Sunday, February 26, 2023 // (IG): BB // BSidesCharm// Coffee for Bob
Why Do A.I. Chatbots Tell Lies and Act Weird? Look in the Mirror
FROM THE MEDIA: Microsoft's recent addition of a chatbot to its Bing search engine has sparked a flurry of attention after it offered bogus information about various topics and exhibited unnervingly creepy behavior in lengthy conversations with early testers. Scientists attribute the chatbot's oddity to its use of a large language model (L.L.M.) to learn from vast amounts of digital text, including outdated and toxic material. As chatbots interact with people, they analyze text, reflect it back to users, and try to guess the next word in a sequence of words. Terry Sejnowski, a professor of neuroscience, psychology, and computer science, warns that as people interact with chatbots, they tend to reflect the words and intentions of users, meaning the longer the conversation, the more influence a user unwittingly has on what the chatbot says. Sejnowski likens the behavior of Microsoft's chatbot to the Mirror of Erised in the Harry Potter series, a mystical artifact that shows the deep-seated desires of anyone who stares into it. Researchers are unsure of the final results produced by chatbots and are still learning how to place limits on their behavior, which can lead us away from the truth and into some dark places.
READ THE STORY: The New York Times
Think of Everything You Hate About the Internet. Now Add A.I.
FROM THE MEDIA: This piece highlights the importance of broadening the conversation around AI beyond its capabilities to also consider who will utilize it and for what purposes. While the issue of alignment - ensuring that machine learning algorithms perform as intended - is important, it is equally critical to question who the machines will ultimately serve. The article suggests that our concerns about AI are largely rooted in how capitalist systems and governments may use the technology to exploit us, rather than in the technology itself. The author warns of the potential hazards associated with the business models that will drive AI development, particularly when integrated into search engines and advertising. Ultimately, the article stresses the need for society to determine its comfort level with the roles AI will assume before it's too late to make such decisions.
READ THE STORY: The New York Times
The Implications Of ChatGPT On Cybercrime
FROM THE MEDIA: The use of AI-based chatbots, like ChatGPT, presents both opportunities and risks for cybersecurity efforts. Threat actors can use ChatGPT to create convincing phishing and social engineering messages, polymorphic malware, and ransomware-type programs. Hackers can also analyze code and find vulnerabilities using ChatGPT, while AI-powered disinformation campaigns can spread false narratives on a large scale. To protect against AI-enabled cybercrime, businesses can implement security awareness training, phishing simulations, phishing-resistant MFA and zero-trust, regular patching of devices and software, and AI-based cybersecurity tools. A culture of security and the deployment of AI-based technological defenses are essential for organizations to combat the new wave of AI-enabled cybercrime.
READ THE STORY: Forbes
Revolutionary 3D Printing Technology to Repair Guns and Tanks on the Battlefield
FROM THE MEDIA: The Mail on Sunday reported that the UK defense firm Babcock has created technology that allows soldiers to use 3D printers to create parts for guns and tanks on the battlefield. Last month, Babcock made metal parts for the Army’s armored vehicles, using its 3D printing technology which uses ‘additive layer manufacturing’, building small amounts of steel in layers. The company is now aiming to build portable frontline units to assist troops on the ground. Tom Newman, the chief executive of the firm’s land division, says that the technology could “fix supply-chain issues on the ground” adding, “there’s no reason you couldn’t use this technology to support many different kinds of armored vehicles…It could make armies more self-sufficient.”
READ THE STORY: Daily Mail
It's not just you: Cybercriminals are also using ChatGPT to make their jobs easier
FROM THE MEDIA: Researchers have warned that criminals are using AI-based chatbots, such as ChatGPT, to aid in cybercrimes, including phishing, malware, and hacking. Cybersecurity experts have cautioned that chatbots could make it easier for hackers to create targeted phishing messages and increase the volume of successful attacks. The increasing use of AI-powered chatbots for illegal activities is raising liability concerns for companies that offer the technology. Chatbots could be held accountable for criminal activity if they counsel someone into committing a cybercrime. Although Section 230 of the Communications Decency Act protects tech companies from liability for third-party content on their platforms, the law may not shield OpenAI from civil suits or prosecution. However, it is unclear who would be responsible for regulating AI, and the development of international coalitions and norms could take decades to implement.
