AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 5/30/2024

How the DOJ is using a Civil War-era law to enforce corporate cybersecurity

Amid an onslaught of high-profile cyberattacks showing how companies often neglect basic security measures, the Department of Justice is trying to use a law passed during the Civil War to put businesses on notice that these failures are unacceptable. Under the umbrella of DOJ’s Civil Cyber-Fraud Initiative, federal prosecutors have since early 2022 deployed the pointedly named False Claims Act to punish contractors that mislead the government about their cybersecurity defenses, hoping to send a shot across the bow of other vendors that aren’t complying with rules intended to fend off hackers.


Threat Actor 888 Claims to Have Leaked Data from Shell, Affecting 80,000 Individuals

In a concerning development, threat actor 888 has purportedly leaked data attributed to Shell, the renowned British multinational oil and gas corporation. The disclosed database, reportedly comprising around 80,000 entries, allegedly includes sensitive information such as first names, last names, email addresses, phone numbers, residential addresses, and more. According to the claims made by the threat actor, the breach has affected individuals from several countries, including the UK, Australia, France, India, Singapore, the Philippines, the Netherlands, Malaysia, and Canada. The scope of this breach highlights the extensive reach of Shell’s operations and the potential widespread impact on individuals across multiple regions.


Okta Warns of Credential Stuffing Attacks Targeting Customer Identity Cloud

Okta is warning that a cross-origin authentication feature in Customer Identity Cloud (CIC) is susceptible to credential stuffing attacks orchestrated by threat actors. “We observed that the endpoints used to support the cross-origin authentication feature being attacked via credential stuffing for a number of our customers,” the Identity and access management (IAM) services provider said. The suspicious activity commenced on April 15, 2024, with the company noting that it “proactively” informed customers that had the feature enabled. It did not disclose how many customers were impacted by the attacks.


Meta removes AI-generated influence campaigns in China, Israel

Meta Platforms Inc. removed hundreds of Facebook accounts associated with covert influence campaigns from China, Israel, Iran, Russia and other countries, some of which used artificial intelligence tools to generate disinformation, according to the company’s quarterly threat report. Meta, the parent of Facebook, Instagram and WhatsApp, has seen threat actors rely on AI to produce fake images, videos and text in an effort to influence users on its sites. But the use of generative AI didn’t affect the company’s ability to disrupt those networks, Meta said Wednesday in the report.


NIST unveils ARIA to evaluate and verify AI capabilities, impacts

The National Institute of Standards and Technology (NIST) is launching a new testing, evaluation, validation and verification (TEVV) program intended to help improve understanding of artificial intelligence’s capabilities and impacts. Assessing Risks and Impacts of AI (ARIA) aims to help organizations and individuals determine whether a given AI technology will be valid, reliable, safe, secure, private, and fair once deployed. The program comes shortly after several recent announcements by NIST around the 180-day mark of the Executive Order on trustworthy AI and the U.S. AI Safety Institute’s unveiling of its strategic vision and international safety network.


Related Posts