AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 08/26/2022

Twitter confirms it is testing a phone number verification badge

Last week, app researcher Jane Manchun Wong pointed out that Twitter is testing a new profile badge for people who have verified their phone numbers. Earlier this month, app sleuth Nima Owji also pointed out that the company is testing a phone verification badge. On Tuesday, the company confirmed that it is running this experiment to “allow people to add context to their accounts.” This could be to essentially verify that a user with the phone verification badge is not a bot. The company said this is one of the ways that helps people find credible info and gives more information about different types of accounts. It added that verification is only one part of the process and it’s currently only testing the phone number verification with an opt-in setting. The firm didn’t provide any information about how widespread is the test and who will see the badge.

 

LastPass developer systems hacked to steal source code

Password management firm LastPass was hacked two weeks ago, enabling threat actors to steal the company’s source code and proprietary technical information. The disclosure comes after BleepingComputer learned of the breach from insiders last week and reached out to the company on August 21st without receiving a response to our questions. Sources told BleepingComputer that employees were scrambling to contain the attack after LastPass was breached. Sources told BleepingComputer that employees were scrambling to contain the attack after LastPass was breached. 

 

Google opens up its experimental AI chatbot for public testing

Google has opened up its AI Test Kitchen mobile app to give everyone some constrained hands-on experience with its latest advances in AI, like its conversational model LaMDA. Google announced AI Test Kitchen in May, along with the second version of LaMDA (Language Model for Dialogue Applications), and is now letting the public test parts of what it believes is the future of human-computer interaction. AI Test Kitchen is “meant to give you a sense of what it might be like to have LaMDA in your hands,” Google CEO Sunday Pichai said at the time.

 

Quantum ransomware attack disrupts govt agency in Dominican Republic

The Dominican Republic’s Instituto Agrario Dominicano has suffered a Quantum ransomware attack that encrypted multiple services and workstations throughout the government agency. The Instituto Agrario Dominicano (IAD) is part of the Ministry of Agriculture and is responsible for executing Agrarian Reform programs in the country. Local media reports that the ransomware attack occurred on August 18th, which has impacted the agency’s operation. “They ask for more than 600 thousand dollars. We were affected by four physical servers and eight virtual servers; virtually all servers,” IAD Director of Technology Walixson Amaury Nuñez told local media.

 

Cosmetics Giant Sephora to Pay $1m+ Privacy Settlement

One of the world’s biggest cosmetics retailers has agreed to pay $1.2 million in penalties and take corrective action after falling foul of the California Consumer Privacy Act (CCPA). Announced by the state’s attorney general, Rob Bonta, this week, the settlement by Sephora is part of the administration’s efforts to enforce a law that came into force over two years ago. “I hope today’s settlement sends a strong message to businesses that are still failing to comply with California’s consumer privacy law,” said Bonta in a statement. “My office is watching, and we will hold you accountable. It’s been more than two years since the CCPA went into effect, and businesses’ right to avoid liability by curing their CCPA violations after they are caught is expiring. There are no more excuses. Follow the law, do right by consumers, and process opt-out requests made via user-enabled global privacy controls.”

Related Posts