AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 2/28/2024

Most Commercial Code Contains High-Risk Open Source Bugs

Three-quarters (74%) of commercial codebases contain open source components featuring “high-risk” vulnerabilities, according to a new study from Synopsys. The chip design tool company’s ninth annual Open Source Security and Risk Analysis (OSSRA) report analyzed anonymized findings from over 1000 commercial codebase audits in 17 industries. It found that the share featuring high-risk open source bugs – that is, ones that have been actively exploited, have documented proof-of-concept exploits or are classified as remote code execution – increased from 48% in 2022.


OpenAI alleges New York Times ‘hacked’ ChatGPT for lawsuit evidence

OpenAI asked a judge to dismiss parts of The New York Times’ lawsuit against it, alleging that the media company “paid someone to hack OpenAI’s products,” such as ChatGPT, to generate 100 examples of copyright infringement for its case. In a filing Monday in Manhattan federal court, OpenAI alleged it took the Times “tens of thousands of attempts to generate the highly anomalous results,” and that the company did so using “deceptive prompts that blatantly violate OpenAI’s terms of use.” “Normal people do not use OpenAI’s products in this way,” OpenAI wrote in the filing.


Mexico’s ‘Timbre Stealer’ Campaign Targets Manufacturing

Cybercriminals are spreading a new infostealer across Mexico by catching targets with tax season-related phishing lures — focusing on organizations rather than consumers. The campaign observed by Cisco Talos goes back to November, when the first samples of “Timbre Stealer,” a new unfocused but wide-ranging infostealer, first began spreading to targets via malicious emails. In the time since, it has spread to organizations across varied industries, most of all to manufacturing and transportation. More recently, the threat actors have honed their phishing message using Mexico’s tax season — the timing of which broadly overlaps with the US’s — to catch their corporate targets off-guard and perpetuate the further spread of Timbre Stealer.


Hackers backed by Russia and China are infecting SOHO routers like yours, FBI warns

The FBI and partners from 10 other countries are urging owners of Ubiquiti EdgeRouters to check their gear for signs they’ve been hacked and are being used to conceal ongoing malicious operations by Russian state hackers. The Ubiquiti EdgeRouters make an ideal hideout for hackers. The inexpensive gear, used in homes and small offices, runs a version of Linux that can host malware that surreptitiously runs behind the scenes. The hackers then use the routers to conduct their malicious activities. Rather than using infrastructure and IP addresses that are known to be hostile, the connections come from benign-appearing devices hosted by addresses with trustworthy reputations, allowing them to receive a green light from security defenses.


FCC plans vote on cybersecurity labels for smart devices amid rising risks

US President Joe Biden is expected to sign an executive order today that aims to prevent the sale or transfer of Americans’ sensitive personal information and government-related data to adversarial countries including China and Russia. In addition to the executive order, the White House will propose regulations that prohibit companies from directly or indirectly transferring large amounts of certain types of data to so-called “countries of concern” – China, Russia, North Korea, Iran, Cuba, and Venezuela – according to a senior administration official. The concern is that these countries, which can legally buy Americans’ sensitive information from data brokers and others, will use this to undermine national security.


Related Posts