AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 1/21/2025

US issues final rule barring Chinese, Russian connected car tech

The Commerce Department on Tuesday announced a new rule that will bar certain Chinese and Russian connected car technology from being imported to the United States. Software and hardware built into Vehicle Connectivity Systems (VCS) — such as telematics control units and cellular, satellite and Wi-fi functions — which are manufactured in China and Russia will be banned, along with any connected cars containing them.  Separately Russian and Chinese Automated Driving System (ADS) software — which self-driving vehicles rely on to run without a driver — will be prohibited under the new rule.

 

Biden signs executive order to bolster national cybersecurity

Days before leaving office, President Joe Biden signed an executive order to shore up the United States’ cybersecurity by making it easier to sanction hacking groups targeting federal agencies and the nation’s critical infrastructure. These also include ransomware gangs, which have been continuously targeting U.S. healthcare organizations in recent years, causing disruptions by encrypting systems and stealing the personal and sensitive health data of tens of millions of Americans. Today’s executive order also takes additional steps to expand on Executive Order 13694, issued in April 2015 by President Obama, which authorizes sanctions on entities and individuals responsible for or complicit in cyberattacks that result in a “significant threat to the national security, foreign policy, or economic health or financial stability of the United States.”

 

US Announces Sanctions Against North Korean Fake IT Worker Network

The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) on Thursday announced sanctions against two individuals and four entities involved in generating illicit funds for North Korea as part of the fake IT worker scheme. As part of the elaborate operation, North Korean operatives relied on stolen identities and AI to pose as IT workers and land jobs at companies in Western countries and elsewhere, to circumvent sanctions and generate revenue for the Pyongyang regime. The scheme resulted in hundreds of companies in the US, UK, and Australia hiring fake IT workers, and the Democratic People’s Republic of Korea (DPRK) is believed to have dispatched such workers in Russia, China, and other countries as well.

 

DORA Comes into Force: Experts Weigh In on Its Impact and Opportunities

Today marks the enforcement of the Digital Operational Resilience Act (DORA), a regulation aimed at strengthening the financial sector’s defenses against cyber threats and operational risks. With its focus on ICT risk management, incident reporting, and operational resilience, DORA sets a new benchmark for compliance and preparedness across Europe’s financial institutions and beyond. But what does this mean for banks, financial service providers, and their extended networks? How are entities preparing to meet these robust standards, and what challenges lie ahead? Industry leaders share their insights, offering guidance on navigating this regulatory milestone while leveraging it as a catalyst for innovation and collaboration. Here’s what they had to say.

 

FTC hands GM a 5-year ban on selling sensitive driver info to data brokers

The Federal Trade Commission (FTC) on Thursday announced a settlement agreement with General Motors and its OnStar subsidiary that requires the automaker to stop sharing millions of customers’ sensitive geolocation data with consumer reporting agencies, including data brokers, for five years.  The agency also ordered the automaker to stop misleading customers about how it collects, uses and shares their data and to begin obtaining explicit affirmative consent before collecting the data.

 

Microsoft eggheads say AI can never be made secure – after testing Redmond’s own products

Microsoft brainiacs who probed the security of more than 100 of the software giant’s own generative AI products came away with a sobering message: The models amplify existing security risks and create new ones. The 26 authors offered the observation that “the work of securing AI systems will never be complete” in a pre-print paper titled: Lessons from red-teaming 100 generative AI products. That’s the final lesson of eight offered in the paper, though it’s not entirely apocalyptic. The authors, Azure CTO Mark Russinovich among them, argue that with further work, the cost of attacking AI systems can be raised – as has already happened for other IT security risks through defense-in-depth tactics and security-by-design principles.

 

Otelier data breach exposes info, hotel reservations of millions

Hotel management platform Otelier suffered a data breach after threat actors breached its Amazon S3 cloud storage to steal millions of guests’ personal information and reservations for well-known hotel brands like Marriott, Hilton, and Hyatt. The breach first allegedly occurred in July 2024, with continued access through October, with the threat actors claiming to have stolen amost eight terabytes of data from Otelier’s Amazon AWS S3 buckets.  In a statement to BleepingComputer, Otelier confirmed the compromise and said it is communicating with impacted customers.

Related Posts