1:M Cyber Security News 7/2/19

Hope you guys are keeping the bad guys at bay…

If you haven’t already, please make sure your Firefox browser and VLC Player are updated to the latest versions, as there are some serious vulnerabilities the have been discovered in the past few weeks.

It goes without saying to make sure your operating system on your phone and desktop, as well as all 3rd party apps are ALWAYS updated to the latest versions (we touch on this subject a lot in the Mac, mobile phone, and Wrap Up sections of the training)

Ok let’s do this:

                                          =================

Someone Created an App That ’Undressed’ any Photo You Gave It

An incredible article to read. As I’ve mentioned before, DeepFakes, which use AI or Artificial Intelligence to generate realistic looking videos and pictures have just surfaced, and are about to wreck havoc on our societies in ways still yet unimaginable.

Now, someone created an AI app that had previously analyzed 10000 naked women, and as a result, could allow one to feed it a normal clothed picture of a female colleague, neighbor, or whoever, and it would ‘artificially touch up’ the photo to make the person appear naked.

Unsurprisingly, their website was flooded with a ton of creeps trying to secure a copy of the app, and the author was forced to shut their operation down as a result. But this has now set a dangerous precedent, and a sign of ominous times to come…


———–

Iran and the U.S. Targeting each other With Destructive Wipers, Warns DHS

As you all know, there has been a big increase in tensions between the U.S. and Iran in recent days. What is remarkable, is that we are now witnessing an historic era, where countries are starting to punish each other using stealthy cyber attacks, instead of traditional kinetic/physical attacks of war.

There is a tit-for-tat being played out in the cyber arena, which can also be denied by the attacker, because it is usually hard to be able to successfully attribute an attack to a definite country.

———–

Google Creates a Simulated Educational Game to Teach Youngsters How to Spot False News

Very cool! Google has created an online game called Interland: Reality River, in which kids have to answer certain questions to cross and avoid the phishers.

The activities, according to Google are:

  • Donʼt bite that phishing hook! Kids study emails and text messages to try and spot phishers.

  • Who are you, really? They practice responding to suspicious messages to verify the sender’s identity.

  • About those bots. Children participate in a Q&A around spotting and interacting with chatbots.

  • Is that really true? They learn how to use criteria like motive and expertise to establish credibility when evaluating sources.

  • Spotting disinformation online. Students learn techniques including spotting fake URLS and evaluating headlines, and also learn how to apply the lessons they learned in ‘Is that really true?’

And here is the website itself:

———–

Researchers Have Discovered 3 Main Ways Video is Being Altered for Deepfakes

Here is a wonderful illustrated article explaining, with real world examples, how both the Left and Right of the political spectrum have altered videos to serve their political purposes.

Its important to note that these incidents are growing exponentially as times goes on, and will very likely become a huge factor during the 2020 U.S. presidential elections, (as well as many other significant political events around the globe). Because the methods used to successfully spot these fakes takes at least 20 minutes using current technology, critical thinking is going to be seriously needed to prevent these videos from constantly going viral online

———–

Hackers Are Slipping Phishing Links Inside Unsolicited Calendar Invites in Google Calendar

This attack is slick, and I urge you guys to tweak your Google Calendar settings to block such an attack. According to the article, “the attack comes simply from scammers sending a wave of calendar event invites to Google Calendar users.

The goal is to take advantage of a default setting that the targets’ calendars will automatically add any event and send a notification about it. So scammers preload the text of the event entry with a phishing link and a short line to entice targets to click.” The article goes on to explain how to change the calendar settings, which takes 30 seconds.

———–

Samsung’s Security Reminder Makes the Case for Not Owning a Samsung Smart TV

We often forget that owning a smart home device, such as a TV, can introduce its own set of vulnerabilities into your home network. Mikko Hypponen, a noted security researcher, famously said that a ‘“smart devices equals a vulnerable device”, because the more complex it is, the more chance it will vulnerable code inside it.

This article talks about how Samsung tweeted to its audience to not forget to run a virus scan on its TVs every week or so.Which, as the headline states, is a good reason to question if you ever needed a smart TV in the first place!

———–


Please be safe out there everyone.

#ClickGameOver

Leave a Reply