Google Chrome feature blocks attacks against home networks
As a new possible solution for home office security, Google has published a support document to prevent malicious websites from attacking devices and services that users assumed were unreachable by virtue of residing on the user’s local intranet or the user’s machine. Named as a “Private Network Access protections” feature, it will check before allowing a public website to direct a browser to visit another site within the user’s private network. When the browser detects that a public site attempts to connect to an internal device, the browser will send a preflight request to the device first and will block it if there is no satisfactory response.
Mastermind behind Zeus and IcedID malware pleads guilty
Following up on a story from October 2022, Ukrainian national Vyacheslav Igorevich Penchukov has pleaded guilty to RICO Act offenses and wire fraud respectively for his leadership roles in developing and distributing the Zeus banking trojan and the IcedID malware, along with the running a widespread racketeering enterprise. The 37-year-old had been arrested by Swiss authorities in October 2022, and now faces a maximum penalty of 20 years in prison for each count. He is scheduled to be sentenced on May 9.
Air Canada must honor refund invented by its chatbot, says court
This case deals with a passenger who booked a flight last year to attend the funeral of his grandmother. He asked the airline’s chatbot for its bereavement policy, which allows a discount for such quickly booked flights. The bot provided information that did not agree with the airline’s main bereavement policy page. When Air Canada refused to honor what the bot had promised, the passenger took his case to a small claims tribunal. Air Canada’s defense was that it should not be liable for the chatbot’s misleading information because it is “a separate legal entity that is responsible for its own actions.” The tribunal disagreed. Air Canada later stated that the AI-powered bot was intended chiefly to assist during periods of peak demand, helping customers confirm their flights. “Experts told the Vancouver Sun newspaper that Air Canada may have succeeded in avoiding liability in this case if its chatbot had warned customers that the information that the chatbot provided may not be accurate.”
Tech giants sign Munich agreement to fight AI-generated election fraud
Executives from Adobe, Amazon, Google, IBM, Meta, Microsoft, OpenAI and TikTok all gathered at the Munich Security Conference, have signed on to a protocol for respond to AI-generated deepfakes that are intended to trick voters. Twelve other companies, including X, are also signing the agreement. According to Security Week, “the companies aren’t committing to ban or remove deepfakes. Instead, the accord outlines methods they will use to try to detect and label deceptive AI content when it is created or distributed on their platforms.”
Huge thanks to this week’s episode sponsor, Conveyor
Russia-aligned threat group exploits Roundcube webmail for espionage campaign
Following up on a story we covered last from last October, researchers at Recorded Future’s Insikt Group have detected a threat actor which they suggest has been conducting cyber-espionage against government, military, and national infrastructure entities in Europe and Central Asia since at least December 2020. Named TAG-70 they believe it is working on behalf of Belarus and Russia. Its latest campaign, which ran between October and December 2023, used cross-site scripting (XSS) vulnerabilities in Roundcube webmail servers to access more than 80 organizations in Georgia, Poland, and Ukraine. The researchers say it shares similarities with other Russian-aligned threat groups such as BlueDelta (APT28) and Sandworm.
Will ransomware payments be used to aid Ukraine?
An agreement between Estonia and the US, signed last week at the Munich Security Conference, appears to be paving the way for seized ransomware payments to be assigned to assist Ukraine in its defense efforts. The signed agreement was not related to ransomware but represented $500,000 in funds confiscated from Russia after it was caught attempting to smuggle a high precision weapons making tool via Estonia. As part of the Justice Department’s special task force called KleptoCapture, the idea is being floated that “proceeds from ransomware attacks could be included in the basket of offenses that allow them to garnish the funds and send them to Ukraine.”
Booter DDoS operator charged after Baltimore schools attack
Los Angeles resident Scott Esparza was charged last week in federal court for running a DDoS-for-hire service, that, according to prosecutors, would “allow his subscribers, for a fee, to cause floods of Internet traffic to be directed to victim computers.” His service, named Astrostress, is allegedly responsible for a DDoS attack on Baltimore County Public Schools in February 2022. The prosecution is part of a crackdown conducted by the Department of Justice on such for-hire services.
Reddit signs AI content licensing deal ahead of IPO
The agreement, according to Bloomberg News, citing people familiar with the matter, will “allow an Artificial Intelligence (AI) company to train its models on the social media platform’s content.” The deal may be worth $60 million on an annualized basis and comes just ahead of its IPO. The AI company involved in the deal was not named.
(Reuters)