InfoSec News Nuggets 12/21/2023

UK Supreme Court rules AI is not an inventor  The UK Supreme Court ruled that AI cannot get patents, declaring it cannot be named as an inventor of new products because the law considers only humans or companies to be creators. The court unanimously denied a petition from Stephen Thaler, founder of the AI system DABUS, to name his AI as an inventor. The UK’s decision aligns with a similar decision made against Thaler in the…
Read More

InfoSec News Nuggets 12/05/2023

US Lawmakers Want to Use a Powerful Spy Tool on Immigrants and Their Families Americans with family overseas who hope to visit the United States may soon face an increased risk of being surveilled by their own government. Support in Congress is growing for intensified vetting procedures at the US border, which would see immigrants and foreign visitors subjected to the same levels of scrutiny as suspected terrorists and spies. A bill introduced last week…
Read More

InfoSec News Nuggets 06/19/2023

SMS delivery reports can be used to infer recipient's location  A team of university researchers has devised a new side-channel attack named 'Freaky Leaky SMS,' which relies on the timing of SMS delivery reports to deduce a recipient's location. SMS delivery reports are handled by the SMSC (short message service center) of the mobile network to inform when a message has been delivered, accepted, failed, is undeliverable, has expired, or has been rejected. While there are routing,…
Read More

InfoSec News Nuggets 01/27/2023

Morgan Stanley penalizes employees as much as $1 million for WhatsApp breaches  Morgan Stanley has imposed financial penalties on employees who used messaging platforms such as WhatsApp for company business, according to two sources familiar with the situation. The penalties ranged from several thousand dollars for some staff to more than $1 million for others. The amounts were determined by factors such as the number of messages sent, seniority and whether the employees had already received warnings,…
Read More

InfoSec News Nuggets 04/21/2022

U.S., allies provide ‘comprehensive’ look at Russia cyber threats to critical infrastructure U.S and international authorities on Wednesday issued a joint alert warning state-backed Russian hackers and criminal groups remain a top threat to critical infrastructure worldwide. The Cybersecurity and Infrastructure Security Agency (CISA) described the public alert as the “most comprehensive view of the cyber threat posed by Russia to critical infrastructure released by government cyber experts since the invasion of Ukraine in February.” It…
Read More

InfoSec News Nuggets 02/08/2022

Fortune 500 service provider says ransomware attack led to leak of more than 500k SSNs Morley Companies, an organization that provides business services to dozens of Fortune 500 companies, said this week it was hit with a ransomware attack last year that led to the leak of sensitive information for more than 500,000 people. In a press release, the company said the ransomware attack began on August 1 and made their data "unavailable." Despite requests for…
Read More