The CyberWire Daily Podcast 8.19.24
Ep 2132 | 8.19.24

Mic, camera, and more at risk.

Transcript

Cisco Talos discovers vulnerabilities in Microsoft applications for macOS. OpenAI disrupts an Iranian influence campaign. Jewish Home Lifecare discloses a data breach affecting over 100,000. Google tests an auto-redaction feature in Chrome for Android. Unicoin informs the SEC that it was locked out of G-Suite for four days. House lawmakers raise concerns over China-made WiFi routers. Moody’s likens the switch to post-quantum cryptography to the Y2K bug. Diversity focused tech nonprofits grapple with flagging support. Tim Starks of CyberScoop is back to discuss his investigation of a Russian hacking group targeting human rights groups. Smart phones get some street smarts.

Today is Monday August 19th 2024. I’m Dave Bittner. And this is your CyberWire Intel Briefing.

Cisco Talos discovers vulnerabilities in Microsoft applications for macOS. 

Researchers from Cisco Talos discovered eight vulnerabilities in various Microsoft applications for macOS, including Teams, Outlook, Word, PowerPoint, OneNote, and Excel. These flaws could allow attackers to access users’ microphones, cameras, screen recordings, and more if the apps have been previously granted permission. The vulnerabilities stem from Microsoft’s use of a specific entitlement that disables some protections in macOS’s Hardened Runtime, which defends against risky library injections. This entitlement, intended for loading third-party plug-ins, is reportedly unnecessary since the only plug-ins used by these apps are web-based Office add-ins. While Microsoft considers these issues “low risk,” they have updated Teams and OneNote to remove the entitlement, but Excel, Outlook, PowerPoint, and Word remain vulnerable. These vulnerabilities could enable attackers to exploit the apps’ permissions without alerting users.

OpenAI disrupts an Iranian influence campaign. 

OpenAI recently uncovered and disrupted an Iranian influence campaign that used its generative AI technologies, like ChatGPT, to spread misinformation online. The campaign, dubbed “Storm-2035,” aimed to influence various topics, including the U.S. presidential election, by generating and posting content on social media and websites. Despite the sophisticated use of AI, OpenAI reported that the campaign did not gain significant traction or engagement from real users. The company has since banned several accounts linked to the effort. This incident highlights growing concerns about the potential misuse of generative AI in spreading disinformation, particularly during election periods. OpenAI had previously identified and disrupted other similar campaigns from state actors and private entities in countries like Russia, China, and Israel, all attempting to sway public opinion using AI-generated content.

Jewish Home Lifecare discloses a data breach affecting over 100,000. 

Jewish Home Lifecare, a New York City-based nonprofit healthcare organization now known as The New Jewish Home, disclosed that a data breach affecting over 104,000 individuals occurred earlier this year. The breach, discovered on January 7, involved unauthorized access to sensitive information, including names, addresses, Social Security numbers, financial details, and medical records. Despite no evidence of misuse, the organization is offering complimentary credit monitoring to those affected. The ransomware group Alphv, also known as BlackCat, claimed responsibility for the attack in February 2024, alleging they had accessed various sensitive documents. However, it’s unclear if these files were ever publicly released, as BlackCat’s operations ceased in early March, following a law enforcement crackdown.

Google tests an auto-redaction feature in Chrome for Android. 

Google is testing a new feature in Chrome for Android that will automatically redact sensitive information, like credit card details and passwords, when you’re sharing or recording your screen. This feature, currently in an experimental phase, is designed to address the issue of unintentionally exposing sensitive data during screen sharing or recording. While Chrome already blocks screen capture in incognito mode, this new feature extends protection to regular tabs by redacting the entire content area if sensitive form fields are detected. The feature is not yet functional, but it will be available for testing in Chrome Canary in the coming weeks. 

Unicoin informs the SEC that it was locked out of G-Suite for four days. 

Unicoin, a prominent cryptocurrency company, reported to the SEC that a hacker breached its systems on August 9, gaining control of the company’s Google G-Suite accounts and locking out all employees. The hack left employees without access for nearly four days until the company regained control on August 13. Unicoin is still investigating the incident to assess the full impact, including discrepancies found in employee and contractor data. Although no money or digital assets appear to have been stolen, traces of hacked messages were discovered in certain managers’ email accounts. The company also terminated a contractor who had forged their identity, though it’s unclear if this is linked to North Korean hacking schemes. This attack highlights ongoing concerns about North Korean cyber activities, which have resulted in significant thefts from cryptocurrency companies worldwide.

House lawmakers raise concerns over China-made WiFi routers. 

Top lawmakers on the House Select Committee on U.S.-China issues are urging the Commerce Department to investigate TP-Link Technologies, a Chinese company that produces widely used Wi-Fi routers in the U.S. Reps. John Moolenaar and Raja Krishnamoorthi raised concerns in a letter to Commerce Secretary Gina Raimondo, highlighting potential national security risks. They noted that TP-Link’s routers are commonly used in U.S. homes and military bases, and the company’s compliance with Chinese laws could expose these devices to exploitation by the Chinese government for cyberattacks. The lawmakers referenced industry reports indicating TP-Link routers have been targeted by Chinese hacking groups in malicious campaigns. They requested a response by the end of the month, assessing the security risks and how existing authorities could address them.

