JumpCloud resets customer API keys
The access management company informed customers that it took the action in response to an “ongoing incident.” No word on any specifics but JumpCloud said it came “out of an abundance of caution.” The company’s website claims it provides technology to over 180,000 organizations. However given the potential service disruptions resetting API keys could cause, it speaks to the seriousness of the incident.
Would you be interested in a slightly used dark web market?
Operators of accounts tied to the fraud platform Genesis Market began advertising about a sale of the platform in forum posts. These posts initially appeared on June 28th. On the one hand, Genesis provided genuine innovation in cybercrime, not just offering a platform to sell stolen data, but also offering a browser extension to impersonate victims. On the other hand, it’s a tough sell given that an FBI-led operation seized its clear web domains three months ago. It’s also on the US Treasury’s sanctions list. The UK’s National Crime Agency says Genesis dark web mirrors remain “hosted in an inaccessible jurisdiction.”
US and EU agree on new data transfer agreement
The European Union announced it adopted a new transatlantic data adequacy agreement with the United States. EU justice commissioner Didier Reynders said the agreement will allow for personal data flows between the two “on the basis of a stable and trusted arrangement that protects individuals and provides legal certainty to companies.” The prior two data sharing agreements have been struck down in court over concerns that European data could fall under US surveillance powers. Since US surveillance laws remain in tact, the issue remains a major point of contention. Austrian activist Max Schrems filed successful lawsuits against the previous data transfer frameworks. He remains critical of the new agreement, saying he expects the issue to be back before the Court of Justice for the European Union by the start of 2024.
Code Interpreter plugin comes to ChatGPT
OpenAI developed the plug-in for its own internal use. It’s now making it available to all ChatGPT Plus subscribers. Essentially this opens the door for the large language model chatbot to write and run code in Python, as well as to files you approve, with a limit of up to 100 MB. This allows ChatGPT to generate charts, maps, data visualizations and graphics, create interactive HTML pages and more. It appears to be especially useful for data scientist dealing with complex data sets. The idea is the Code Interpreter would great democratize and simplify those types of tasks usually done by data scientists.
And now a word from our sponsor, Opal
Ransomware group claims large breach at UK NHS
The ALPHV ransomware organization added Barts Health NHS Trust to its leak site. Barts, the largest NHS trust which serves over 2.5 million patients, confirmed its investigating. Exfiltrated data seen by TechCrunch claims to show employee documents like passports, as well as confidential internal emails. This marks the second major data breach involving NHS data. In June an attack at the University of Manchester saw an NHS database with data on over 1 million patients accessed.
Revolut flaw exploited for $20 million
The Financial Times’ sources say threat actors exploited a flaw in the payment system from the fintech startup Revolut. This resulted in stealing over $20 million over the course of several months. The attacks targeted a disconnect between the company’s European and US payment systems, which would erroneously refund accounts when it declined specific transactions. The first incidents seem to crop up a few times in 2021 before becoming fully weaponized in 2022. This reportedly impacted Revolut’s corporate funds, rather than those from customers.
Play Store spyware sends data to China
Researchers from the security firm Pradeo discovered a pair of malicious apps in the Google Play Store. Both posed as file utilities, with a combined 1.5 million installs. These apps launched without user interaction after installing, with researchers observing them sending data unprompted to several servers in China. Data sent includes contact info, media, location, as well as network and device information. The researchers noted that despite the high number of installs, neither app showed reviews on the Play Store, indicating use of emulators to boost numbers. The researchers contact Google to take down the apps before publishing findings.
Enhanced Edge Copilot will have a long memory
Microsoft announced an enhanced “Copilot experience” for its Bing-powered sidebar in the Edge browser. This gives Edge users access to Microsoft’s new chatbot, which is able to create output based on text queries, pretty typical generative AI at this point. However this new enhanced experience will add in a memory feature, allowing users to pick up prior interactions with the chatbot. This comes as many organizations ban the use of generative AI tools over fears of data leaks. One of the reasons being that ChatGPT, the most popular of these types of chatbots, keeps all conversations by default. This means any leak of ChatGPT credentials risks exposing company information. Adding in a memory feature to a feature on a default Windows browser seems to further exacerbate privacy and security considerations with these tools.