AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 07/24/2023

Bill that Would Stop the Government Buying Data Without a Warrant Passes Key Hurdle 

A group of lawmakers on the House Judiciary Committee passed a proposed piece of legislation that would stop government agencies buying data without a warrant. The Fourth Amendment is Not for Sale Act was in part written in response to Motherboard’s continued revelations about the location data industry. “By passing the Fourth Amendment Is Not For Sale Act, both Democrats and Republicans on the House Judiciary Committee just made clear that the Data Broker Loophole must and will be closed,” Senior Policy Counsel Sean Vitka at activist group Demand Progress said in a statement. 


Tech titans promise watermarks to expose AI creations 

The White House said Friday that OpenAI and others in the artificial intelligence race have committed to making their technology safer with features such as watermarks on fabricated images. “These commitments, which the companies have chosen to undertake immediately, underscore three principles that must be fundamental to the future of AI—safety, security, and trust—and mark a critical step toward developing responsible AI,” the White House said in a release. 


Amazon agrees to $25 million fine for Alexa children privacy violations 

The U.S. Justice Department and the Federal Trade Commission (FTC) announced that Amazon has agreed to pay a $25 million fine to settle alleged children’s privacy laws violations related to the company’s Alexa voice assistant service. Amazon has offered Alexa voice-activated products and services targeted at children under 13 years old since May 2018. In May 2023, the Federal Trade Commission (FTC) and the U.S. Department of Justice (DOJ) filed charges against Amazon, accusing the company of violating children’s privacy laws, which include the FTC Act, the Children’s Online Privacy Protection Act (COPPA), and the COPPA Rule. 


Few Fortune 100 Firms List Security Pros in Their Executive Ranks 

Many things have changed since 2018, such as the names of the companies in the Fortune 100 list. But one aspect of that vaunted list that hasn’t shifted much since is that very few of these companies list any security professionals within their top executive ranks. The next time you receive a breach notification letter that invariably says a company you trusted places a top priority on customer security and privacy, consider this: Only four of the Fortune 100 companies currently list a security professional in the executive leadership pages of their websites. This is actually down from five of the Fortune 100 in 2018, the last time KrebsOnSecurity performed this analysis. 


VirusTotal apologizes for data leak affecting 5,600 customers 

VirusTotal apologized on Friday for leaking the information of over 5,600 customers after an employee mistakenly uploaded a CSV file containing their info to the platform last month. The data leak impacted only Premium account customers, with the uploaded file containing their names and corporate email addresses. Emiliano Martines, the online malware scanning service’s head of product management, also assured impacted customers that the incident was caused by human error and was not the result of a cyber-attack or any vulnerability with VirusTotal. 


Pentagon AI more ethical than adversaries’ because of ‘Judeo-Christian society,’ USAF general says 

An Air Force general said the Pentagon’s code of ethics surrounding the use of artificial intelligence is better than some other countries’ because of the United States’ “Judeo-Christian” foundation. “Regardless of what your beliefs are, our society is a Judeo-Christian society and we have a moral compass. Not everybody does, and there are those that are willing to go for the ends regardless of what means have to be employed, and we’ll have to be ready for that,” Lt. Gen. Richard Moore, the Air Force’s deputy chief of staff for plans and programs, said Thursday at a Hudson Institute event“What will the adversary do? It depends who plays by the rules of warfare and who doesn’t. There are societies that have a very different foundation than ours,” Moore said. 


Google Messages signs onto cross-platform encrypted group chat standard 

Google’s Messages app might be getting cross-platform chat encryption in the future. The company is announcing adoption of an end-to-end encryption system known as Messaging Layer Security, or MLS. It’ll allow Google’s platform to connect and exchange messages with outside messaging apps that also support MLS (via 9to5Google). Want to message a group chat and have it securely and seamlessly appear on other people’s devices in their preferred chat apps? That’s the future European regulators are pushing for: to get tech companies to implement an end-to-end encryption system that allows users to securely message between platforms. 


Over 15K Citrix servers vulnerable to CVE-2023-3519 RCE attacks 

Thousands of Citrix Netscaler ADC and Gateway servers exposed online are likely vulnerable against a critical remote code execution (RCE) bug exploited by unauthenticated attackers in the wild as a zero-day. Security researchers from the Shadowserver Foundation, a non-profit organization dedicated to enhancing internet security, revealed this week that at least 15,000 appliances were identified as exposed to attacks leveraging the flaw (CVE-2023-3519) based on their version information. “We tag all IPs where we see a version hash in a Citrix instance. This is due fact that Citrix has removed version hash information in recent revisions,” Shadowserver said. 


Clop now leaks data stolen in MOVEit attacks on clearweb sites 

The Clop ransomware gang is copying an ALPHV ransomware gang extortion tactic by creating Internet-accessible websites dedicated to specific victims, making it easier to leak stolen data and further pressuring victims into paying a ransom. When a ransomware gang attacks a corporate target, they first steal data from the network and then encrypt files. This stolen data is used as leverage in double-extortion attacks, warning victims that the data will be leaked if a ransom is not paid. 

Related Posts