Pete Recommends – Weekly highlights on cyber security issues, September 21, 2024

Subject: AI voices are officially too realistic!
Source: Android Headlines
https://www.androidheadlines.com/2024/09/ai-voices-too-realistic.html

AI-generated voices are nothing new, as they’ve been around for decades. Be that as it may, the digital voices we’ve experienced over the years wouldn’t exactly fool anyone. However, nowadays, I think that digital voices have reached the point where they can be scary. This is for several reasons. Are AI-generated voices too realistic nowadays?We’ve come a long way from those clinical and disjointed voices we’ve heard over the years. Think about old digital voices from the 2000s and 2010s. Google Assistant and Alexa were about as good as it was going to get. However, with the generative AI boom, there came a huge push to make AI more realistic, and you can bet that this had a profound effect on how much work people put into their digital voices.

Now, think about the voices that OpenAI showed off when it launched GPT-4o. Right now, there are four voices on the platform. We also can’t forget about Google’s Gemini voice. While they all sound realistic, I don’t think that we were seeing just how insane these voices could get. It wasn’t until I tried Google’s new tool that I realized that digital voices might have crossed the threshold into realism.

NotebookLM showed me that digital voices are too realistic.

The voices sound disturbingly realistic for several reasons. The sentences flow naturally and the cadence and inflection of the speakers are extremely natural. Not just that, but Google even captured some of the little things that differentiate man from machine. I can hear breath noises, it adds the “ums” and “likes” that you hear when people are talking in real life, and there was even an instance where one of the speakers had a false start to a word and corrected himself. Google even went so far as to have one of the speakers laugh.

Filed: https://www.androidheadlines.com/category/google-news/gemini


Subject: ‘Terrorgram’ Charges Show US Has Had Tools to Crack Down on Far-Right Terrorism All Along
Source: WIRED
https://www.wired.com/story/terrorgram-collective-indictments/

On Monday, United States prosecutors in Sacramento, California, unveiled a 15-count indictment accusing Dallas Erin Humber, 34, and Matthew Robert Allison, 37, of serving as core members of a virulent neo-Nazi propaganda network that solicited attacks on federal officials, power infrastructure, people of color, and material support for acts of terrorism both within the US and overseas.The group, known as the Terrorgram Collective, has produced four publications to date—a blend of ideological motivation, mass murder worship, neofascist indoctrination, and how-to manuals for chemical weapons attacks, infrastructure sabotage, and ethnic cleansing. The screeds have directly inspired a series of ideologically motivated attacks around the world, including a 2022 mass shooting at an LGBTQ bar in Bratislava, Slovakia; successful attacks on power infrastructure in North Carolina and similar failed plots in Baltimore and New Jersey; and a stabbing spree in the Turkish city of Eskisehir.

Humber and Allison were both federal targets as early as early 2023, but authorities appear to have waited for a year and a half to compile evidence of potential attacks around the world, and for the British government’s decision this April to formally ban the Terrorgram Collective, before filing an indictment that could land the defendants in prison for more than two centuries. To date, American authorities have charged at least four individuals allegedly involved in the Terrorgram Collective with terrorism-related offenses.

Relying on the UK government’s April order declaring the Terrorgram Collective a banned terrorist group and a little-employed section of the “material support for terrorism” section of the US criminal code, federal prosecutors are finally taking an aggressive, whole-of-law approach to violent neofascist extremism.

“What it shows is exactly what I’ve been arguing for years: All the tools they need to do this work, they have,” says Michael German, a former FBI special agent and a liberty and national security fellow at the Brennan Center for Justice, an NYU School of Law nonprofit. German points to years of arguments by the FBI and Department of Justice that they are hamstrung by existing laws when it comes to tackling violent extremists within the United States. “It also reveals the false separation that the government makes about international and domestic terrorism—white supremacy has always been transnational.”

The UK’s order against the Terrorgram Collective provided American authorities a basis for labeling a diffusive, ostensibly domestic propaganda group as a “transnational terrorist organization” in a detention motion filed on Tuesday, potentially opening Humber and Allison up to deleterious additional charges and sentencing enhancements. In other words, the US is treating Terrorgram in ways similar to how it has treated Islamist terrorist organizations.

