AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 06/30/2023

Does the world need an arms control treaty for AI? 

At the dawn of the atomic age, the nuclear scientists who invented the atomic bomb realized that the weapons of mass destruction they had created desperately needed to be controlled. Physicists such as Niels Bohr and J. Robert Oppenheimer believed that as knowledge of nuclear science spread so, too, would bombs. That realization marked the beginning of the post-war arms control era. Today, there’s a similar awakening among the scientists and researchers behind advancements in artificial intelligence. If AI really poses an extinction threat to humankind — as many in the field claim — many experts in the field are examining how efforts to limit the spread of nuclear warheads might control the rampant spread of AI. 

 

OpenAI Sued for Using ‘Stolen’ Data, Violating Your Privacy With ChatGPT 

A law firm has filed a class-action lawsuit that claims OpenAI violated everyone’s privacy by scraping the web for people’s information to train ChatGPT.  California-based Clarkson Law Firm this week filed(Opens in a new window) the 157-page complaint, which demands OpenAI halt offering commercial access to ChatGPT, citing the ongoing privacy violations. “Using stolen and misappropriated personal information at scale, [OpenAI has] created powerful and wildly profitable AI and released it into the world without regard for the risks,” the firm says. It’s no secret that ChatGPT was trained on information from across the internet, including Wikipedia articles, blogs, and posts(Opens in a new window) from social media platforms such as Twitter and Reddit. The problem is that OpenAI has been using the information to train ChatGPT without asking consent from users or warning them, Clarkson Law Firm says.  

 
Fujitsu admits it fluffed the fix for Japan’s flaky ID card scheme 

Fujitsu Japan is in the spotlight again for all the wrong reasons, after fumbling its attempt to fix the nation’s troubled ID card scheme. The scheme, called My Number, aims to provide every resident with a digital ID card that will be used to access various government services and replace health insurance cardsOne use of the cards is to arrange for administrative documents to be printed at convenience stores or government offices. But that scheme has produced ongoing data leaks, as residents order documents and arrive to find papers pertaining to other people – complete with personal information. 

 

At least 100,000 could have had data exposed after US health department was hit by global cyberattack 

At least 100,000 people could have had their data compromised by a hack of contractors at the Department of Health and Human Services, a department official said Thursday, making it the latest US government agency to be caught up in a sweeping cyberattack connected to Russian cybercriminals. HHS notified Congress of the breach on Tuesday and will update lawmakers as the investigation continues, the official said. Agencies are required to notify Congress of a data breach that involves the compromise of personal information of 100,000 or more people. “While no HHS systems or networks were compromised, attackers gained access to data by exploiting the vulnerability in the MOVEit Transfer software of third-party vendors,” the official told CNN. 

 

LockBit Claims TSMC Hack, Demands $70m Ransom 

National Hazard Agency, a sub-group of the LockBit ransomware gang, posted the name of Taiwan Semiconductor Manufacturing Company (TSMC), the world’s largest chip manufacturer, on LockBit’s dark web leak site on June 29, 2023. The threat actor has demanded TSCM pay a $70m ransom to prevent them from leaking the data they allegedly possess. The victim was initially given seven days to respond, but the deadline has since been extended to August 6. “In the case of payment refusal, also will be published points of entry and passwords and logins company. All available data will be published [sic],” LockBit wrote. 

Related Posts