AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 1/25/2024

News media, foreign affairs experts are targets of North Korean group’s latest campaign 

North Korean state hackers are targeting media organizations and high-profile academics in a new espionage campaign, according to a new report released this week. The goal of these attacks, attributed by researchers at SentinelLabs to a hacker group known as ScarCruft or APT37, is to “gather strategic intelligence” that can “contribute to North Korea’s decision-making processes.” ScarCruft is a suspected North Korean state-sponsored group with a history of attacks against high-value individuals as well as public and private entities, primarily in South Korea.  


Apple aims to run AI models directly on iPhones, other devices 

Apple is quietly increasing its capabilities in artificial intelligence, making a series of acquisitions, staff hires, and hardware updates that are designed to bring AI to its next generation of iPhones. Industry data and academic papers, as well as insights from tech sector insiders, suggest the Californian company has focused most attention on tackling the technological problem of running AI through mobile devices. The iPhone maker has been more active than rival Big Tech companies in buying AI startups, acquiring 21 since the beginning of 2017, research from PitchBook shows. The most recent of those acquisitions was its purchase in early 2023 of California-based startup WaveOne, which offers AI-powered video compression. 


Ring steps back from sharing video with police — mostly 

Ring will no longer let local police publicly ask people for doorbell footage through its Neighbors app. The Amazon-owned company announced it’s going to sunset its Request for Assistance tool this week, forcing police to obtain a warrant for most of its video requests. This change might seem like a step in the right direction, but it may actually make the clip-requesting process less transparent, as police can still request clips from Ring during what they consider “emergencies.” In a statement to The Verge, Amazon spokesperson Yassi Yarger confirmed that on “rare occasions,” Ring will provide information to law enforcement “when there is an imminent danger of death or serious physical injury, such as a kidnapping or an attempted murder.” 


Mugger take your phone? Cash apps too easily let thieves drain accounts, DA says 

Popular apps like Venmo, Zelle, and Cash App aren’t doing enough to protect consumers from fraud that occurs when unauthorized users gain access to unlocked devices, Manhattan District Attorney Alvin Bragg warned. “Thousands or even tens of thousands can be drained from financial accounts in a matter of seconds with just a few taps,” Bragg said in letters to app makers. “Without additional protections, customers’ financial and physical safety is being put at risk.” 


Financial tech firm EquiLend says recovery after cyberattack ‘may take several days’ 

Financial technology firm EquiLend was hit with a cyberattack this week which forced several of its systems offline and may require several days to recover from. The company, which was founded in 2000 by several of the world’s largest financial firms, directed Recorded Future News to a statement saying it identified a technical issue on January 22 and eventually confirmed that it was dealing with a cyberattack. “We immediately launched an investigation and have identified a cyber security incident involving unauthorized access to our systems. We took immediate steps to secure our systems and are working methodically to restore the involved services as quickly as possible,” the company said. 


Man Jailed, Raped, and Beaten After False Facial Recognition Match, $10M Lawsuit Alleges 

In January of 2022, Harvey Murphy was arrested and thrown in jail while trying to get his driver’s license renewed at a local DMV. According to a $10 million lawsuit Murphy has since filed, a “loss prevention” agent working for a Sunglass Hut retail store used facial recognition software to accuse Murphy of perpetrating an armed robbery at a store in Houston, Texas. In reality, Murphy was more than 2,000 miles away at the time of the robbery. According to a lawsuit 61-year-old Murphy has filed against Macy’s and Sunglass Hut, “he was arrested and put into an overcrowded maximum-security jail with violent criminals. While in jail trying to prove his innocence, he was beaten, gang-raped, and left with permanent and awful life-long injuries. Hours after being beaten and gang-raped, the charges against him were dropped and he was released.” 


Related Posts