[more]


Subject: At Microsoft’s security summit, experts debated how to prevent another global IT meltdown. Will it help?
Source: ZDNET
https://www.zdnet.com/article/at-microsofts-security-summit-experts-debated-how-to-prevent-another-global-it-meltdown-will-it-help/

In the wake of the devastating CrowdStrike meltdown earlier this year, Microsoft convened a meeting with leaders from the endpoint security business. Did anything useful come of it?

There is no doubt that the great CrowdStrike-Windows meltdown in July 2024 was an economic disaster. It was the largest IT outage in history. Its effects disrupted banking systems, healthcare networks, and the global air transportation network. As the post-incident analyses made clear, it was entirely preventable.

In the wake of that incident, Microsoft convened a day-long Windows Endpoint Security Ecosystem Summit held earlier this week at its Redmond headquarters. The goal of the closed event, which was not open to the press or outside observers, was to bring together what Microsoft called “a diverse group of endpoint security vendors and government officials from the US and Europe to discuss strategies for improving resiliency and protecting our mutual customers’ critical infrastructure.”

As that report notes, the roundtable “was not a decision-making meeting … we discussed the complexities of the modern security landscape, acknowledging there are no simple solutions.” But one theme that runs through the meeting summary is a collective realization that the industry cannot afford another CrowdStrike incident.

The CrowdStrike incident in July underscored the responsibility security vendors have to drive both resiliency and agile, adaptive protection. … We face a common set of challenges in safely rolling out updates to the large Windows ecosystem, from deciding how to do measured rollouts with a diverse set of endpoints to being able to pause or rollback if needed. A core [Safe Deployment Practices] principle is gradual and staged deployment of updates sent to customers.

There’s slightly more color in the comments from meeting participants that were appended to the end of Microsoft’s corporate blog post, like this blast from Ric Smith, Chief Product and Technology Officer of CrowdStrike competitor SentinelOne…


Subject: US cracks down on spyware vendor Intellexa with more sanctions
Source: Bleeping Computer
https://www.bleepingcomputer.com/news/security/us-cracks-down-on-spyware-vendor-intellexa-with-more-sanctions/

Today, the U.S. Department of the Treasury has sanctioned five executives and one entity linked to the Intellexa Consortium for developing and distributing Predator commercial spyware.Intellexa Consortium is a network of decentralized companies that developed and sold highly intrusive spyware products marketed under the “Predator” brand.

Predator spyware has allowed Intellexa customers worldwide — mostly state-sponsored actors and governments — to access sensitive information on victims’ smartphones, including photos, geolocation data, personal messages, and microphone records in one-click or zero-click attacks.

Intellexa spyware tools have been used to target government officials, journalists, policy experts, tech executives, and opposition politicians in campaigns to intimidate political adversaries, restrict freedom of speech, suppress dissent, and monitor journalists’ activities worldwide and in the United States.

In March, Google subsidiary Mandiant and Google’s Threat Analysis Group (TAG) revealed that commercial surveillance vendors have been behind 50% of all zero-day exploits used to target Google products and Android devices in 2023.

New sanctions announced Monday include…

Tagged:

Subject: DuckDuckGo Joins AI Chat, Promises Enhanced Anonymity
Source: Tech Republic
https://www.techrepublic.com/article/duckduckgo-joins-ai-chat/

Table of Contents

DuckDuckGo, a search company, launched a free and anonymous AI Chat service in June 2024. AI Chat joins DuckAssist, which generates answers based on Wikipedia, as a way to explore topics with AI. AI Chat operates with the widely used prompt-and-response process popularized by OpenAI’s ChatGPT and Google’s Gemini.But DuckDuckGo’s AI Chat seeks to minimize potential privacy concerns by design. AI Chat offers anonymous access: No account, username, email address, or password needed. DuckDuckGo promises that your prompts and information will not be used to train any of the AI models. This means you shouldn’t worry about content from your queries being embedded in a response delivered to other people.

As of September 2024, AI Chat lets you choose to chat with any of four chat models:

Also Read


Subject: Apple Drops Spyware Case Against NSO Group, Citing Risk of Threat Intelligence Exposure
Source:  The Hacker News Logo
https://thehackernews.com/2024/09/apple-drops-spyware-case-against-nso.html

Apple has filed a motion to “voluntarily” dismiss its lawsuit against commercial spyware vendor NSO Group, citing a shifting risk landscape that could lead to exposure of critical “threat intelligence” information. The development was first reported by The Washington Post on Friday.