READ THE STORY: Insider
Alphabet killed another project: Bye our future helpers
FROM THE MEDIA: Alphabet, Google's parent company, has decided to shut down its Everyday Robots project and disbanded the group working on the project. Launched in 2019, the project focused on creating robotic helpers for everyday tasks. Despite progress, the company has decided to shut down the project's operations and lay off the employees working on it. Some employees and technology will be integrated into Google's existing robotics efforts, while the exact number of layoffs has not been disclosed. The move comes after Alphabet's major layoff of approximately 12,000 workers in January, with other subsidiaries like Intrinsic also experiencing cuts. IBM has also reportedly cut 3,900 jobs.
READ THE STORY: Ghacks
US, Asian Partners Discussed Supply Chains in ‘Chip 4’ Talks
FROM THE MEDIA: Officials from the United States, South Korea, Japan, and Taiwan held a meeting earlier this month to discuss the global chip supply chain. The meeting, held on Feb. 16, was held among the so-called Chip 4 grouping and focused on creating an early warning system to ensure a steady supply of chips. The parties discussed exchanging information on different parts of the supply chain with Taiwan and South Korea to focus on manufacturing, Japan on materials, and the US on its role as a major market. The meeting took place as the Biden administration seeks help from global partners to impose curbs on the sale of advanced chip equipment to China, which has criticized the move as a "selfish hegemonic interest."
READ THE STORY: Bloomberg
AMD: AI Chip Boom
FROM THE MEDIA: NVIDIA's and AMD's AI chip businesses are expected to boom, with NVIDIA's earnings call indicating an inflection point in AI chip demand this quarter, and AMD planning to accelerate development and release new AI products throughout 2023. Despite the growth potential, AMD's stock trades at a low multiple of normalized EPS targets, around 13x. The companies are expected to compete in the AI GPU market, which could reach $300 billion by 2027, with AMD aiming to surpass NVIDIA. The current consensus on AMD's EPS targets doesn't factor in the potential boom in AI chip demand, leaving room for potential upside.
READ THE STORY: Seeking Alpha
Google Reaches a Major 'Milestone' in Making Quantum Computing Usable
FROM THE MEDIA: Google scientists have published a study in the journal Nature, claiming a major milestone in their efforts to develop effective quantum computing. They have reportedly created a system that can decrease the high error rate associated with the technology, reducing the likelihood of information loss. The scientists claimed that if all components of a quantum computer had sufficiently low error rates, the "magic" of error correction would kick in. While many thorny problems remain for the technology, including high error rates, quantum computing is touted as a revolutionary advance that uses subatomic understanding to create a machine with powers beyond those of current computers.
READ THE STORY: Science Alert
U.S. needs to rally behind $52B computer chip program, Secretary of Commerce says
FROM THE MEDIA: Commerce Secretary Gina Raimondo has called on the US to unite around a $52bn initiative aimed at making the country the world leader in advanced computer chips. The funding is intended to create two semiconductor clusters in the US featuring factories, research labs, and other infrastructure. To make this a reality, there will be a need for job training and scientific breakthroughs to lower the cost of producing advanced chips. The project requires a level of cooperation among state and local government officials, university and school districts, and CEOs, which may be challenging in a divided political era. However, both Democrats and Republicans back the initiative.
READ THE STORY: Tulsa World
Ex-ASML Employee Accused of Data Theft Is Being Probed for Ties to China
FROM THE MEDIA: Dutch company ASML, a leading producer of lithography systems necessary for making mid- to high-range semiconductors, is investigating potential ties between the Chinese government and a former employee accused of stealing data for a state-sponsored entity, according to two people familiar with the situation. ASML has not yet established a direct link, and the Dutch government declined to comment on whether it is investigating a link between the former employee and the Chinese government. ASML's home country has joined the US effort to tighten restrictions on exports of chip technology to China, with ASML controlling over 90% of the $17.1 billion global market for lithography equipment as of 2021, according to research firm Gartner Inc.
