AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 08/01/2023

Global Lawyers Unveil Cyber Best Practices for Execs 

The International Bar Association (IBA) has published what it claims to be a “first-of-its-kind” report to guide senior executives and boards to protect their organization from cyber risk. Released today, Global perspectives on protecting against cyber risks: best governance practices for senior executives and boards of directors, is a lengthy document designed to give leaders insight into the main elements of a strong cyber-risk management program. Co-chairs of the IBA Presidential Task Force on Cyber Security, Søren Skibsted and Luke Dembosky, argued that while cyber risk is rapidly evolving and global, regulators have struggled to keep pace. 

 

Hackers are using AI to create vicious malware, says FBI 

The FBI has warned that hackers are running wild with generative artificial intelligence (AI) tools like ChatGPT, quickly creating malicious code and launching cybercrime sprees that would have taken far more effort in the past. The FBI detailed its concerns on a call with journalists and explained that AI chatbots have fuelled all kinds of illicit activity, from scammers and fraudsters perfecting their techniques to terrorists consulting the tools on how to launch more damaging chemical attacks. 

 

New Google Chrome browser security plan slammed by experts 

Google has received Internet-wide backlash for plans it has drawn up which consider the implementation of what it calls a Web Environment Integrity (WEI) API. The four authors behind the WEI explainer article explain how such an API would allow servers to “evaluate the authenticity of the device” in order to prevent some types of fraud, however comments on the GitHub page were largely negative. Among the many complaints, some users raised concerns about surveillance and discrimination, while others called for approval by regulatory bodies and indeed for Google to compare the preposition to the W3C code of Ethics. 

 

White House unveils ‘whole of society’ push to expand cybersecurity workforce 

A sweeping partnership comprising nine government agencies and more than 200 nonprofits, corporations, colleges and universities will together build an organized “whole of society” approach to expanding the cybersecurity workforce, the Office of the National Cyber Director (ONCD) announced Monday. The National Cyber and Workforce Education Strategy includes more than $24 million in grants from the National Science Foundation (NSF) for cyber education at colleges and universities in Alabama, California, Idaho, Mississippi, New York, and Tennessee, reflecting the effort to reach a large number of students off the coasts who NSF official James Moore called the “missing millions.” 

 

FBI investigation reveals that it was unknowingly using NSO-backed spyware 

New York Times investigation uncovered earlier this year that the US government used spyware made by Israeli hacking firm NSO. Now, after an FBI investigation into who was using the tech, the department uncovered a confusing answer: itself, according to the New York Times on Monday.  Since 2021, the Biden administration has taken steps toward parting ways with NSO, given the firm’s reputation for shady tools like Pegasus that lets governments discreetly download personal information from hacked phones without the user’s knowledge. But even after the president signed an executive order banning commercial spyware in March, an FBI contractor used NSO’s geolocation product Landmark to track the locations of targets in Mexico.  

 

China’s Volt Typhoon APT Burrows Deeper Into US Critical Infrastructure 

The US military was reckoning with two major cyber concerns over the weekend — one the widespread and still unresolved Chinese campaign known as Volt Typhoon targeting military bases, and the other an insider breach affecting Air Force and FBI communications. Biden administration officials have confirmed that Volt Typhoon’s malware is much more endemic than previously thought; responders have found it planted inside numerous networks controlling the communications, power, and water feeding US military bases at home and abroad, according to The New York Times. 

 

Stremio vulnerability exposes millions to attack 

CyFox researchers have discovered a DLL planting/hijacking vulnerability in popular media center application Stremio, which could be exploited by attackers to execute code on the victim’s system, steal information, and more. DLLs (dynamic link libraries) are files that can be dynamically linked and shared by multiple programs concurrently, and are crucial to Windows and many applications (including Stremio). 

 

Related Posts