The iPhone maker said its efforts, coupled with those of others in the industry and national governments to tackle the rise of commercial spyware, have “substantially weakened” the defendants.

“At the same time, unfortunately, other malicious actors have arisen in the commercial spyware industry,” the company said. “It is because of this combination of factors that Apple now seeks voluntary dismissal of this case.”


Subject: Report finds port security threat in Chinese tech, equipment
Source: Homeland Preparedness News
https://homelandprepnews.com/stories/82329-report-finds-port-security-threat-in-chinese-tech-equipment/

On Friday, a joint investigation found a rising threat to U.S. economic and homeland security in the Chinese Communist Party’s dominance in U.S. port infrastructure.

Companies like Shanghai Zhenhua Heavy Industries (ZPMC) which dominates the global market of ship-to-shore port cranes, create cybersecurity and national security vulnerabilities, the report said, because of their ability to track the movement of goods through our ports or even halt port activity. ZPMC currently accounts for nearly 80 percent of the STS cranes in operation at U.S. ports, the report found. “The evidence gathered during our joint investigation indicates that ZPMC could, if desired, serve as a Trojan horse capable of helping the CCP and the PRC military exploit and manipulate U.S. maritime equipment and technology at their request. This vulnerability in our critical infrastructure has the potential to affect Americans from coast to coast,” the report said. “While the Biden administration’s executive orders on maritime security are an important step forward, our investigation proves immense damage may have already been done. This report must be a wake-up call for maritime sector stakeholders and the federal government to address this threat with far more urgency. Our homeland security depends on it.”


Subject: Scam ‘Funeral Streaming’ Groups Thrive on Facebook
Source: Krebs on Security
https://krebsonsecurity.com/2024/09/scam-funeral-streaming-groups-thrive-on-facebook/

Scammers are flooding Facebook with groups that purport to offer video streaming of funeral services for the recently deceased. Friends and family who follow the links for the streaming services are then asked to cough up their credit card information. Recently, these scammers have branched out into offering fake streaming services for nearly any kind of event advertised on Facebook. Here’s a closer look at the size of this scheme, and some findings about who may be responsible.KrebsOnSecurity recently heard from a reader named George who said a friend had just passed away, and he noticed that a Facebook group had been created in that friend’s memory. The page listed the correct time and date of the funeral service, which it claimed could be streamed over the Internet by following a link that led to a page requesting credit card information.

“After I posted about the site, a buddy of mine indicated [the same thing] happened to her when her friend passed away two weeks ago,” George said.

Searching Facebook/Meta for a few simple keywords like “funeral” and “stream” reveals countless funeral group pages on Facebook, some of them for services in the past and others erected for an upcoming funeral.

All of these groups include images of the deceased as their profile photo, and seek to funnel users to a handful of newly-registered video streaming websites that require a credit card payment before one can continue. Even more galling, some of these pages request donations in the name of the deceased.


Subject: Tor anonymity infiltrated: Law enforcement monitors servers successfully
Source: gHacks Tech News
https://www.ghacks.net/2024/09/19/tor-anonymity-infiltrated-law-enforcement-monitors-servers-successfully/

Anonymity cracks

Law enforcement agencies in Germany have monitored Tor servers for months to identify individual users. The agencies managed to identify a server of the ransomware group Vanir Locker that the group operated from within the Tor network.

The group announced that it would release copied data from one of its latest coups on the server. Law enforcement agents managed to identify the location of the server by using a technique that is called Timing Analysis.

Timing Analysis is used to link connections to nodes in the Tor network to local Internet connections. The method depends on the monitoring of as many Tor nodes as possible, as this increases the chance of identification.

This confirms that law enforcement is monitoring Tor nodes. It seems likely that German law enforcement agencies are not the only ones using the technique for identification.

Closing Words

It is not only law enforcement agencies that may use the technique to identify criminals. Oppressive regimes may use the very same method to identify users who try to stay anonymous to evade prosecution.

A blog post on the Tor Project blog sheds some light on the issue. It addresses the identification in the child abuse case. The maintainers admit that they did not have access to sources, but believe that Tor continues to be one of the best options to stay anonymous for the majority of Internet users.

