The use and power of generative Artificial Intelligence (AI) technology to commit payment fraud has grown. Biometric-dependent voice-based payment method usage has increased, making generative AI a greater threat. Voice generation tools now require only a few seconds of a recorded voice sample from a target to produce a voice deepfake that will say whatever the fraudster wants. Since it is easy to impersonate a person of authority, as in the case of a bank conned out of $35 million, voice deepfakes pose major risks to manual reviews of high-value payments.

Popular athleisure clothing brand Halara recently announced that it is investigating a data breach after the alleged data of almost 950,000 customers was leaked on a hacking forum.  The Hong Kong company was founded in 2020 and quickly became very popular through the many videos promoting its clothing on TikTok.  A person named "Sanggiero" claimed to have breached Halara earlier this month and shared a text file containing stolen customer data on a hacking forum and a Telegram channel.

According to investigators from Resecurity's HUNTER (HUMINT), Indonesia is increasingly being targeted by cyber threat actors with attacks that pose significant long-term risks to the country's election integrity. These findings overlap with the approaching Indonesian presidential election in February 2024. This article continues to discuss the rise in the targeting of Indonesia by cyber threat actors.

Medusa ransomware threat actors have increased their activities following the February 2023 launch of a data leak site on the dark web to publish sensitive data of victims who refuse to give in to their demands. According to Palo Alto Networks' Unit 42, as part of their multi-extortion strategy, this group gives victims multiple options when their data is posted on their leak site, such as time extension, data deletion, and more. Medusa is a ransomware family that emerged in late 2022 before becoming well-known in 2023.

Anne Neuberger, the deputy national security advisor for cyber and emerging technologies, announced that the US has signed an agreement with the European Union on a joint roadmap for a consumer labeling program aimed at alerting consumers about the cybersecurity of Internet of Things (IoT) devices. A cyber trust mark should appear on the packaging of smart devices that meet specific security standards, similar to how the Energy Star label provides a seal of approval for energy-efficient electronics and appliances.

Laptop computer maker Framework has recently started notifying users that personal information was stolen in a data breach at its primary external accounting partner.  The California-based company said the incident occurred on Thursday, January 11, and was the result of a phishing attack targeting an employee at Keating Consulting.

Selections by dgoff

​Pub Crawl summarizes, by hard problems, sets of publications that have been peer-reviewed and presented at SoS conferences or referenced in current work. The topics are chosen for their usefulness for current researchers. Select the topic name to view the corresponding list of publications. Submissions and suggestions are welcome.

According to the Finnish National Cybersecurity Center (NCSC-FI), the Akira ransomware, first detected in Finland in June 2023, was particularly active at the end of 2023. In 2023, NCSC-FI received 12 reports of Akira ransomware attacks on Finnish organizations, three of which occurred during the holiday season. Before launching the ransomware, the attackers identified and targeted organizations with vulnerable Internet-facing Cisco ASA or FTD devices, as well as found and wiped the organizations' backups.

GitLab has addressed two critical vulnerabilities, one of which allows account hijacking with no user interaction. The vendor urges updating all vulnerable versions of the DevSecOps platform. The most severe vulnerability is an authentication flaw that allows password reset requests to be sent to arbitrary, unverified email addresses, enabling account takeover. Since the platform is commonly used to host proprietary code, Application Programming Interface (API) keys, and other sensitive data, compromising a GitLab account can significantly impact an organization.

According to security researchers at NetDocuments, UK law firms are falling victim to data breaches primarily because of insiders and human error.  The researchers examined data from the Information Commissioner’s Office (ICO) covering Q3 2022 to Q2 2023 and found that 60% of data breaches in the UK legal sector were the result of insider actions, and the rest (40%) were from external actors.  In total, the researchers found that data from legal firms relating to 4.2 million people was compromised during the period analyzed.