AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 07/27/2023

This MIT team is fighting malicious AI image manipulation a few pixels at a time 

As AI image creation and editing becomes more prevalent, a new digital privacy concern has arisen — the unauthorized AI editing of someone’s artwork or picture. To date, there’s nothing to stop someone from taking a picture online, uploading it to an AI program, and manipulating it for all sorts of purposesBut a new technique from a team at MIT could change that. Simply called “PhotoGuard,” the method involves a deep understanding of the algorithms that AI operates on. With that understanding, the team developed ways to very subtly change a picture, disrupting how AI interprets it. And if AI can’t understand an image, it can’t edit it. 


Top Russian cybersecurity executive sentenced to 14 years for treason 

A Russian court on Wednesday sentenced the head of one of the country’s top cybersecurity companies to 14 years in prison for high treason. The trial of Ilya Sachkov was held behind closed doors, which is conventional practice for treason trials, and little is publicly known about the case against him. After his arrest in September 2021, reports said he was suspected of passing on state secrets but did not give specifics. Sachkov is the founder of Group-IB, which specializes in combating cyberattacks and online fraud and investigating high-tech cyber crimes. Top Russian banks and companies, including state-run ones, are among the company’s clients. 


Major AI companies form group to research, keep control of AI 

Four of the world’s most advanced artificial intelligence companies have formed a group to research increasingly powerful AI and establish best practices for controlling it, as public anxiety and regulatory scrutiny over the impact of the technology increases. On Wednesday, Anthropic, Google, Microsoft, and OpenAI launched the Frontier Model Forum, with the aim of “ensuring the safe and responsible development of frontier AI models.” In recent months, the US companies have rolled out increasingly powerful AI tools that produce original content in image, text, or video form by drawing on a bank of existing material. The developments have raised concerns about copyright infringement, privacy breaches and that AI could ultimately replace humans in a range of jobs. 


SEC to require companies to disclose cybersecurity incidents 

The Securities and Exchange Commission approved new rules Wednesday requiring companies that it regulates to quickly disclose “material” cybersecurity incidents and share the details of their cybersecurity risk management, strategy, and governance with the commission on an annual basis. The commission also adopted similar rules for foreign companies doing business in the U.S. “Whether a company loses a factory in a fire — or millions of files in a cybersecurity incident — it may be material to investors,” SEC Chair Gary Gensler said in a prepared statement. He added that while many companies now disclose cybersecurity incidents, companies and investors would “benefit if this disclosure were made in a more consistent, comparable, and decision-useful way.” 


Peloton Bugs Expose Enterprise Networks to IoT Attacks 

People could potentially lose more than just pounds by using a Peloton treadmill, as the Internet-connected fitness equipment also can leak sensitive data or pose as an initial-access pathway through an attack that compromises any of three key attack vectors, a researcher has found. Researchers from Check Point Software took a deep dive into the popular Peloton Tread equipment and found that attackers can enter the system — which is essentially an Internet of Things (IoT) device — via the OS, applications, or by exploiting APIs to load various malware. 


NATO investigates alleged data theft by SiegedSec hackers 

NATO has confirmed that its IT team is investigating claims about an alleged data-theft hack on the Communities of Interest (COI) Cooperation Portal by a hacking group known as SiegedSec. The COI Cooperation Portal (dnbl.ncia.nato.int) is the military alliance’s unclassified information-sharing and collaboration environment, dedicated to supporting NATO organizations and member nations. Yesterday, the hacking group ‘SiegedSec’ posted on Telegram what they claimed to be hundreds of documents stolen from the COI Cooperation Portal. 


Almost 40% of Ubuntu users vulnerable to new privilege elevation flaws 

Two Linux vulnerabilities introduced recently into the Ubuntu kernel create the potential for unprivileged local users to gain elevated privileges on a massive number of devices. Ubuntu is one of the most widely used Linux distributions, especially popular in the U.S., having an approximate user base of over 40 million. Two recent flaws tracked as CVE-2023-32629 and CVE-2023-2640 discovered by Wiz’s researchers S. Tzadik and S. Tamari were recently introduced into the operating system, impacting roughly 40% of Ubuntu’s userbase. 


NCSC Publishes New Guidance on Shadow IT 

The UK’s leading cybersecurity agency has released new guidance for system owners and technical staff on how to manage shadow IT in their organization. Shadow IT refers to the devices and services that employees use for work without the IT department knowing. They could include smart devices, servers, virtual machines, cloud storage and unapproved messaging or collaboration tools. “Since these are not accounted for by asset management, nor aligned with corporate IT processes or policy, they’re a risk to your organization,” the document warns. “This could result in the exfiltration of sensitive data, or spread malware throughout the organization.” 

Related Posts