Category:https://www.ghacks.net/category/software/security/


Subject: FTC Says Social Media Platforms Engage in ‘Vast Surveillance’ of Users
Source: Gizmodo
https://gizmodo.com/ftc-says-social-media-platforms-engage-in-vast-surveillance-of-users-2000500840

Social media platforms are engaging in “vast surveillance” of people online and failing to protect children, according to a new report from the U.S. Federal Trade Commission. And if you thought Big Tech was serious about calling for FTC Chair Lina Khan to be fired before, just wait until this report properly trickles through Silicon Valley today.The FTC issued a warning letter back in late 2020 to nine social media and video streaming services alleging their operations were “dangerously opaque” and said their data collection techniques and algorithms were “shrouded in secrecy.” The companies—Amazon, Facebook, YouTube, X, Snap, ByteDance, Discord, Reddit, and WhatsApp—were told the FTC would be investigating their practices and Thursday’s report is the result of those efforts.

The report notes that the amount of data collected by large tech companies is enormous, even using the words “simply staggering,” to describe how both users and non-users alike can be tracked in myriad ways. And that data that’s collected directly by platforms is then combined with data from third-party brokers to compile an even more detailed picture of any given person, according to the FTC.

“In fact, the Companies collected so much data that in response to the Commission’s questions, they often could not even identify all the data points they collected or all of the third parties they shared that data with,” the report continues.


Subject: Tor Network Denies Report That ‘Anonymity Is Completely Canceled’
Source: Gizmodo
https://gizmodo.com/tor-network-denies-report-that-anonymity-is-completely-canceled-2000501042

The Tor Project says its network–used globally by millions of people to anonymously browse and share information online–remains safe and secure despite news reports that German authorities were able to de-anonymize a particular Tor user.On Wednesday, the German outlets Panorama and STRG_F published an article based on documents from a German Federal Criminal Police case that supposedly showed statistical analysis techniques through which “Tor anonymity is completely canceled out.” The news sparked immediate concern among Tor users.

But the danger seems to have been overstated, according to the Tor Project. In a blog post, the nonprofit organization that maintains the Tor network said that based on the limited information provided to it by the German outlets it appears the Tor user in question was only able to be de-anonymized because they were using an outdated service that had not been updated to use the latest security protocols.

“Please note, that for the great majority of users worldwide that need to protect their privacy while browsing the Internet, Tor is still the best solution for them,” the organization said. “We encourage Tor Browser users and relay operators to always keep software versions up to date.”

The German investigation appears to have taken place between 2019 and 2021. The Tor Project said it released new traffic protocols in 2018 designed to thwart such attacks, but that the older Ricochet service had not implemented them.


Subject: Clickbaity or genius? ‘BF cheated on you’ QR codes pop up across UK
Source: BleepingComputer
https://www.bleepingcomputer.com/news/security/clickbaity-or-genius-bf-cheated-on-you-qr-codes-pop-up-across-uk/

“If your name is Emily and your boyfriend went out last night HE CHEATED. Heres [sic] the video for proof,” states a poster seen in Manchester, England this week.My name isn’t Emily, but anyone who comes across such a poster would stop by to take a closer look—it piques curiosity, breeds insecurity, and sparks controversy.

And the blatant QR code underneath staring at your face makes you think for a second what all could it reveal…

As for the URL this QR code leads to? Not the video clip you were expecting…

http://www.prograd.uk/find-your-side-hustle?utm_source=In+Person&utm_medium=Posters&utm_campaign=poster+6

It leads to Prograd, a UK-based “side hustle comparison” app geared towards college students and youngsters.

Notice the “UTM” tracking codes in the URL too. These parameters are often relied upon by analytics and marketing platforms to track how well a campaign is performing, and through what mediums.

Clickbaity or genius?

Promotional campaigns like these fall under “shockvertising” and guerllia marketing tactics that deliberately use unconventional slogans and images to capture attention, sometimes in ways that could be considered insincere, controversial or outright distressing by some.

Prograd, which describes itself as “UK’s #1 side hustle comparison website” told us that they rolled out the campaign this Tuesday, September 17th.

Scanning QR codes seen in public can be risky

Although this campaign is a harmless, playful prank, it’s still a form of social engineering, from a security perspective.

Readers should exercise caution when scanning QR codes in public spaces and carefully inspect the links as these could very well be taking you to malicious websites and apps.

Cases of fake car parking citations with QR codes targeting motorists have also become rampant in the US and the UK in the last few years.

Posted in: AI, Cybercrime, Cybersecurity, Internet Trends, Privacy, Search Engines, Search Strategies, Social Media, Spyware, Technology Trends