AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 2/21/2024

Reddit sells training data to unnamed AI company ahead of IPO

On Friday, Bloomberg reported that Reddit has signed a contract allowing an unnamed AI company to train its models on the site’s content, according to people familiar with the matter. The move comes as the social media platform nears the introduction of its initial public offering (IPO), which could happen as soon as next month. Reddit initially revealed the deal, which is reported to be worth $60 million a year, earlier in 2024 to potential investors of an anticipated IPO, Bloomberg said. The Bloomberg source speculates that the contract could serve as a model for future agreements with other AI companies.

 

Israeli Aircraft Survive “Cyber-Hijacking” Attempts

Two flights bound for Israel over the past week have suffered attempts to hijack their communications and divert the aircraft, according to local reports. The El Al flights were both travelling from Thailand to Israel’s Ben Gurion international airport and apparently encountered “hostile elements” while flying over the Middle East.

Citing a report from national broadcaster Kan Reshet B, The Jerusalem Post claimed that hackers attempted to hijack the planes’ communications networks in order to divert them from their pre-programmed route. No group has claimed responsibility. Although the aircraft were flying over an area in which Iranian-backed Houthis are active, sources have claimed it could be the work of a group operating from Somaliland – an unrecognized state in the Horn of Africa.

 

Tinder is bringing its advanced ID verification system to the US and UK

Tinder has announced it’s bringing an advanced ID verification system to the US, UK, Brazil and Mexico. This is part of an ongoing effort to reduce the number of catfish swimming around the old dating pool. The new system requires that users take a video selfie and upload a valid driver’s license or passport. Tinder has long required users to take photos or video selfies as part of its verification process, which would provide a blue checkmark to illustrate authenticity. So the passport and driver’s license stuff is new. Once you upload the ID, Tinder will check to see if it lines up with your video selfie and the photos on your profile. It’ll also look at the date of birth on the license or passport to confirm your age.

 

VoltSchemer attacks use wireless chargers to inject voice commands, fry phones

A team of academic researchers show that a new set of attacks called ‘VoltSchemer’ can inject voice commands to manipulate a smartphone’s voice assistant through the magnetic field emitted by an off-the-shelf wireless charger. VoltSchemer can also be used to cause physical damage to the mobile device and to heat items close to the charger to a temperature above 536F (280C). A technical paper signed by researchers at the University of Florida and CertiK describes VoltSchemer as an attack that leverages electromagnetic interference to manipulate the charger’s behavior.

 

Singapore struggles with scams as cybercrime cases keep climbing

Scams and cybercrime cases in Singapore continue their upward trajectory, increasing by 49.6% last year, even as the country rolls out several industry-wide measures to stem such incidents. The number of scam and cybercrime cases hit 50,376 in 2023, up from 33,669 cases the previous year, with scams accounting for 92.4% of overall cases. Victims lost a total of SG$651.8 million (USD$483.62 million), marking the first dip in the past five years, and from SG$660.7 million in 2022, according to the latest stats from the Singapore Police Force (SPF). 

 

Russian Hackers Launch Email Campaigns to Demoralize Ukrainians

A Russian threat-actor is targeting Ukrainian citizens with email Psychological Operations (PSYOPs) campaigns aimed at making them believe Russia is winning the war, new research from ESET has revealed. Two different waves of the disinformation campaign were detected by the firm – the first in November 2023 and the second at the end of December. The PSYOP campaign, dubbed Operation Texonto, is designed to raise doubts about the progress of the conflict among Ukrainians and Ukrainian speakers abroad. The contents of the emails contained warnings of impacts such as heating interruptions, medicine shortages and food shortages in the region.

Related Posts