Cyber Security Headlines – January 6, 2022

Microsoft’s digital signature verification exploited

Check Point Researcher discovered the group Malsmoke using the ZLoader malware exploiting a flaw in Microsoft’ digital signature verification in order to steal user credentials and other sensitive information. The campaign seems to date back to at least November 2021. The campaign has already hit over 2,100 unique victims across 111 countries, althogh mainly focused on the US, Canada, and India. This attack also appears to be under active development, with exact attack methods updating on a weekly basis. The researchers recommend applying Microsoft’s update for strict Authenticode verification to avoid the attack. 


New York AG warns of credential stuffing attacks

New York Attorney General Letitia James announced her office notified 17 businesses about the attacks, including online retailers, restaurant chains, and food delivery services. This warning came from monitoring hacking forums containing customer login credentials, with the OAG office collecting over 1.1 million credentials apparently comprised in a credential stuffing attack. James said her office worked with the companies to determined how credentials were obtains, and how to better secure customer accounts going forward. 

(The Record)

Google acquires Siemplify

The search giant acquired the Israeli startup for $500 million. Google described the company as a security, orchestration, automation, and response organization, and plans to integrate its assets into Chronicle as part of the overall Google Cloud business unit. Siemplify was founded in 2015, before Chronicle launched as an Alphabet company in 2018, and then merged into Google Cloud in 2019. In August Google pledged to spend over $10 billion over the next five years to improve US cybersecurity, so this deal puts them 5% there. 

(The Verge)

AMD debuts Microsoft’s new security chip

Microsoft first announced Pluton, an extension of it’s Trusted Platform Module program back in Novenber 2020. Microsoft based Pluton off a security chip initially used in the Xbox One,, integrating hardware security components directly into the CPU. Pluton was developed with AMD, Intel, and Qualcomm, and the technology is already in use intenerally at Microsoft with its Azure Sphere processors.. At CES, AMD announced it would be the first company to launch a consumer product with Pluton, integrating it into its new Ryzen 6000 series CPUs. Lenovo will be the first to ship the processors in the ThinkPad Z13 and Z16 laptops, coming in May. 


Thanks to our episode sponsor, deepwatch

Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reducing ransomware risk, and minimizing the overall impact an attack can have. Visit to see how we help to prevent breaches for our customers, by working together.

Meta reportedly halts AR/VR OS development

Meta has not been shy about being bullish about the metaverse, going so far as to rename the company after the primacy of those efforts. A key piece to this is the continued growth of its Oculus VR hardware unit. So it comes as a bit of a surprise to see The Information’s sources saying the company has halted development of a new OS for AR and VR headsets. Currently the company uses a modified version of Android on its Oculus headsets, and while the company hasn’t ruled out the possibility of resuming work on a new OS, it plans to keep using Android for the foreseeable future. 

(The Information)

German regulators will keep a close eye on Google

Germany’s Federal Cartel Office ruled that Alphabet’s Google business will be subject to additional oversight over the next five years, letting the regulator ban practices it deems anticompetitive. The FCO already began looking at how Google processes personal data as well as its News Showcase. The regulator said it made the ruling because google was of “paramount significance for competition across markets” but that its influence on markets was insufficiently controlled by competitors in the market. 


FTC settles on mortgage data leak

The Federal Trade Commission reached a settlement with the Texas-based firm AScension on a 2019 data leak that saw sensitive mortgage documents exposed. The FTC ordered the company to strength its own security practices, as well as set safeguards for vendors. The data leak was caused the vendor OpticsML, which was hired by Ascension for OCR conversion of mortgage documents. OpticsML left the data exposed on an open database for over a year, which included 24 million records with information on names, dates of birth, social security numbers, and bank account information. Logs show the database accessed over 50 times, mostly from computers located in Russia or China. 


AI-generated stock models are now a thing

The German stock photo agency Smarterpix announced the first set of stock portraits entirely generated by AI are now available for legal licensing. These were generated in partnership with VAIsual, which specializes in synthetic stock media. This library of human portraits will be generated with green-screen backgrounds. VAIsual claims this will allow it to offer a library of “diverse faces, ages, ethnicities, and genders.” The company claims it developed its dataset for the AI generated portraits in-house, with all source models signing biometrics release forms. Of the initial 800 portraits, some clearly do not pass as real photos, and emotions displayed by the AI are predominantly disgust, boredom, or sadness, with no images of happiness.


Rich Stroffolino is a podcaster, editor and writer based out of Cleveland, Ohio. He's spent the past five years creating media for technology enthusiasts and IT practitioners. He dreams of someday writing the oral history of Transmeta.