AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 10/26/2020

IBM AI model predicts onset of Alzheimer’s disease by analyzing descriptions of a cookie theft

A new AI model can predict the onset of Alzheimer’s disease more accurately than standard clinical techniques by analyzing how people describe a picture of a cookie theft, according to a new study. Researchers from IBM and Pfizer trained the model to detect signs of speech impairment in written descriptions of the image, which is frequently used to test for cognitive disorders. The transcriptions were taken from the Framingham Heart Study, which has tracked the health of more than 5,000 people and their families since 1948. The samples were collected before the participants began showing symptoms of Alzheimer‘s. The researchers then checked the Framingham Heart Study records to find out whether a diagnosis had later been made. They found that the proof-concept model can predict with 71% accuracy that someone will develop Alzheimer’s disease — seven years before it’s clinically diagnosed. IBM said that’s significantly better than the 59% accuracy of standard clinical-scale predictions that use biomedical data from a patient. 


Ransomware groups are going corporate

As ransomware attacks have quickly morphed over the past few years into a billion-dollar business, the groups behind them are increasingly adopting the practices and tactics of the corporate businesses they target. More and more, ransomware groups (and some argue the larger cybercrime ecosystem) are gravitating towards joint partnerships and profit sharing arrangements with other hacking groups, introducing tools to measure the efficiency of their work, creating playbooks and scripts during the negotiation phase, and adopting customer service and PR tactics from the corporate world. This shift in behavior, compared to even a few years ago, is manifesting itself in a number of ways, from establishing cooperative partnerships to taking a customer-friendly tone when negotiating with victims to writing and distributing press releases designed to market their latest successful compromise or build their brand to the broader public.


Exclusive: ‘Dumb mistake’ exposed Iranian hand behind fake Proud Boys U.S. election emails – sources

Government analysts and private sector investigators were able to rapidly attribute to Iranian hackers a wave of thousands of threatening emails aimed at U.S. voters because of mistakes made in a video attached to some of the messages, according to four people familiar with the matter.  Those failures provided a rare opportunity for the U.S. government to identify and publicly announce blame for a malicious cyber operation in a matter of days, something that usually requires months of technical analysis and supporting intelligence. “Either they made a dumb mistake or wanted to get caught,” said a senior U.S. government official, who asked not to be identified. “We are not concerned about this activity being some kind of false flag due to other supporting evidence. This was Iran.” Attribution to Iranian hackers does not necessarily mean a group is working at the behest of the government there. Iranian officials denied the U.S. allegations.


If you suddenly can’t print to your HP Printer from your Mac, you’re not alone

Many Mac users today found, to their surprise, they are unable to print to their HP Inc printers. This is due to a code-signing snafu affecting macOS Catalina (version 10.15) and Mojave (10.14), specifically. HP’s printer driver software is cryptographically signed with a certificate that macOS uses to determine whether the application is legit and can be trusted. However, that certificate was today revoked through an XProtect update, causing the software to be rejected by Macs. A HP Inc spokesperson told us on Friday night: We unintentionally revoked credentials on some older versions of Mac drivers. This caused a temporary disruption for those customers and we are working with Apple to restore the drivers. In the meantime, we recommend users experiencing this problem to uninstall the HP driver and use the native AirPrint driver to print to their printer.


Hackers behind life-threatening attack on chemical maker are sanctioned

Russian state nationals accused of wielding life-threatening malware specifically designed to tamper with critical safety mechanisms at a petrochemical plant are now under sanction by the US Treasury Department. The attack drew considerable concern because it’s the first known time hackers have used malware designed to cause death or injury, a prospect that may have actually happened had it not been for a lucky series of events. The hackers—who have been linked to a Moscow-based research lab owned by the Russian government—have also targeted a second facility and been caught scanning US power grids. Now the Treasury Department is sanctioning the group, which is known as the State Research Center of the Russian Federation FGUP Central Scientific Research Institute of Chemistry and Mechanics or its Russian abbreviation TsNIIKhM. 

Related Posts