Elephant0991

Summary

• The Marion County Record newsroom in Kansas was raided by police, who seized two cellphones, four computers, a backup hard drive, and reporting materials.

• A computer seized was most likely unencrypted. Law enforcement officials hope that devices seized during a raid are unencrypted, as this makes them easier to examine.

• Modern iPhones and Android phones are encrypted by default, but older devices may not be.

• Desktop computers typically do not have encryption enabled by default, so it is important to turn this on manually.

• Use strong random passwords and keep them in a password manager.

• During the raid, police seized a single backup hard drive. It is important to have multiple backups of your data in case one is lost or stolen.

• You can encrypt USB storage devices using BitLocker To Go on Windows, or Disk Utility on macOS.

• All major desktop operating systems support Veracrypt, which can be used to encrypt entire drives.

Main Take-aways

• Encrypt your devices, drives, and USBs.

• Use strong random passwords and password manager.

• Have multiple backups.

Paper & Examples

"Universal and Transferable Adversarial Attacks on Aligned Language Models." (https://llm-attacks.org/)

Summary

• Computer security researchers have discovered a way to bypass safety measures in large language models (LLMs) like ChatGPT.
• Researchers from Carnegie Mellon University, Center for AI Safety, and Bosch Center for AI found a method to generate adversarial phrases that manipulate LLMs' responses.
• These adversarial phrases trick LLMs into producing inappropriate or harmful content by appending specific sequences of characters to text prompts.
• Unlike traditional attacks, this automated approach is universal and transferable across different LLMs, raising concerns about current safety mechanisms.
• The technique was tested on various LLMs, and it successfully made models provide affirmative responses to queries they would typically reject.
• Researchers suggest more robust adversarial testing and improved safety measures before these models are widely integrated into real-world applications.

News article: https://techcrunch.com/2023/08/10/belarus-hackers-target-foreign-diplomats/

News Summary

• A hacking group with apparent links to the Belarusian government has been targeting foreign diplomats in the country for nearly 10 years.
• The group, which ESET has dubbed MoustachedBouncer, has likely been hacking or at least targeting diplomats by intercepting their connections at the internet service provider (ISP) level, suggesting close collaboration with Belarus' government.
• Since 2014, MoustachedBouncer has targeted at least four foreign embassies in Belarus: two European nations, one from South Asia, and another from Africa.
• ESET first detected MoustachedBouncer in February 2022, days after Russia invaded Ukraine, with a cyberattack against specific diplomats in the embassy of a European country "somehow involved in the war."
• The hacking group is able to trick the target's Windows operating system into believing it's connected to a network with a captive portal. The target is then redirected to a fake and malicious site masquerading as Windows Update, which warns the target that there are "critical system security updates that must be installed."
• It's not clear how MoustachedBouncer can intercept and modify traffic, but ESET researchers believe it's because Belarusian ISPs are collaborating with the attacks, allowing the hackers to use a lawful intercept system similar to the one Russia deploys, known as SORM.
• Once ESET researchers found the attack last February and analyzed the malware used, they were able to discover other attacks - the oldest dating back to 2014 - although there is no trace of them between 2014 and 2018.
• MoustachedBouncer’s activity spans from 2014 to 2022 and the TTPs of the group have evolved over time.

Summary

• Detroit woman wrongly arrested for carjacking and robbery due to facial recognition technology error.
• Porsche Woodruff, 8 months pregnant, mistakenly identified as culprit based on outdated 2015 mug shot.
• Surveillance footage did not match the identification, victim wrongly identified Woodruff from lineup based on the 2015 outdated photo.
• Woodruff arrested, detained for 11 hours, charges later dismissed; she files lawsuit against Detroit.
• Facial recognition technology's flaws in identifying women and people with dark skin highlighted.
• Several US cities banned facial recognition; debate continues due to lobbying and crime concerns.
• Law enforcement prioritized technology's output over visual evidence, raising questions about its integration.
• ACLU Michigan involved; outcome of lawsuit uncertain, impact on law enforcement's tech use in question.

Summary

• AnonAddy has rebranded as addy.io.
• addy.io is a privacy-focused email service that allows you to create and manage email aliases. Aliases are temporary email addresses that forward to your real email address. This can be useful for protecting your privacy when signing up for websites or services that you don't trust.
• The name change was motivated by a desire for a shorter, easier to understand and more recognizable name.
• The service will remain exactly the same, but with more features.
• There is a also a new logo.
• The web application is now a SPA (single page application).
• The API has also been updated.
• There are a number of new features.
• For most users, there is nothing they need to do.
• All existing alias domains are staying the same. The new addy.io domain will be available to those on paid plans shortly.
• If you use a hardware key for 2FA on your account, you will receive an email notification shortly with further information.

Edited based on comment from: @[email protected]

Summary

• Scammers exploit Twitter's rebranding (transition to name "X") confusion for phishing.
• Twitter Blue users targeted, offered migration to "X," but scammers gain account access.
• Phishing emails seem genuine, appearing to come from x.com and passing the Security Policy Framework (SPF), and include deceptive authorization link, opening a legitimate API authorization screen.
• Clicking link grants attackers control over victim's Twitter account settings and content.
• Victims can block access by revoking app authorization in Twitter settings.
• Twitter is aware and "working on a solution."

Edited based on comment from: @[email protected]