AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 12/03/2024

Hackers claim to have cracked Microsoft’s software licensing protection almost entirely

A team of hackers claim that they have cracked “almost the entire Windows / Office software licensing protection”. The breakthrough allows them to activate “almost any version of Windows and Office” permanently. Windows and Office installations require activation. This may happen behind the scene or when users enter product keys. Workarounds and hacks have been available for a long time. One popular choice requires running a single line of instructions from a PowerShell prompt to activate Windows 8 or later, or Office. The creators of the solution claim now that they have found ways to extend this to even more Windows and Office products.

 

Meet ‘Chameleon’ – an AI model that can protect you from facial recognition thanks to a sophisticated digital mask

Artificial intelligence (AI) could hold the key to hiding your personal photos from unwanted facial recognition software and fraudsters, all without destroying the image quality. A new study from Georgia Tech university, published July 19 to the pre-print arXiv database, details how researchers created an AI model called “Chameleon,” which can produce a digital “single, personalized privacy protection (P-3) mask” for personal photos that thwarts unwanted facial scanning from detecting a person’s face. Chameleon will instead cause facial recognition scanners to recognize the photos as being someone else.

 

Indian online ID verification firm Signzy confirms security incident

Signzy, a popular vendor offering online “know your customer” ID verification and customer onboarding services to several top financial institutions, commercial banks, and fintech companies, has confirmed a security incident, TechCrunch can exclusively report. The Bengaluru-based startup, which serves over 600 financial institutions globally — including the four largest Indian banks, was hit by a cyberattack last week, according to sources speaking with TechCrunch. On Saturday, Signzy told TechCrunch it was aware of the security incident but declined to elaborate.

 

An Apple employee is suing the company over monitoring employee personal devices

An Apple ad tech employee filed a lawsuit against his employer on Sunday over how the company monitors its employees, reports Semafor. Apple wants its employees to use Apple devices for work, but work-issued devices are so restricted that many employees use personal devices, or tie their work devices to their personal iCloud. To do so, the suit says, employees must allow Apple to install software that grants Apple access to search anything stored on the device or iCloud. The suit claims Apple’s policies allow it to monitor workers even when off duty. The employee claims Apple used its policies to harm his employment prospects.

 

Korea arrests CEO for adding DDoS feature to satellite receivers

South Korean police have arrested a CEO and five employees for manufacturing over 240,000 satellite receivers pre-loaded or later updated to include DDoS attack functionality at a purchaser’s request. While neither company has been named, the two companies have been trading since 2017. In November 2018, the purchasing company made a special request to include DDoS functionality, with the South Korean manufacturer complying. Allegedly, the functionality was needed to counter the attacks of a competing entity.

 

US expands curbs on China’s AI memory and chip tools, raising supply chain concerns

The US has announced sweeping new measures targeting China’s semiconductor sector, restricting the export of chipmaking equipment and high-bandwidth memory. This move has sparked concerns over potential supply chain disruptions. The rules impose export restrictions on equipment from manufacturers in countries including Israel, Malaysia, Singapore, South Korea, and Taiwan, while granting exemptions to firms in Japan and the Netherlands. Among those exempted are Japan’s Tokyo Electron and the Netherlands’ ASML, two leading chipmaking equipment manufacturers. This exemption reportedly resulted from extensive negotiations between their governments and Washington.

Related Posts