720-891-1663

Security News Update for the Week Ending February 17, 2023

BlackCat Leaks Irish University’s Hacked Data

I reported last week that Munster Technological University closed several of its campuses after a ransomware attack, which the university, apparently did not pay. The Irish High Court issued an injunction prohibiting the hackers from leaking the data and return any data that they had. They did “return” it sort of – they posted 6 terabytes of what they stole on the dark web. The injunction is not designed to stop the leaking or sale of the data, but rather, to muzzle the IRISH media from publishing the stolen data, which they are probably unlikely to do anyway. Credit: Data Breach Today

Adversarial Facial Recognition

A clothing designer and an AI engineer got together to come up with clothing that fools the AI in facial recognition. The clothing has super busy patterns of animals or whatever and more than half the time, the AI gets distracted. Whether this becomes a cat and mouse game – who knows. But it is an interesting concept. Credit: The Record

Sanctioned Crypto Mixer Blender Rises from the Dead

As the cat and mouse game continues, it appears that North Korean cryptocurrency mixer has arisen from the sanctions ashes under a new name, Sinbad, and has already laundered a hundred million bucks of crypto. Sure, Treasury can sanction them too, but there is nothing to stop them from the rinse and repeat cycle. Can Treasury keep up? Unlikely. Credit: Data Breach Today

Hyundai/Kia Rolls Out Software Updates As Insurers Refuse to Insure their Cars

Hyundai/Kia was one of the last carmakers to roll out “immobilizers” on their cars as a way for them to save money, umm, protect your car. Then there was a TikTok challenge (maybe this is a good reason to ban it) showing exactly how to steal one of these cars with just a USB cable and a screwdriver. Then a couple of auto insurance carriers decided to stop insuring them because the risk was too high. So, magically, they came up with a free software fix that they are going to roll out to 8 million 2015-2019 cars. The second link includes a list of cars affected. Unlike Tesla, it will take Hyundai/Kia until June to roll out the fix and you will have to take it to the dealer. For cars that don’t have an immobilizer, hence no software fix, Hyundai will pay for a steering wheel lock like “The Club”. Certainly convenient, huh? Credit: Cybernews and Bleeping Computer

Threema Disputes Claims of Encryption Flaw

A team of researchers from ETH Zurich has published a paper describing multiple security flaws in Threema, a secure end-to-end encrypted communications app. With over 10 million users, this could be a problem. While Threema disputed the importance of the flaws, they immediately released a new protocol that is not vulnerable to the published attacks. You decide whether they were important. This is why there is so much emphasis on the IMPLEMENTATION of crypto. Credit: Bleeping Computer and Portswigger

EU Parliament Urges European Commission NOT to Approve New US-EU Privacy Deal

Lawmakers in the European Parliament have urged the European Commission not to approve the privacy deal announced by President Biden and EU president Ursula von der Leyen. Even if it is approved, it will undoubtedly be headed, again, to the EU’s high court, but that will take years. Again. The complaint is that the US won’t agree to protections that EU citizens don’t have from their government. Yes. Strangely, this is the crux of the argument. Credit: The Register

Facebooktwitterredditlinkedinmailby feather

Leave a Reply

Your email address will not be published. Required fields are marked *