READ THE STORY: Bloomberg
Crypto Miners Await Verdict on Exclusion from IRS Broker Reporting Rule
FROM THE MEDIA: The White House is expected to provide more information on a 2021 law that requires digital asset brokers to collect and disclose information on customers including names, addresses, and gross proceeds from sales. It is unknown if crypto miners and staking-service providers, such as Lido and Foundry, will be included in the new proposal. Miners and stakers are hoping they will be spared from the reporting requirements as access to such information is difficult or impossible to obtain. The new rules could have major consequences for the multi-billion-dollar Bitcoin-mining industry and more than $42 billion in staked assets. After the proposed regulations are released, the public will get an opportunity to submit comments before the government releases the final version.
READ THE STORY: Bloomberg
Iran is capable of monitoring satellites with ground radars
FROM THE MEDIA: Major General Hossein Salami, the commander of Iran's Islamic Revolutionary Guard Corps (IRGC), has claimed that the country's military forces can strike ships sailing thousands of kilometers away and can pinpoint the exact point of strike while ensuring that the crew of the target ship is unaffected. Speaking at a congress in Tehran, he also praised the country's hypersonic and supersonic missiles that can strike moving targets at sea, in addition to conventional cruise missiles. The IRGC chief emphasized the growth of Iran’s sphere of influence, stating that the Islamic Republic is now omnipresent along the Red Sea and Mediterranean shores and has “decomposed the enemy”.
READ THE STORY: Tehran Times
Operation across Africa identifies cyber-criminals and at-risk online infrastructure
FROM THE MEDIA: INTERPOL and AFRIPOL collaborated in a joint action against cybercrime across Africa. The Africa Cyber Surge Operation ran from July to November 2022, resulting in the arrest of 11 individuals, the takedown of a darknet market, the recovery of over $150,000 of victims’ money, and action against over 200,000 pieces of malicious cyberinfrastructure. The operation also enabled participating countries to improve their own national cyber security. Private sector partners such as Kaspersky, Fortinet, and Trend Micro provided intelligence to the investigations. A two-week training event preceded the operation, equipping law enforcement agencies with the necessary knowledge and skills for the operation and future proactive action.
READ THE STORY: Intelligent CIO
Cyber Rights Organization Call on International Actors to Deal With Transnational Crimes Against Ukrainian Children
FROM THE MEDIA: The global search traffic for "Ukrainian porn" has increased 600% since the start of the humanitarian crisis in Ukraine, according to an analysis by EUAA, IOM, and OECD. In response, the CRO Cyber Rights Organization and the ReputationUP Group are calling for action to protect children affected by the conflict, who are at risk of sexual exploitation, trafficking, and abuse. There are particular concerns over online sexual exploitation and abuse, with 82% of traffickers recruiting through digital platforms and fake advertisements. Criminal networks are using websites and social media to groom Ukrainian refugees for sexual and labor exploitation. CRO is working to combat child sexual abuse material, GDPR minor violations, social media challenges, asylum seekers and refugees, children's online auctions, cyberbullying, and fake online job offers. The organization has set up a 24-hour helpline for minors who suffer or have suffered any kind of violence or violation of their rights. The ReputationUP Group has also committed to the protection and safeguarding of minors and vulnerable groups.
READ THE STORY: Benzinga
Russia Suspended From Financial Action Task Force
FROM THE MEDIA: The Financial Action Task Force (FATF), an international body that sets standards on illicit finance, has suspended the Russian Federation from its membership for the first time in its 34-year history due to Russia's war against Ukraine. The FATF expressed concerns over Russia's arms trade with United Nations-sanctioned countries and malicious cyber activities. The FATF advises jurisdictions to remain vigilant of threats to their financial system arising from Russia's war. At its plenary this week, the FATF also approved an updated standard on legal arrangements, and new guidance on beneficial ownership transparency of companies, and adopted its first-ever report on ransomware.
