Pete Recommends – Weekly highlights on cyber security issues, December 4, 2023

Subject: How to Make Your Web Searches More Secure and Private
Source: Wired
https://www.bespacific.com/how-to-make-your-web-searches-more-secure-and-private-2/

Wired [read free]: “…There are ways to increase your privacy on Google’s platforms, like using privacy-focused browsers, privacy-focused alternatives to Google Maps, auto-deleting your web history after a certain time period, or simply limiting the amount of data the company collects in the first place by opting out of features like web-based email and location awareness. (And you should know that using your browser’s incognito mode isn’t as sneaky as you think it is.) If you’re serious about getting off the data collection grid, there’s a bevy of other privacy focused search options at your disposal. So if you want to use a search engine that doesn’t keep track of your queries, serve your data to advertisers, or change your search results based on what it thinks you’ll like, you’ve got some options…”

Wired Topics:

Subject: Google Drive users angry over losing months of stored data
Source: BleepingComputer
https://www.bleepingcomputer.com/news/google/google-drive-users-angry-over-losing-months-of-stored-data/

Google Drive users are reporting that recent files stored in the cloud have suddenly disappeared, with the cloud service reverting to a storage snapshot as it was around April-May 2023.

Google Drive is a cloud-based storage service that allows people to store and access files from any internet-connected device via their Google account. It is a widely used service by individuals and businesses (as part of Google Workspace).

A trending issue reported on Google’s support forums starting last week describes a situation where people say they lost recent data and folder structure changes.

“There is a serious issue here that needs to escalate urgently. We have a support ticket open, this has not been helpful to date,” said a Google Drive user on the support thread.

“I pay extra each month to store folders in the cloud so that it is safe, so it is devastating that all my work appears to have been lost,” another Google Drive user posted.

The activity logs on impacted accounts do not show any recent changes, confirming that the users themselves didn’t accidentally delete them.

Overall, there are no indications of a user error but rather a problem with the service’s system that prevented the synchronization of data between the local devices and Google Cloud at some point.

Some users have offline caches that might contain the missing data, but no known method exists to restore access to the data within them.

Google’s volunteer support agents have posted an alleged response from Google’s support engineers that confirms they are already investigating the issue. However, an estimate for a fix hasn’t been provided yet.

Tagged:

Subject: Inside the Operation to Bring Down Trump’s Truth Social
Source: Wired
https://www.wired.com/story/take-down-trump-truth-social/

The North Atlantic Fella Organization (NAFO) is an online activist group founded last year to combat pro-Russia propaganda related to the invasion of Ukraine. Last month, the group turned its attention to Trump’s social network and launched a campaign to take over the trending topics section on the website. The group says that the operation, which included 50 “NAFO commandos,” as members targeting Truth Social call themselves, was so successful that those running the campaign now have a long-term goal: Take down Truth Social completely.

Describing the Truth Social platform’s current environment, Kenwell compared the challenge of combating the spread of pro-Trump messaging on the platform with “dealing with your racist uncle that nobody wants at the Thanksgiving dinner table because he’s just obnoxious and looking to fight with everybody.”

Though a few of the NAFO accounts have been taken down—including a spoof Russian Embassy account, which was taken down for pretending to be an official government agency—Kenwell says he’s not worried about being kicked off Truth Social.

“We don’t care, because we’d just try again, we’d make new accounts and get back on there again,” Kenwell says. “Anyway, I don’t believe that they have the capability or the personnel to deal with something like this on an ongoing basis.”

 

Subject: Hamas-Linked Group Revives SysJoker Malware, Leverages OneDrive
Source: Hackread via Sabrina
https://www.hackread.com/hamas-group-sysjoker-malware-leverages-onedrive/

Hamas launches a new variant of Rust-based, multi-platform backdoor sysJoker against targets in Israel.

Originally identified in December 2021, the SysJoker Malware is recognized for its capability to target Windows, macOS, and Linux systems.

Amid the escalating tensions in the Israel-Hamas conflict, Check Point Research’s (CPR) team has unearthed a new variant of a multi-platform backdoor SysJoker. According to CPR, which has been monitoring the cybersecurity activities in the two countries, SysJoker malware was used by a Hamas-affiliated APT (advanced persistent threat) group to target Israel recently.

For your information, SysJoker was discovered by Intezer in 2021. It is a multi-platform backdoor, which means it can target Windows, macOS, and Linux systems. The malware has been under active evolution since its discovery and today it is equipped with a range of tactics to evade detection. The new SysJoker variant is written in Rust language.

In their technical report, CPR researchers noted that the malware code has been rewritten completely but the malware still maintains its original functionalities. The primary modification is that instead of Google Drive, the Rust variant utilizes OneDrive to store dynamic C2 URLs.

“It is important to mention that in previous SysJoker operations, the malware also had the ability not only to download and execute remote files from an archive but also to execute commands dictated by the operators. This functionality is missing in the Rust version,” researchers noted.

Tagged:

Subject: OpenAI’s Custom Chatbots Are Leaking Their Secrets
Source: WIRED
https://www.wired.com/story/openai-custom-chatbots-gpts-prompt-injection-attacks/

You don’t need to know how to code to create your own AI chatbot. Since the start of November—shortly before the chaos at the company unfoldedOpenAI has let anyone build and publish their own custom versions of ChatGPT, known as “GPTs”. Thousands have been created: A “nomad” GPT gives advice about working and living remotely, another claims to search 200 million academic papers to answer your questions, and yet another will turn you into a Pixar character.

However, these custom GPTs can also be forced into leaking their secrets. Security researchers and technologists probing the custom chatbots have made them spill the initial instructions they were given when they were created, and have also discovered and downloaded the files used to customize the chatbots. People’s personal information or proprietary data can be put at risk, experts say.

Along with other researchers at Northwestern, Yu has tested more than 200 custom GPTs, and found it “surprisingly straightforward” to reveal information from them. “Our success rate was 100 percent for file leakage and 97 percent for system prompt extraction, achievable with simple prompts that don’t require specialized knowledge in prompt engineering or red-teaming,” Yu says.

Topics
Subject: Breaking Laptop Fingerprint Sensors
Source: Schneier on Security
https://www.schneier.com/blog/archives/2023/11/breaking-laptop-fingerprint-sensors.html

They’re not that good:

Security researchers Jesse D’Aguanno and Timo Teräs write that, with varying degrees of reverse-engineering and using some external hardware, they were able to fool the Goodix fingerprint sensor in a Dell Inspiron 15, the Synaptic sensor in a Lenovo ThinkPad T14, and the ELAN sensor in one of Microsoft’s own Surface Pro Type Covers. These are just three laptop models from the wide universe of PCs, but one of these three companies usually does make the fingerprint sensor in every laptop we’ve reviewed in the last few years. It’s likely that most Windows PCs with fingerprint readers will be vulnerable to similar exploits.

Details.

Tags: authentication, biometrics, fingerprints, identification, reports, sensors, vulnerabilities

Blog RSS: https://www.schneier.com/feed/

LinkedIn
Posted in: AI, Cybercrime, Cybersecurity, Privacy, Search Engines, Social Media