AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 05/17/2023

ChatGPT’s chief to testify before Congress as concerns grow about artificial intelligence risks 

The head of the artificial intelligence company that makes ChatGPT will testify before Congress as lawmakers call for new rules to guide the rapid development of AI technology. OpenAI CEO Sam Altman is scheduled to speak at a Senate hearing Tuesday. His San Francisco-based startup rocketed to public attention after its release late last year of ChatGPT, a free chatbot tool that answers questions with convincingly human-like responses. 


US ‘strike force’ charges Chinese and Russian nationals with stealing sensitive tech 

The Justice Department on Tuesday announced a round of indictments against foreign nationals who attempted to illegally gain access to sensitive U.S. technologies, including the source code for Apple’s autonomous driving system. In another case, a Chinese national working for a pair of software companies in southern California stole the source code used in so-called “smart manufacturing” — advanced technology used in making parts for nuclear submarines and military aircraft — before setting up his own business in China and marketing the pilfered information to entities there. 


Apple blocked 1.7 million apps for privacy, security issues in 2022 

Apple’s App Store team prevented more than $2 billion in transactions tagged as potentially fraudulent and blocked almost 1.7 million app submissions for privacy, security, and content policy violations in 2022. As part of its ongoing efforts to fend off account fraud, the company also terminated 428,000 developer accounts for potentially fraudulent activity, deactivated 282 million fraudulent customer accounts, and blocked 105 million developer account creations for suspected fraudulent activities. The App Store team also protected Apple users from hundreds of thousands of unsafe apps last year, rejecting almost 400,000 apps for privacy violations such as trying to harvest the user’s personal data without their consent or knowledge.  


Google will start deleting inactive accounts after two years 

You may have thought a Google account was forever, but the company’s latest blog post details a new policy of deleting inactive Google accounts. The new deadline is two years—if your account hasn’t seen “activity” in that amount of time, Google is going to delete your data forever. The company pitches this as a way to prevent spam. The blog post says that “abandoned accounts are at least 10x less likely than active accounts to have 2-step-verification set up,” and once they get compromised, they become vectors for spam and identity theft. Deleting old accounts and freeing up storage is also probably a good way to cut costs, which has been a thing at Google lately. 


New ZIP domains sparks debate among cybersecurity experts 

Cybersecurity researchers and IT admins have raised concerns over Google’s new ZIP and MOV Internet domains, warning that threat actors could use them for phishing attacks and malware delivery. Earlier this month, Google introduced eight new top-level domains (TLD) that could be purchased for hosting websites or email addresses. The new domains are .dad, .esq, .prof, .phd, .nexus, .foo, and for the topic of our article, the .zip and .mov domain TLDs. 


US Offering $10M Reward for Russian Man Charged With Ransomware Attacks 

Matveev — known online as Wazawaka, m1x, Boriselcin, and Uhodiransomwar — has been charged with conspiring to transmit ransom demands, conspiring to damage protected computers, and intentionally damaging protected computers. He faces over 20 years in prison, but he is unlikely to be arrested and convicted any time soon considering that he is believed to be living in Russia. While law enforcement cooperation between Russia and the US seemed to be improving before the start of the Ukraine war, it’s unlikely that Russia will hand over any cybercriminals to the United States given their current relations.  


Related Posts