Cisco IOS XE Update: Number of infected devices via zero-day remains high
Following up on a story we have been following on Cyber Security Headlines, Cisco and other firms have confirmed that attackers have updated their implants on infected Cisco IOS XE devices. This explains why scans over the weekend appeared to show a significant drop in exploited devices. Shortly after Cisco disclosed the first zero-day IOS XE flaw (CVE-2023-20198), internet scans identified roughly 50,000 switches and routers infected by a malicious implant. However, just a few days later, scans showed that the number of hacked devices dropped to 100. Security firm Fox-IT found an updated fingerprinting method which has identified nearly 38,000 Cisco devices still hosting the implant.
California sidelines GM’s driverless cars, citing safety risk
On Tuesday, the state of California ordered General Motors’ Cruise unit to remove its driverless cars from state roads and called the vehicles “an unreasonable risk to public safety.” The suspension follows a series of accidents involving Cruise vehicles and is a major setback to GM’s self-driving business that the company hailed as a major growth opportunity. The DMV order also said Cruise misrepresented information related to the safety of its vehicles. Cruise is allowed to challenge the suspension within five days, though the company did not say if it planned to do so.
(Reuters)
Canada accuse China of ‘Spamouflage’ disinformation campaign
On Monday, Canada warned of a Chinese “Spamouflage” disinformation campaign using waves of posts and deepfake videos across more than 50 platforms and forums to disparage and discredit Canadian lawmakers and silence criticism of the Chinese Communist Party. The government ministry said a bot network posted thousands of messages on social media accounts of parliament members, including Prime Minister Justin Trudeau and opposition leader Pierre Poilievre. Canada’s allegations come after Meta reported in August that it had purged thousands of Facebook and Instagram accounts that were part of the widespread Chinese spam operation. On Tuesday, China’s foreign ministry rejected the allegations, saying Ottawa, “confuses black with white and misleads public opinion.”
1Password, Cloudflare affected by Okta compromise
Password manager 1Password and cybersecurity firm Cloudflare have confirmed they were targeted by hackers following the breach affecting single sign-on provider Okta. 1Password said on September 29, a member of its IT team received an unexpected alert that someone generated a list of Okta administrators. 1Password invoked their security incident response team which confirmed that a threat actor had accessed their Okta account with administrative privileges.1Password promptly terminated the malicious activity and concluded that no 1Password user data was accessed. In Cloudflare’s case, a threat-actor successfully hijacked an Okta session token to access Okta’s customer support systems, but said, “no Cloudflare customer information or systems were impacted by this event because of our rapid response.” Cloudflare sharply criticized Okta for taking more than two weeks to disclose compromise of their customer HTTP Archive files (HAR).
Huge thanks to our sponsor, Vanta
Vanta’s market-leading trust management platform brings GRC and security efforts together. Integrate information from multiple systems and reduce risks to your business and your brand — all without the need for additional staffing.
And by automating up to 90% of the work for SOC 2, ISO 27001, and more, you’ll be able to focus on strategy and security, not maintaining compliance.
Join 5,000 fast-growing companies that leverage Vanta to manage risk and prove security in real-time. Our listeners get $1,000 off Vanta. Go to vanta.com/ciso to claim this discount.
AI Godfathers say major tech firms should devote a third of AI budget to managing risk
Two so-called AI godfathers, Yoshua Bengio and Geoffrey Hinton, have joined with 22 other AI experts to propose a policy and governance framework to address growing artificial intelligence (AI) risks. The proposal comes ahead of next week’s AI safety summit meeting at Bletchley Park in the UK, where politicians, tech leaders, academics and others will gather to discuss how to regulate AI. The paper recommends large private companies and government regulators devote a third of their AI research and development budgets to AI safety. The paper also calls on governments to implement processes for AI model registration, safety inspections, whistleblower protections, incident reporting, and monitoring. The paper also says measures should be instituted to hold AI developers legally accountable for any harm their models cause. While the industry appears to be shifting toward caution regarding AI use and development, another prominent AI expert, Yann Lecun,argues that current AI risks do not need such urgent measures.
Finland says Chinese ship to blame for subsea pipeline break
Following up on a story we brought to you two weeks ago on Cyber Security Headlines, on Tuesday Finnish police announced that a Chinese ship is to blame for the damage to a subsea gas pipeline running between Finland and Estonia. Authorities believe an anchor found in the seabed near the Balticconnector pipeline was to blame for the damage. The investigation is focused on a vessel spotted in the area called Newnew Polar Bear, which is owned by a Chinese shipping company. Finnish authorities say they are, “investigating if there has been any premeditation or negligence involved in the sequence of events.”
Over 80% of security leaders have already received AI email attacks
A recent report from Abnormal Security has revealed that nearly all (98%) security leaders are concerned about the cybersecurity risks posed by artificial intelligence (AI) tools with four-fifths (80.3%) of respondents confirming their organizations have either already received AI-generated email attacks or strongly suspect that this is the case. The majority of respondents rely on their cloud email providers or legacy tools for email security. Nearly half of respondents (46%) lack confidence in traditional solutions to detect and block AI-generated attacks. Finally, 92% of survey participants see the value in using AI to defend against AI-generated email threats while more than 94% say that AI will have a major impact on their cybersecurity strategy over the next two years.
Researchers crack code to unlocking a USB drive worth $235 million in Bitcoin
Seattle-based startup, Unciphered, claims to have cracked the encryption of IronKey S200, a decade-old USB thumb drive. The company says it exploited an undisclosed vulnerability to bypass the drive’s feature that erases its contents after 10 incorrect password attempts. After their breakthrough, Unciphered contacted a Swiss crypto entrepreneur, Stefan Thomas, who has forgotten the password to his IronKey containing 7,002 bitcoins, valued at roughly $235 million. Thomas has only two password attempts left before losing access to his fortune but politely declined Unciphered’s offer to help saying that he’d already made a “handshake deal” with two other cracking teams a year earlier. Thomas remains committed to giving those teams more time to work on the problem though neither team has shown signs of pulling off the decryption trick that Unciphered has accomplished.