Major telco exchange company hacked

The company Syniverse is a common exchange hub for global telcos including AT&T, T-Mobile, Verizon, Vodaphone, and China Mobile, used primarily to pass billing info back and forth between them. The company recently disclosed to the U.S. Security and Exchange Commission that an unknown entity gained unauthorized access to its network and Electronic Data Transfer system, compromising over 200 customers. These systems reportedly hold information on call records and SMS text messages. The company discovered the breach in May 2021, but it began in May 2016. It’s unclear what information was accessed over the last five years. 

(Vice)

Facebook whistleblower comes out of the shadows

The whistleblower who provided documents that served as the foundation for the Wall Street Journal’s Facebook Files series came forward as former Facebook product manager Frances Haugen. She worked at Facebook for almost two years before leaving in May 2021, working with the company’s Civic Integrity team. Following the breakup of the team on December 2, 2020, she contacted a Journal reporter. Documents leaked to the Journal came from Facebook Workplace and were open to all employees. She is scheduled to testify before Congress this week and filed with the SEC for federal whistleblower protections. While the reveal of the whistleblower doesn’t come with any new revelations about the company, it does reveal why she decided to go public with the information, saying that the Civic Integrity team ultimately felt like an understaffed cleanup crew.

(WSJ)

Amazon creates amazing phishing tool just in time for Christmas

Amazon launched a new feature, letting Prime subscribers in the US send gifts using just an email address or phone number. Gift givers do not get access to a recipient’s address when sending a gift. Recipients receive an email notification about the gift, and can choose to accept, decline, or convert it to an Amazon gift card. Not replying to the notification will refund the purchase after a few days Amazon confirmed there is no way for recipients to opt-out of receiving gifts entirely. To summarize: Amazon will send unprompted emails that promise people free stuff if they click on a link, which won’t be immediately indistinguishable from every phishing scheme ever. 

(The Verge)

Clearview AI finds ways to become more problematic

In an interview with WIRED, Clearview AI CEO Hoan Ton-That claimed the company has now scraped over 10 billion images for its facial recognition dataset, three times more than previously reported. He also said the company is working on two new machine learning tools. One would use image sharpening and machine learning to effectively “deblur” faces, providing an estimate of what the person would look like. Another feature would use machine vision to describe what a covered part of a person’s face looks like using statistical patterns found in other images. It’s unclear when these features would be available to Clearview’s clients, most of whom are law enforcement agencies. 

(WIRED)

Thanks to our episode sponsor, Votiro

Your users need to accept and open files to do their jobs. Keep them safe and productive with Votiro. With Votiro, your users can download and use any file instantly, from PDF to Autodesk CAD, with malicious code already removed—and full file usability intact. The signatureless, agentless file sanitization process happens in milliseconds without user friction. Visit Votiro.com and learn why millions of users trust Votiro to disarm billions of files each year.

Ransomware operators arrested in Ukraine

Europol announced that the US FBI, France’s Gendarmerie Nationale, and the Ukrainian National Police coordinated to arrest two operators of a prolific ransomware operation, although the name of the actual group was withheld for “operational reasons.” The investigators also froze $1.3 million worth of crypto that is believed to be linked to ransom payments. Europol believes the group was behind over a hundred cyberattacks since April 2020, targeting North American and European organizations. The group is estimated to have caused over $150 million in damages. Ukraine’s cyber-police say the arrested operators could serve up to twelve years in prison based on the initial charges. 

(Bleeping Computer)

China outlines rules for ethical AI

China’s Ministry of Science and Technology published its first set of ethical guidelines governing artificial intelligence. The document outlines six guiding principles for AI. Systems should be controllable and trustworthy, improve human well being, promote fairness and justice, protect privacy and safety, and raise ethical literacy.  Humans should also have the right to choose whether to accept AI services, exit an interaction with an AI system or discontinue its operation. This follows a June 2019 set of guiding principles for AI published by the Ministry that provided much shorter and broader guidance. 

(SCMP)

Facebook’s apps suffer massive outage

As Facebook was responding to the latest round of whistleblower releases, the company is also dealing with another issue, a massive outage of all its services! Facebook, Instagram, WhatsApp, Messenger, and Oculus VR are all currently down as of this recording, going offline around 12pm ET. According to Cloudflare, Facebook’s BGP routes have been “withdrawn from the internet.”  Since Facebook maintains its own BGP records, this indicates the change was made internally, not by outside interference. Facebook is showing a generic error message, while Instagram shows a 5xx Server Error message. This appears to be impacting internal Facebook services as well. Oculus users can play already loaded games, but social features and downloading new games is offline.

(The Verge)

Highly theoretically exploit could use Ethernet cables as an antenna 

The Cyber Security Research Center at Ben Gurion University is something of a security research mad scientist’s lab, frequently demonstrating novel ways to exfiltrate data from air-gapped systems. Their latest is called the “LANtenna Attack,” which uses malicious code on an air-gapped system to exfiltrate data through radio waves emanating from Ethernet cables, which could then be received by a nearby software-defined radio (SDR) receiver. The researchers note the code to exfiltrate the data could run in an “ordinary user-mode process and successfully operate from within a virtual machine.” The researcher say the attack could be discovered by monitoring the network interface card link layer activity for any covert channel, and prevented using signal jamming or metal shielding around computers. Like most of the exploits from Ben Gurion University, this is both an incredibly creative way to exfiltrate data, and more than a little impractical. 

(The Hacker News)