AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 12/06/2023

Meta and IBM launch ‘AI Alliance’ to promote open-source AI development 

Facebook’s parent company, Meta, and IBM on Tuesday launched a new group called the AI Alliance advocating for an “open-science” approach to AI development that puts them at odds with rivals Google, Microsoft and ChatGPT-maker OpenAI. These two diverging camps – the open and the closed – disagree about whether to build AI in a way that makes the underlying technology widely accessible. Safety is at the heart of the debate, but so is who gets to profit from AI’s advances. 


Deutsche Wohnen Ruling Set to Drive Up GDPR Fines 

Legal experts have warned that a “landmark” ruling by the European Court of Justice (ECJ) could have major financial ramifications for organizations that breach the GDPR. The judgement handed down yesterday involved German property company Deutsche Wohnen. The firm was originally hit with a €14.5m ($15.7m) fine by the Berlin Data Protection Commissioner back in 2019, for retaining tenant data for longer than was necessary. However, it was subsequently reversed two years later by a local court which ruled that the firm couldn’t be held responsible unless blame could be attached to a specific individual or executive. 


Beware of predatory fin(tech): Loan sharks use Android apps to reach new depths 

Since the beginning of 2023, ESET researchers have observed an alarming growth of deceptive Android loan apps, which present themselves as legitimate personal loan services, promising quick and easy access to funds. Despite their attractive appearance, these services are in fact designed to defraud users by offering them high-interest-rate loans endorsed with deceitful descriptions, all while collecting their victims’ personal and financial information to blackmail them, and in the end gain their funds. ESET products therefore recognize these apps using the detection name SpyLoan, which directly refers to their spyware functionality combined with loan claims. 


LockBit Remains Top Global Ransomware Threat 

The LockBit ransomware strain continues to be the primary digital extortion threat to all regions, and almost all industries globally, according to a report by ZeroFox. Researchers found that LockBit was leveraged in more than a quarter of global ransomware and digital extortion (R&DE) attacks in the seven quarters analyzed from January 2022 to September 2023. This includes 30% of all R&DE attacks in Europe and 25% in North America during the period. 


Intel accuses AMD of selling snake oil CPUs in now deleted attack 

Intel has accused AMD of “selling half-truths to unsuspecting customers” by using its Zen 2 architecture in some of its latest Ryzen 7000 series mobile processors. In a now-deleted presentation to system integrators, Intel’s “Core Truths” largely focuses on AMD’s Ryzen 5 7520U mobile processor and its confusing and somewhat misleading naming. AMD revealed a new naming scheme for its Ryzen 7000 series last year, with the first digit referring to the model year, the second for the segment, and the third revealing the architecture. At first glance you might look at the Ryzen 5 7520U naming and think it’s a mid-range CPU from AMD, with the 7 meaning it’s the latest. But the Ryzen 5 7520U is actually based on AMD’s older Zen 2 architecture, not the company’s latest Zen 4 one. 


Apple Confirms Governments Using Push Notifications to Surveil Users 

Unidentified governments are surveilling smartphone users by tracking push notifications that move through Google’s and Apple’s servers, a US senator warned on Wednesday (via Reuters). In a letter to the Department of Justice, Senator Ron Wyden said foreign officials were demanding the data from the tech giants to track smartphones. The traffic flowing from apps that send push notifications put the companies “in a unique position to facilitate government surveillance of how users are using particular apps,” Wyden said. He asked the Department of Justice to “repeal or modify any policies” that hindered public discussions of push notification spying. 

Related Posts