Security News Update for the Week Ending May 10, 2024
TikTok Sues US Government; Vows to Prevail
No surprise here and without taking a side pro or con; ByteDance and TikTok have filed suit in federal court arguing the law violates the US Constitution. TikTok’s CEO Shou Zi Chew says the company expects to win a legal challenge to block the new law. He says “Rest assured – we aren’t going anywhere”. “The facts and the Constitution are on our side and we expect to prevail again”, he says. One interesting point. If TikTok is such a national security threat, why do many members of the House, Senate and White House use it? Does that mean that they are undermining national security and aiding terrorists? Credit: Cybernews and here
Google Unveils Google Threat Intelligence
Google wants a bigger piece of the corporate pie, having lost most of that battle to Microsoft. That is why they bought Mandiant. At RSA they unveiled Google Threat Intelligence, which draws from Mandiant, VirusTotal and other intelligence that they have. Of course, it includes AI. It likely will be successful for Fortune 2000 companies that have the teams and infrastructure to take advantage of it. Credit: CSO Online
The AI Model War Continues
Microsoft is creating (training) a new AI language model to compete with OpenAI and Google. This is in spite of the fact that Microsoft has invested billions in OpenAI. The model, MAI-1, is being overseen by Mustafa Suleyman, the co-founder of Google DeepMind. The model will be “far larger” than previous models. Credit: Cybernews
AT&T Solution to Spam? Turn Off Customer Email
Starting last Monday, if any of the hundreds of millions of Microsoft 365 customers tried to send an email to an Att.com, sbcglobal.com or bellsouth.com email address, AT&T’s servers would refuse the connection or at least dramatically delay the delivery. Some people are saying that it is also affecting GMail. I have a simple question. How useful is an email solution that can’t receive emails from Microsoft or Google customers? I am sure that AT&T customers are thrilled because they are not getting as much spam. Also no work related emails. Credit: Bleeping Computer
Dell Loses Info on 49 Million Customers Due to Brute Force Attack
Security. Convenience. Pick any one. This is kind of my standard reply to these types of attacks. 49 million customers were victimized as a result. Basically, after some setup which was apparently not complicated, a hacker was able to query random system IDs into Dell’s system and download names, addresses (in many cases consumer’s home address) and system order information. The hacker tried random combinations of the 7 character ID at a rate of more than 5,000 attempts a minute. You would think that Dell might detect 5,000 queries a minute coming in from one IP address for weeks on end. Apparently not. This is not a sophisticated attack. Yet companies don’t seem to anticipate it. It is trivial to fix and after the attacker posted the data, they did. (If you want to know the easy fixes, contact us for help) Credit: Tech Crunch