This week’s Cyber Security Headlines – Week in Review, February 13-17, is hosted by Sean Kelly with our guest, George Al-Koura, CISO, Ruby
Cyber Security Headlines – Week in Review is live every Friday at 12:30pm PT/3:30pm ET. Join us each week by registering for the open discussion at CISOSeries.com
Clop ransomware claims it breached 130 orgs using GoAnywhere zero-day
Following up on a story we brought you last Monday regarding the Zero-Day in Fortra’s GoAnywhere MFT, the Clop ransomware gang now claims to have stolen the data from over 130 organizations. The gang reached out to BleepingComputer to state that the thefts occurred over ten days. They also claimed that they could now move laterally through their victims’ networks and deploy ransomware payloads to encrypt their systems but decided against it and only stole the documents stored on the compromised GoAnywhere MFT servers. The gang refused to provide proof of the infiltration, the thefts, or any extortion activities, nor has Fortra made any comment.
Data brokers hoover up US mental health data
A new study by researchers at Duke’s Sanford School of Public Policy found 11 companies willing to sell traunches of personal data from Americans, including mental health information. This included information on what antidepressants they were taking, if they struggled with insomnia, or had Alzheimer’s disease. Some providers aggregated this information by zip code, while others tied this directly to names, address, and incomes. While the Health Insurance Portability and Accountability Act, or HIPAA restricts how “covered health entities” share health data, its protections don’t apply one the data is sent elsewhere. While some brokers offered opt-out to individuals, they don’t receive notifications when brokers initially obtain data.
(WaPo)
New Bing search hit with injection attack
Microsoft began slowly rolling out beta access to its “New Bing” search with generative-AI integration using its Prometheus engine. Stanford studen Kevin Liu used a prompt injection to discover a list of statements showing how the system interacts with users. These prompt injections can be used to circumvent limits and instructions in language model prompts. The prompt injection with Bing revealed its codename of Sydney, that it should refer to itself as “Bing Search” or “This is Bing,” and that it should not disclose its internal alias. The conditions also instruct Bing to not reply with copyright violating content or to tell jokes that “can hurt a group of people.”
Thanks to today’s episode sponsor, CISO Series
Hackers breached Pepsi Bottling network
Pepsi Bottling Ventures (PBV) has disclosed a breach of its network in an email sent to consumers this past Friday (February 10). On January 10, the company discovered that info-stealing malware had been deployed to its network back in December last year. Pepsi Bottling confirmed that a threat actor accessed systems and downloaded information belonging to former and current employees including names, home and email addresses, financial account information, government IDs, digital signatures, benefits and medical information.
AI has successfully piloted an F-16 fighter jet
The US Department of Defense’s (DoD) research agency, DARPA, announced that they’ve successfully completed several AI-controlled flights with their F-16 test aircraft (known as the X-62A or VISTA), at Edwards Air Force Base, California. DARPA said it doesn’t expect the plane to fly without a pilot, but the AI will control the jet and provide flight data while the “human pilot focuses on larger battle management tasks in the cockpit.” Back in 2018, the government committed to a 5-year, $2 billion AI spending plan. DARPA said that AI-powered L-39s will participate in a live dogfight above Lake Ontario in 2024.
Hyundai and Kia to update anti-theft software on millions of vehicles
Hyundai and its subsidiary Kia are now offering free software updates for their cars in response to a rash of car thefts after the so-called “Kia Challenge” went viral on TikTok. Thieves known as “the Kia Boyz” posted instructional videos showing how to bypass the vehicles’ security system using simple tools like a USB cable. The security update that will activate an “ignition kill” feature to effectively neutralize the now popularized theft techniques. The car manufacturers are offering the software upgrade free of charge for a total of 8.3 million eligible cars. Previously, Hyundai was charging car owners $170 for the software upgrade, in addition to any labor costs to install it.
Evolving cyberattacks and alert fatigue creating DFIR burnout
The evolution of cybercrime is weighing heavily on digital forensics and incident response (DFIR) teams, leading to significant burnout and potential regulatory risk. That’s according to the 2023 State of Enterprise DFIR Survey by Magnet Forensics, a developer of digital investigation solutions. The firm surveyed 492 DFIR professionals in North America and Europe, the Middle East, and Africa working in organizations in industries such as technology, manufacturing, government, telecommunications, and healthcare. More than half (54%) of DFIR professionals surveyed said they feel burned out in their jobs, with 64% stating that alert and investigation fatigue is a likely contributing factor.