AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 10/16/2024

Gmail Scam Alert: Hackers Spoof Google to Steal Credentials

Boasting over 2.5 billion users worldwide, Gmail reigns as the most prevalent email service globally. Consequently, it comes as no surprise that this platform has become a focal point for malicious actors seeking to infiltrate accounts and pilfer sensitive data. Sam Mitrovic, an expert on Microsoft security products and the founder of CloudJoy, a Power Platform consultancy, recently sounded the alarm regarding an exceptionally sophisticated, AI-augmented phishing scheme targeting Gmail users, a scheme with the potential to ensnare even the most seasoned and discerning individuals. Notably, Mitrovic himself fell victim to this cunning ploy.

 

One-year countdown to ‘biggest Ctrl-Alt-Delete in history’ as Windows 10 approaches end of support

Windows 10 is now just a year from its end of support date, and it is clear that Microsoft’s hardware compatibility gamble has yet to pay off. A year from now, on October 14, 2025, Windows 10 will drop out of support. Some users will be able to continue receiving security updates for a fee. Others using Long Term Servicing Channel (LTSC) editions have more time. Windows 10 IoT Enterprise LTSC extended support ends on January 13, 2032, while Windows 10 Enterprise LTSC runs until January 9, 2029. But for the rest, just 365 days remain until Microsoft halts updates.

 

Cisco investigates breach after stolen data for sale on hacking forum

Cisco has confirmed to BleepingComputer that it is investigating recent claims that it suffered a breach after a threat actor began selling allegedly stolen data on a hacking forum. “Cisco is aware of reports that an actor is alleging to have gained access to certain Cisco-related files,” a Cisco spokesperson told BleepingComputer. “We have launched an investigation to assess this claim, and our investigation is ongoing.” This statement comes after a well-known threat actor named “IntelBroker” said that he and two others called “EnergyWeaponUser and “zjj” breached Cisco on October 6, 2024, and stole a large amount of developer data from the company.

 

Expert witness used Copilot to make up fake damages, irking judge

A New York judge recently called out an expert witness for using Microsoft’s Copilot chatbot to inaccurately estimate damages in a real estate dispute that partly depended on an accurate assessment of damages to win. In an order Thursday, judge Jonathan Schopf warned that “due to the nature of the rapid evolution of artificial intelligence and its inherent reliability issues” that any use of AI should be disclosed before testimony or evidence is admitted in court. Admitting that the court “has no objective understanding as to how Copilot works,” Schopf suggested that the legal system could be disrupted if experts started overly relying on chatbots en masse.

 

Apple study exposes deep cracks in LLMs’ “reasoning” capabilities

For a while now, companies like OpenAI and Google have been touting advanced “reasoning” capabilities as the next big step in their latest artificial intelligence models. Now, though, a new study from six Apple engineers shows that the mathematical “reasoning” displayed by advanced large language models can be extremely brittle and unreliable in the face of seemingly trivial changes to common benchmark problems. The fragility highlighted in these new results helps support previous research suggesting that LLMs use of probabilistic pattern matching is missing the formal understanding of underlying concepts needed for truly reliable mathematical reasoning capabilities. “Current LLMs are not capable of genuine logical reasoning,” the researchers hypothesize based on these results. “Instead, they attempt to replicate the reasoning steps observed in their training data.”

 

China Accuses U.S. of Fabricating Volt Typhoon to Hide Its Own Hacking Campaigns

China’s National Computer Virus Emergency Response Center (CVERC) has doubled down on claims that the threat actor known as Volt Typhoon is a fabrication of the U.S. and its allies. The agency, in collaboration with the National Engineering Laboratory for Computer Virus Prevention Technology, went on to accuse the U.S. federal government, intelligence agencies, and Five Eyes countries of conducting cyber espionage activities against China, France, Germany, Japan, and internet users globally. It also said there’s “ironclad evidence” indicating that the U.S. carries out false flag operations in an attempt to conceal its own malicious cyber attacks, adding it’s inventing the “so-called danger of Chinese cyber attacks” and that it has established a “large-scale global internet surveillance network.”

 

Microsoft says tougher punishments needed for state-sponsored cybercriminals

Microsoft is calling for more robust deterrents to be placed on nation-states as criminals continue to run rife across online systems “without any meaningful consequences.” However, like those consequences, Microsoft’s recommendations contained in its annual cybersecurity report – published today – lack specificity, and thus aren’t exactly meaningful either. The Microsoft Digital Defense Report 2024 includes various suggestions for improvements, all of which place the onus on governments. One subtitled “enhanced countermeasures” mentions “targeted sanctions among other options.”

Related Posts