AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 7/8/2024

OpenAI Did Not Disclose 2023 Breach to Feds, Public: Report 

A hacker reportedly stole information on OpenAI’s new technologies last year by breaking into the company’s internal messaging systems. The messages from a company-wide meeting in April last year had employees discussing details of new artificial intelligence technologies, the New York Times reported, citing unnamed sources. The hacker did not access systems housing or building its applications, it said. OpenAI did not respond to a request for comment. 

 

Is this the biggest password leak ever uncovered? Researchers claim nearly 10 billion credentials under threat — here’s what we know so far 

Researchers claim to have uncovered what appears to be the biggest password cache ever uncovered, with 9,948,575,739 unique plaintext passwords inside. The file, titled ‘rockyou2024.txt’ contains passwords stolen in a mix of old and new attacks, making the file a brute force attackers’ dream. “In its essence, the RockYou2024 leak is a compilation of real-world passwords used by individuals all over the world. Revealing that many passwords for threat actors substantially heightens the risk of credential stuffing attacks,” Cybernews researchers say. 

 

ChatGPT’s much-heralded Mac app was storing conversations as plain text 

OpenAI announced its Mac desktop app for ChatGPT with a lot of fanfare a few weeks ago, but it turns out it had a rather serious security issue: user chats were stored in plain text, where any bad actor could find them if they gained access to your machine. As Threads user Pedro José Pereira Vieito noted earlier this week, “the OpenAI ChatGPT app on macOS is not sandboxed and stores all the conversations in plain-text in a non-protected location,” meaning “any other running app / process / malware can read all your ChatGPT conversations without any permission prompt.” 

 

Signal under fire for storing encryption keys in plaintext 

Popular encrypted messaging app Signal is facing criticism over a security issue in its desktop application. Researchers and app users are raising concerns about how the app handles encryption keys on desktop devices. According to cybersecurity researchers Mysk, the desktop version of Signal stores encryption keys in plain text, an issue that potentially exposes users to data theft. Mysk detailed the problem on Twitter, highlighting that Signal’s desktop app stores local chat history encryption keys in a plaintext file accessible by any process on the system. “End-to-end encryption is useless if any of the ends gets compromised,” Mysk points out. 

 

The President Ordered a Board to Probe a Massive Russian Cyberattack. It Never Did. 

After Russian intelligence launched one of the most devastating cyber espionage attacks in history against U.S. government agencies, the Biden administration set up a new board and tasked it to figure out what happened — and tell the public. State hackers had infiltrated SolarWinds, an American software company that serves the U.S. government and thousands of American companies. The intruders used malicious code and a flaw in a Microsoft product to steal intelligence from the National Nuclear Security Administration, National Institutes of Health and the Treasury Department in what Microsoft President Brad Smith called “the largest and most sophisticated attack the world has ever seen.” 

 

Related Posts