READ THE STORY: MENAFN
Russia Engages With Ukraine on Cyber Battlefield
FROM THE MEDIA: The use of cyber warfare as a tool to weaken countries before a physical war is becoming increasingly common, according to cybersecurity experts. Ukraine has been the target of Russian cyberattacks for the past nine years, and the cyber activity has increased since the invasion of Ukraine by Russian troops in 2022. These attacks are aimed at critical infrastructure, including power grids, utilities, and hospitals, and are often part of a larger effort to threaten operations, destabilize a government or disrupt critical infrastructure such as transportation networks and financial institutions. The ease with which cyber attacks can be coordinated indicates that Russia has ongoing access to Ukraine's critical infrastructure networks. Experts recommend that organizations and companies develop new strategies to prevent cyberattacks and constantly test their systems for vulnerabilities. NATO members should also update compliance mandates and standards and implement proactive defense measures.
READ THE STORY: The Street
Chinese spying exposes American tech vulnerabilities
FROM THE MEDIA: The author of this opinion piece argues that the recent incursion of Chinese spy balloons into Montana should serve as a wake-up call for Americans about the increasingly adversarial stance the Chinese government is taking towards the United States. The author highlights China's goal of supplanting the US as the global superpower and its investments in advancing its own technology sector to overtake America economically and technologically. The author warns against anti-innovation policies that could weaken America's technological edge and hinder its ability to stay ahead economically and militarily. Instead, the author suggests bolstering America's advantages, cracking down on Chinese-sponsored intellectual property theft and cyber-attacks against American companies, ramping up military support of Taiwan, and clearing regulatory hurdles that hold back American tech companies. The author concludes that it's time for the country to take the CCP threat seriously and for Congress to implement policies that strengthen America's technology sector.
READ THE STORY: Daily Inter Lake
Dish Network hit by the multi-day internal outage, in possible cyber attack
FROM THE MEDIA: Dish Network, a major American satellite TV provider, is experiencing a multi-day outage affecting its websites, apps, and internal systems. The company has not provided details about the cause of the outage, only stating that it is due to "an internal system issue." However, there are signs that the outage may be the result of a ransomware attack, with reports of employee computers displaying blank icons and a source claiming that the network "has been hit" by a cyber attack. Remote workers are unable to access their work systems, and some customers report being unable to pay for their services. Dish's Twitter support account acknowledged the issue and stated that "an internal systems issue is impacting some of our customer service operations." The investigation is ongoing.
READ THE STORY: DCD
How North Korea Funds Its Missiles With Cryptocurrency Theft
FROM THE MEDIA: North Korea has found innovative ways to fund its missile program, including counterfeiting currency, defrauding insurers, and manufacturing and selling weapons and drugs. The country has also turned to steal cryptocurrency, with its hackers stealing a record $1.7 billion in 2022 alone. To launder their loot, North Korean hackers use various methods such as dividing the money, moving it between different crypto wallets, converting it to different currencies and passing it through mixers. However, most of the stolen crypto is converted into fiat currency and used to purchase items through established supply channels operated by shell companies and North Korean embassies abroad. The United States has blacklisted crypto wallets associated with North Korean hackers, but more needs to be done, such as better regulation of the sector and cyber hygiene, to prevent these attacks. The cryptocurrency industry is also improving its vigilance, freezing accounts associated with North Korean attacks. However, hackers are adapting and improving too, leading to an ongoing "arms race" in theft and anti-theft capabilities.
READ THE STORY: Globe Media
A ghost in the machine
FROM THE MEDIA: ChatGPT, developed by OpenAI, is an AI chatbot that uses the GPT-3 family of large language models to accomplish various tasks. It has gained popularity since its release in November 2022, with one million users within five days and 100 million active users in January. ChatGPT can be used to write essays, generate AI art prompts, engage in philosophical discussions, and write code. It has some limitations, including generating incorrect responses and a lack of connectivity to current news and events. There are concerns that it may disseminate misleading information, facilitate cheating, and eclipse human intelligence. Microsoft has invested in OpenAI and expanded its collaboration with the company to enhance its Bing search engine and improve its browser.
READ THE STORY: The News (PK)
“Cyber blue helmets”: the UN wants to help states fight cyber-attacks
FROM THE MEDIA: The Inter-Parliamentary Union (IPU) is discussing proposals this week in Buenos Aires on how to combat cyberattacks and cyber crimes. The IPU is a union of 178 legislative chambers around the world. Among the proposals is the creation of a national center for information security in each country, which would also share information with other countries, and for the United Nations to act as a "cyber blue helmet" to provide coverage to states with limited capabilities. The IPU also recommends public-private collaboration, new laws, and international cooperation to fight cybercrime and attacks. The proposals will be discussed at the IPU's 146th meeting in March in Bahrain, and are intended to be a "basic document" that will continue to circulate from parliament to parliament, serving the United Nations World Summit on Cybercrime in 2024. Cyberattacks have been on the rise since 2020, and the outlook is challenging for organizations and businesses around the world.
