AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 11/29/2023

Cybercriminals Hesitant About Using Generative AI 

Cybercriminals are so far reluctant to use generative AI to launch attacks, according to new research by Sophos. Examining four prominent dark-web forums for discussions related to large language models (LLMs), the firm found that threat actors showed little interest in using these tools, and even expressed concerns about the wider risks they pose. In two of the forums included in the research, just 100 posts on AI were found. This compares to 1000 posts related to cryptocurrency during the same period. 


Design Flaw in Google Workspace Could Let Attackers Gain Unauthorized Access 

Cybersecurity researchers have detailed a “severe design flaw” in Google Workspace’s domain-wide delegation (DWD) feature that could be exploited by threat actors to facilitate privilege escalation and obtain unauthorized access to Workspace APIs without super admin privileges. “Such exploitation could result in theft of emails from Gmail, data exfiltration from Google Drive, or other unauthorized actions within Google Workspace APIs on all of the identities in the target domain,” cybersecurity firm Hunters said in a technical report shared with The Hacker News. The design weakness – which remains active to this date – has been codenamed DeleFriend for its ability to manipulate existing delegations in the Google Cloud Platform (GCP) and Google Workspace without possessing super admin privileges. 


Sports Illustrated reportedly published articles from fake AI authors 

Sports Illustrated published articles that were attributed to fake AI-generated authors, according to reporting by Futurism. The authors include “Drew Ortiz,” who’s “spent much of his life outdoors,” and “Sora Tanaka,” who is “a fitness guru, and loves to try different foods and drinks.” Futurism found the associated author headshots for sale on an AI-generated image website, and someone involved in the creation of the content told the outlet that there are “a lot” of similar fake writers. Rachael Fink, a spokesperson for The Arena Group, which publishes Sports Illustrated, disputed the suggestion that the stories themselves are AI-generated. 


ID Theft Service Resold Access to USInfoSearch Data 

One of the cybercrime underground’s more active sellers of Social Security numbers, background and credit reports has been pulling data from hacked accounts at the U.S. consumer data broker USinfoSearch, KrebsOnSecurity has learned. Since at least February 2023, a service advertised on Telegram called USiSLookups has operated an automated bot that allows anyone to look up the SSN or background report on virtually any American. For prices ranging from $8 to $40 and payable via virtual currency, the bot will return detailed consumer background reports automatically in just a few moments. 


A popular female coding influencer’s Instagram is apparently run by a man 

Eduards Sizovs, founder of software developer conference DevTernity, has already been in the headlines for reportedly listing fake female speakers for a conference. Now, it has been revealed that Sizovs may also be behind Coding_Unicorn, a popular Instagram account supposedly run by a female coder, 404 Media reports. Coding_Unicorn has 115,000 followers on Instagram and claims to be run by a professional software developer named Julia. The account features photos — many of which are glamour shots — of Julia at a MacBook alongside “no-BS coding, career, productivity tips.” 


Okta hackers stole data on all customer support users, company says 

Hackers who compromised Okta’s customer support system stole data from all of the cybersecurity firm’s customer support users, Okta said in a letter to clients Tuesday, a far greater incursion than the company initially believed. The expanded scope opens those customers up to the risk of heightened attacks or phishing attempts, Okta warned. An Okta spokesperson told CNBC that customers in government or Department of Defense environments were not impacted by the breach. 

Related Posts