Moody’s likens the switch to post-quantum cryptography to the Y2K bug. 

New research from Moody’s warns that advances in quantum computing will eventually threaten current encryption methods, necessitating a costly and lengthy transition to post-quantum cryptography (PQC). The transition, focusing on asymmetric encryption, could take 10 to 15 years due to operational challenges, including updating hard-to-reach devices like satellites and legacy systems. The shift is compared to the Y2K bug in terms of scale and complexity, though the cost is hard to estimate. Quantum computing could break existing encryption methods using algorithms like Shor’s, posing a significant risk to data security. Despite challenges in error correction, scalability, and talent shortages, Moody’s urges swift adoption of quantum-resistant algorithms to protect against future threats, emphasizing the importance of international cooperation in quantum science and technology.

Diversity focused tech nonprofits grapple with flagging support. 

A story in the Washington Post tells the tale of Girls In Tech, a nonprofit organization dedicated to increasing the representation of women in the tech industry. It was once a Silicon Valley success story. Founded in 2007 by Adriana Gascoigne, the organization quickly became a darling of the tech world, attracting major corporate partnerships and growing its membership to 130,000. However, by late 2023, the organization faced an unexpected and rapid decline, leading to its dissolution in July.

The turning point came when five key corporate donors abruptly pulled their funding within a single week, citing economic uncertainties and market turbulence. This financial blow left Girls In Tech struggling to stay afloat. Gascoigne, in a desperate bid to save the organization, considered merging with Women Who Code, another nonprofit with a similar mission that had strong backing from tech giants like Microsoft, Google, and Boeing. However, just days after discussing the possibility with her board, Women Who Code also shut down, leaving Gascoigne with no viable options.

The collapse of Girls In Tech is symptomatic of a broader retreat from diversity, equity, and inclusion (DEI) initiatives across the tech industry. These initiatives, once heavily promoted by companies as part of their commitment to diversifying a workforce dominated by White and Asian men, have come under increasing political and financial pressure.

Despite the initial optimism surrounding these initiatives, the demographics of the tech industry have remained largely stagnant. According to the U.S. Department of Labor, women made up just 26 percent of the workforce in science, technology, engineering, and math (STEM) fields in 2022, a mere one percentage point increase since 2000. At Google, the percentage of Black employees in the U.S. rose by only 2.4 percentage points between 2019 and 2024, leaving them still underrepresented at less than 6 percent of the company’s workforce.

Critics argue that DEI programs have often failed to address the deeper, systemic issues within tech companies. Some diversity consultants have noted that as tech companies lay off DEI teams, they are also offering fewer contracts to external consultants who were crucial in supporting these efforts. The overall climate has made it difficult for nonprofits like Girls In Tech to sustain their operations, as corporate leaders quietly withdraw their support.

The retreat from DEI initiatives in the tech industry reflects a broader shift in how companies view these programs. What was once seen as a critical effort to diversify the tech workforce is now increasingly viewed through a political lens, leading to reduced funding and support. The collapse of Girls In Tech and similar organizations underscores the fragile nature of diversity efforts in an industry still grappling with deep-seated disparities.

 

We’ll be right back. Up next, we welcome back CyberScoop’s Tim Starks to discuss his story about "Russian hacking campaign targets rights groups, media, former US ambassador."

Welcome back

Smart phones get some street smarts. 

And finally, imagine if your smartphone could outsmart a thief in the act—well, Google’s new AI-powered theft detection lock feature is about to make that a reality. Rolling out to Android 10 and later devices, this nifty tool uses AI to sense when your phone’s been snatched, like Sherlock Holmes but faster, instantly locking it down to keep your data safe. It’s like your phone knows when it’s being kidnapped and slams the door in the crook’s face.

Initially teased back in May, this feature is part of Google’s anti-theft suite, designed to protect your device before, during, and after a theft. It’s currently being beta-tested in Brazil, with a global rollout to follow. And for those who are extra cautious, Android 15 will make it harder for thieves to factory reset your device or access your sensitive apps. So, your smartphone won’t just be smart—it’ll be street-smart!

And that’s the CyberWire.

For links to all of today’s stories, check out our Daily Briefing at the cyberwire dot com.

 

 

We’d love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like the show, please share a rating and review in your podcast app. Please also fill out the survey in the show notes or send an email to cyberwire@n2k.com

We’re privileged that N2K CyberWire is part of the daily routine of the most influential leaders and operators in the public and private sector, from the Fortune 500 to many of the world’s preeminent intelligence and law enforcement agencies.

N2K makes it easy for companies to optimize your biggest investment, your people. We make you smarter about your teams, while making your teams smarter. Learn how at n2k.com.

 

This episode was produced by Liz Stokes. Our mixer is Tré Hester, with original music and sound design by Elliott Peltzman. Our executive producer is Jennifer Eiben. Our executive editor is Brandon Karpf. Simone Petrella is our president. Peter Kilpe is our publisher, and I’m Dave Bittner. Thanks for listening.