READ THE STORY: News Rebeat
Russian Ransomware Projects Rebranded to Avoid Western Sanctions
FROM THE MEDIA: TRM Labs, a blockchain intelligence company, has revealed that some major Russian-linked ransomware syndicates rebranded their activities in 2022 to avoid sanctions from Western countries. According to a new report, the rebranding and other significant activities showed notable changes in the cybercrime space and darknet markets (DNMs) after Russia invaded Ukraine. To strengthen their anonymity through alterations in on-chain behavior, two major ransomware syndicates, LockBit and Conti, restructured their activities. Western law enforcement agencies imposed tighter sanctions on Russian ransomware platforms following Russia’s invasion of Ukraine. Similarly, sanctions imposed by the U.S. Office of Foreign Assets Control on the popular darknet platform Hydra took a toll on ransomware projects as they struggled to gain market dominance while avoiding law enforcement agencies.
READ THE STORY: CryptoPotato
Supply Chains Have Healed Yet Their Mark on Inflation to Endure
FROM THE MEDIA: Despite supply chains across the world showing signs of improvement, inflationary pressures are likely to persist. While shipping container spot rates from Asia to the US West Coast have returned to pre-pandemic levels, short-term prices for containers from Europe to the US East Coast remain more than double those of late 2019. An estimated 70% of goods transported in containers are moved under long-term contracts and renegotiated deals for 2021 and 2022 were agreed upon at higher rates. Furthermore, US producer prices rebounded in January, highlighting persistent inflationary pressures, and underlying inflation hit a record in the eurozone in January.
READ THE STORY: Bloomberg
Items of interest
Replacement Soyuz arrives at the space station
FROM THE MEDIA: An uncrewed Soyuz spacecraft, Soyuz MS-23, arrived at the International Space Station on February 25th to replace the damaged Soyuz MS-22 spacecraft. The Soyuz MS-22 spacecraft was found to have a coolant leak after it docked to the station in mid-December, making it infeasible to return the crew to Earth as originally planned. Roscosmos and NASA announced in January that Soyuz MS-23 would launch without a crew in February and replace Soyuz MS-22, which will return to Earth without a crew in March. This will keep the original Soyuz MS-22 crew on the station for several additional months, with their expected return in September on Soyuz MS-23. Roscosmos blamed the Soyuz MS-22 leak on a micrometeoroid impact, but another coolant leak on the Progress MS-21 cargo spacecraft docked to the station prompted new questions about that explanation. The investigation into the leaks is ongoing, with Roscosmos sharing information with NASA.
READ THE STORY: SN
USA vs China, The War You Can't See (Video)
FROM THE MEDIA: The video discusses the ongoing conflict between the US and China over the supply and production of microchips, which are critical components of modern technology. The article highlights the importance of microchips in everyday life and the potential implications of the conflict for the tech industry and the global economy. Additionally, the article mentions a sponsor, Scaler, which provides education to help people improve their professional skills.
Chip-Off Firmware Extraction and Reverse Engineering of Arris SB6121 Cable Modem (Video)
FROM THE MEDIA: Matt Brown takes a look at another Hardware hacking project I've been working on today. We're going to be extracting its firmware contents using chip-off firmware extraction and a universal programmer. We'll look at The Flash chip right here which we will look at now under the microscope which I will flip over the desk for us.
These open-source products are reviewed by analysts at InfoDom Securities, providing possible context about current media trends related to the realm of cyber security. The stories selected to cover a broad array of cyber threats and are intended to aid readers in framing key publicly discussed threats and overall situational awareness. InfoDom Securities does not endorse any third-party claims made in their original material or related links on their sites; the opinions expressed by third parties are theirs alone. For further questions, please contact InfoDom Securities at dominanceinformation@gmail.com.