AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 3/20/2024

We’re one step closer to a global cybersecurity standard for smart home devices

As useful as connected devices like video doorbells and smart lights are, it’s wise to exercise caution when using connected tech in your home, especially after years of reading about security camera hacksfridge botnet attacks, and smart stoves turning themselves on. But until now, there hasn’t been an easy way to assess a product’s security chops. A new program from the Connectivity Standards Alliance (CSA), the group behind the smart home standard Matter, wants to fix that. Announced this week, the CSA’s IoT Device Security Specification is a baseline cybersecurity standard and certification program that aims to provide a single, globally recognized security certification for consumer IoT devices.


NIST’s NVD has encountered a problem

Whether the cause is insurmountable technical debt, lack of funds, a third reason or all of them, NIST’s National Vulnerability Database (NVD) is struggling, and it’s affecting vulnerability management efforts. Anyone who regularly uses the NVD as a source of information about CVE-numbered vulnerabilities could not have missed the notice featured at the top of its main page since February 15, 2024. Since then, NIST has still been populating the database with entries for vulnerabilities that have been assigned CVE numbers and have been published on MITRE’s CVE List, but has failed to update many of the entires with information that NVD analysts usually add.


Nvidia Wants to Replace Nurses With AI for $9 an Hour

Nvidia announced a collaboration with Hippocratic AI on Monday, a healthcare company that offers generative AI nurses who work for just $9 an hour. Hippocratic promotes how it can undercut real human nurses, who can cost $90 an hour, with its cheap AI agents that offer medical advice to patients over video calls in real-time. “Voice-based digital agents powered by generative AI can usher in an age of abundance in healthcare, but only if the technology responds to patients as a human would,” said Kimberly Powell, vice president of Healthcare at NVIDIA in a press release Monday.


Russians will no longer be able to access Microsoft cloud services, business intelligence tools

Microsoft will reportedly suspend access to its cloud services for Russian users this month as a result of European sanctions imposed on Russia after its invasion of Ukraine. The Russian tech firm Softline, one of the largest distributors of Microsoft products in the country, said in a statement last week that local users will lose access to the cloud services provided by Microsoft on March 20.  Softline also shared a letter it received from Microsoft in the private Telegram channel it created to help clients transition to a local software provider. Several other local tech companies confirmed to Forbes Russia that they too received a warning email from Microsoft. Softline shared a similar letter from Amazon.


Five Eyes tell critical infra orgs: take these actions now to protect against China’s Volt Typhoon

The Feds and friends yesterday issued yet another warning about China’s Volt Typhoon gang, this time urging critical infrastructure owners and operators to protect their facilities against destructive cyber attacks that may be brewing. The Tuesday alert – issued by the US Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), FBI and eight other US and international partners – comes a little more than a month after the same groups from the same Five Eyes nations sounded the alarm on Volt Typhoon compromising “multiple” critical infrastructure orgs’ IT networks in America. The previous advisory, published on February 7, also warned that the Beijing-backed crew was readying “disruptive or destructive cyber attacks” against these same targets.


Cybercriminals Beta Test New Attack to Bypass AI Security

A recent discovery by SlashNext threat researchers reveals a dangerous cyberattack method termed “Conversation Overflow.” This technique involves cloaked emails designed to bypass machine learning (ML) security controls, allowing malicious payloads to infiltrate enterprise networks. In a typical Conversation Overflow attack, cybercriminals employ cloaked emails designed to deceive ML tools into categorizing them as harmless. These emails contain two distinct sections: one visible to the recipient, prompting them to take action such as entering credentials or clicking links and another hidden portion filled with innocuous text. Threat actors exploit ML algorithms by strategically inserting blank spaces to separate these sections, often focusing on deviations from “known good” communications rather than identifying malicious content.

Related Posts