AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 1/18/2024

OpenAI must defend ChatGPT fabrications after failing to defeat libel suit 

OpenAI may finally have to answer for ChatGPT’s “hallucinations” in court after a Georgia judge recently ruled against the tech company’s motion to dismiss a radio host’s defamation suit. OpenAI had argued that ChatGPT’s output cannot be considered libel, partly because the chatbot output cannot be considered a “publication,” which is a key element of a defamation claim. In its motion to dismiss, OpenAI also argued that Georgia radio host Mark Walters could not prove that the company acted with actual malice or that anyone believed the allegedly libelous statements were true or that he was harmed by the alleged publication. 

 

Researcher uncovers one of the biggest password dumps in recent history 

Nearly 71 million unique credentials stolen for logging into websites such as Facebook, Roblox, eBay, and Yahoo have been circulating on the Internet for at least four months, a researcher said Wednesday. Troy Hunt, operator of the Have I Been Pwned? breach notification service, said the massive amount of data was posted to a well-known underground market that brokers sales of compromised credentials. Hunt said he often pays little attention to dumps like these because they simply compile and repackage previously published passwords taken in earlier campaigns. 

 

Majorca Tourist Hotspot Hit With $11m Ransom Demand 

A major Spanish holiday destination became the latest victim of ransomware last weekend, with reports claiming digital extortionists are demanding €10m ($11m). The municipality of Calvià in the south-west of Majorca includes the popular tourist hotspot of Magaluf and attracts over one million visitors a year to its shores. A statement on the council’s website claimed it is now working “intensely to try to return to normality as soon as possible” following a cyber-attack last weekend. 

 

MacOS info-stealers quickly evolve to evade XProtect detection 

Multiple information stealers for the macOS platform have demonstrated the capability to evade detection even when security companies follow and report about new variants frequently. A report by SentinelOne highlights the problem through three notable malware examples that can evade macOS’s built-in anti-malware system, XProtect. XProtect works in the background while scanning downloaded files and apps for known malware signatures. 

 

Each Facebook User Is Monitored by Thousands of Companies 

By now most internet users know their online activity is constantly tracked. No one should be shocked to see ads for items they previously searched for, or to be asked if their data can be shared with an unknown number of “partners.” But what is the scale of this surveillance? Judging from data collected by Facebook and newly described in a unique study by Consumer Reports (PDF), it’s massive, and examining the data may leave you with more questions than answers. 

 

Healthcare experienced more cyberattacks than any other sector during the first 9 months of 2023 

It’s a sad fact that healthcare facilities remain a prime target for cyberattacks. Between January and September last year, the sector was hit by more attacks than any other, potentially putting the lives of patients at risk. According to technology research provider Omdia (via the Financial Times), the healthcare sector suffered 241 cyberattacks during the first nine months of 2023. That’s over 100 more than the government (147) and almost three times more than software, hardware, and IT services (91). The data comes from publicly disclosed cybersecurity breaches, so some figures could be even higher. 

  

Related Posts