid advance of ChatGPT highlights benefits the emerging technology can bring—and the new perils it poses. 

Related Posts