Nvidia announces AI-powered tools for cybersecurity
At its GTC 2021 virtual conference, the company announced Morpheus, an app framework designed to provide cybersecurity partners with AI skills for detecting and mitigating cybersecurity attacks. Nvidia sees the advantage in Morpheus as being able to turn compute nodes in networks into cyberdefense sensors, able to identify, capture, and act on threats and anomalies with machine learning. Developers will be able to create unique Morpheus skills using deep learning models to meet their own specific needs.
Biden announces nominations for cybersecurity positions
The administration announced it intends to nominate former NSA deputy director Chris Inglis as the first national cyber director. The new role will see Inglis coordinate the defense of civilian agencies and review agencies’ cyber budgets, but won’t review offensive cyber policy conducted by the military and intelligence agencies. Former NSA intelligence officer Jen Easterly will also be nominated as the new CISA director. Both have long histories in cyber policy, with Easterly helping to stand up U.S. Cyber Command more than a decade ago.
Apple updates chip security mid-production
Updated Apple support documents show the company made mid-production hardware changes to the A12, A13, and S5 processors in the fall of 2020 to update the Secure Storage Component. This second-generation component includes counter lockboxes, which would seemingly mitigate password-cracking devices like GrayKey, which rely on a workaround that allows for unlimited password attempts. This would impact at least the 8th generation iPad, Apple Watch SE, and HomePod mini, although the documents do not name specific devices.
Apple and Google block NHS COVID app update
Google and Apple blocked an update to the NHS Covid-19 contact tracing app, which would have prompted users to upload logs of venue check-ins if they tested positive for the virus. The terms of Google and Apple’s exposure notification API, used by the NHS app, states that apps must “not share location data from the user’s device with the public health authority, Apple, or Google.” Although the app requires users to opt-in to sharing data, it still violates the terms. Scotland got around these terms by using a different app for users to log entry into business, which could then send the data to health authorities.
Thanks to our episode sponsor, Sonatype
Ransomware causes cheese shortage
A ransomware attack against the Dutch logistics provider Bakker Logistiek encrypted devices on their network and disrupted food transportation and fulfillment operations. This left the organization unable to fulfill orders or find inventory in warehouses. This led to several food shortages across the largest chain of supermarkets in the Netherlands, particularly with cheese. Bakker said it is able to restore operations from backups, and is coordinating with customers to resume deliveries. It’s unclear what ransomware group was behind the attack.
DuckDuckGo blocks FLoC
The search provider DuckDuckGo will block Google’s proposed third-party cookie alternative Federated Learning of Cohorts, or FLoC, in its search engine and Chrome extension. DuckDuckGo expressed concern Google is automatically opting Chrome users into tracking with FLoC. While FLoC does not use individual tracking to serve personalized ads, DuckDuckGo takes issue with any user tracking. The company is updating its Chrome extension to block FLoC, although this still needs to be approved by Google before being updated in the Chrome web store.
Zoom exploit shown at Pwn2Own
Security researchers from Computest showed off a remote code execution vulnerability for the popular teleconferencing client at the annual hacking contest. While details of the exploit are still not disclosed as Zoom is patching the flaw, it impacted the Windows and Mac versions of the zoom Chat app, but not in the browser. Zoom confirmed that Zoom Meetings and Zoom Video Webinars were not part of the flaw. The researchers won a $200,000 prize for the exploit.
Microsoft open-sources CyberBattleSim
The Python-based enterprise environment simulator allows organizations to build a highly abstract simulation of computer systems. This can serve as a training ground for autonomous cybersecurity solutions, with CyberBattleSim supporting the reinforcement training of agents as both attackers and defenders of the network. While a useful tool, Microsoft said this was intentionally designed as a highly abstracted system as it can’t be directly applied to real-world environments, providing a safeguard against it being used by malicious actors.