Deepfakes: When seeing is no longer believing


Deepfakes: When seeing is no longer believing | Security Magazine




Source…

UPDATE 2-Optus under further fire for cyber breach, purported hacker claims data deleted


(Recasts and writes through)

By Renju Jose and Byron Kaye

SYDNEY, Sept 27 (Reuters) – Australian telecoms giant Optus came under more fire from the government on Tuesday for a massive cyber breach, while an anonymous online account believed to be that of the hackers said it was deleting stolen data and withdrawing a $1 million ransom demand.

Singapore Telecoms-owned Optus, the country’s No. 2 mobile operator, said last week that data of up to 10 million customers including home addresses, drivers’ licenses and passport numbers had been compromised in one of Australia’s biggest data breaches.

An account called ‘optusdata’ in an online forum, believed by cybersecurity experts to be that of the hackers, had threatened to publish the data of 10,000 Optus customers per day unless they received $1 million in cryptocurrency.

On Tuesday, however, the account holders posted they had deleted the data due to “too many eyes”, were withdrawing their ransom demand and were sorry for having already leaked data of 10,200 Australians.

Optus and the Australian Federal Police, which have been working with the Federal Bureau of Investigation and other offshore law enforcement agencies to probe the cyberattack, declined to comment on whether they believed the ‘optusdata’ account holders were behind the breach.

The Australian federal government has blamed Optus for the breach, flagged an overhaul of privacy rules and higher fines, and suggested the company had “effectively left the window open” for hackers to steal data.

Minister For Cyber Security Clare O’Neil said she was “incredibly concerned … about reports that personal information from the Optus data breach, including Medicare numbers, are now being offered for free and for ransom”, referring to the government’s health insurance scheme.

Optus Chief Executive Kelly Bayer Rosmarin said the incident had generated “a lot of misinformation” and the company took data protection seriously.

“Given we’re not allowed to say much because the police have asked us not to, what I can say … is that our data was encrypted and we had multiple players of protection,” Bayer Rosmarin told ABC Radio.

She added that most customers understand that “we are not…

Source…

Saudi urges WhatsApp users to update app to avoid malware threat


Riyadh: The authorities in the Kingdom of Saudi Arabia (KSA) on Sunday urged users of the WhatsApp application to update their app to avoid serious malware threats.

The national indicative centre for cyber ​​security, in Saudi Arabia, warned of security flaws in the WhatsApp application.

The centre, which is affiliated with the Kingdom’s national cybersecurity authority, said in its warning, “WhatsApp has issued several updates to address the vulnerabilities.”

MS Education Academy

It explained that the vulnerabilities exist in WhatsApp applications for the Android system prior to version 2.22.16.12, and before version 2.22.16.2.

There are also gaps in the WhatsApp Business application for Android before version 2.22.16.12, and WhatsApp iOS before version 2.22.16.12 and 2.22.15.9.

The centre stated that the threats consist in enabling the attacker to exploit the vulnerabilities by executing malicious software remotely.

According to data from Kaspersky, a cybersecurity company, published in February, the year 2021 saw a significant increase in attacks targeting mobile phones in Saudi Arabia by 19 per cent.

Subscribe us on The Siasat Daily - Google News

Source…

Does AI-powered malware exist in the wild? Not yet


AI is making its mark on the cybersecurity world.

For defenders, AI can help security teams detect and mitigate threats more quickly. For attackers, weaponized AI can assist with a number of attacks, such as deepfakes, data poisoning and reverse-engineering.

But, lately, it’s AI-powered­ malware that has come into the spotlight — and had its existence questioned.

AI-enabled attacks vs. AI-powered malware

AI-enabled attacks occur when a threat actor uses AI to assist in an attack. Deepfake technology, a type of AI used to create false but convincing images, audio and videos, may be used, for example, during social engineering attacks. In these situations, AI is a tool to conduct an attack, not create it.

AI-powered malware, on the other hand, is trained via machine learning to be slyer, faster and more effective than traditional malware. Unlike malware that targets a large number of people with the intention of successfully attacking a small percentage of them, AI-powered malware is trained to think for itself, update its actions based on the scenario, and specifically target its victims and their systems.

IBM researchers presented the proof-of-concept AI-powered malware DeepLocker at the 2018 Black Hat Conference to demonstrate this new breed of threat. WannaCry ransomware was hidden in a video conferencing application and remained dormant until a specific face was identified using AI facial recognition software.

Does AI-powered malware exist in the wild?

The quick answer is no. AI-powered malware has yet to be seen in the wild — but don’t rule out the possibility.

“Nobody has been hit with or successfully uncovered a truly AI-powered piece of offense,” said Justin Fier, vice president of tactical risk and response at Darktrace. “It doesn’t mean it’s not out there; we just haven’t seen it yet.”

Pieter Arntz, malware analyst at Malwarebytes, agreed AI-malware has yet to be seen. “To my knowledge, so far, AI is only used at scale in malware circles to improve the effectiveness of existing malware campaigns,” he said in an email to SearchSecurity. He predicted that cybercriminals will continue to use AI to enhance operations, such as targeted spam, deepfakes and social…

Source…