- Defend & Conquer Weekly Cybersecurity Newsletter
- Posts
- Major breaches, AI risks, and solutions
Major breaches, AI risks, and solutions
CybersecurityHQ News
Welcome reader to your CybersecurityHQ report
Brought to you by:
Cypago enables strategic decision making through a full Cyber GRC product suite to help you avoid business reputation impact, financial or client trust losses
—
Updates:
—
Weekly Headlines
Salt Typhoon: US Telecom Breach
The continuing fallout from the discovery of Salt Typhoon has led US officials to recommend all Americans only use encrypted apps. The attack compromised US telecommunications giants like AT&T, Verizon, and Lumen Technologies, marking one of the most significant intelligence breaches in US history.
The attack, attributed to Chinese hackers, targeted sensitive call records, live calls of specific individuals, and systems used to comply with law enforcement tracking orders (CALEA)—i.e., wiretapping.
On a Tuesday call, officials, including FBI representatives and cybersecurity experts, recommended that Americans use encrypted messaging apps, such as Signal or WhatsApp, to protect communications. They would not even consider putting forward a timetable for when they could give the all-clear to these telecom giants.
As the story unfolds, observers continue to brace for still more information. Salt Typhoon clearly will go down as a major cyberattack, but the full scope of the impact has yet to be seen.
AI's Election Impact: Minimal Disruption
Generative AI did not significantly disrupt global elections in 2024—or so says Meta Global Affairs President Nick Clegg. Despite concerns about AI-enabled disinformation and deepfakes, Meta’s data shows AI-related election content accounted for less than 1% of all fact-checked misinformation. Clegg credited existing policies and processes with mitigating risks, even as over two billion people participated in elections across major democracies throughout the year.
Meta rejected 590,000 requests to generate images of political figures during the US election. And hostile actors, primarily from Russia and Iran, achieved only minor gains using generative AI for influence campaigns.
To enhance transparency, Meta required labels on AI-generated posts and ads and introduced tools like AudioSeal to mark AI-generated speech. While AI's role in disrupting elections was minimal this year, Clegg cautioned that its growing prevalence could pose future risks.
Election Manipulation Sparks TikTok Controversy
But AI isn’t the only tech issue with current elections, as TikTok is now being taken to task for the recent success of Calin Georgescu in Romania’s first round of presidential elections. He won an unexpected 22.5% of the vote, and his high performance sparked allegations of social media manipulation.
Critics claim Georgescu’s campaign used thousands of bots on TikTok to amplify his content, creating fake virality and skewing the democratic process. His controversial platform includes praise for Vladimir Putin, denial of COVID-19, and glorification of Romania’s WWII dictator Ion Antonescu (who collaborated with the Nazi regime in the murder of 350,000 Jews), yet his TikTok posts—dramatic videos of judo, horseback riding, and nationalistic imagery—garnered over 100 million views, unprecedented in a country with only 8 million TikTok users.
He allegedly used bots to generate fake virality and further push his content.
Romania’s Supreme Council of Defense said TikTok failed to mark Georgescu’s videos as campaign content, boosting their visibility, while other candidates’ posts were filtered by algorithms. TikTok denies any bias, claiming all candidates were treated equally under its rules, which ban political advertising.
Romania’s Constitutional Court is reviewing whether to annul the election results, and their decision is expected Monday.
Crypto.com Unveils $2M Bug Bounty
Crypto.com, one of the world's largest cryptocurrency trading platforms, has launched a record-breaking $2 million bug bounty program through HackerOne. This initiative rewards ethical hackers for uncovering critical security vulnerabilities that could result in significant financial losses or data breaches. It marks the highest bounty ever offered on the HackerOne platform since its inception in 2012.
With over 100 million users in 90 countries, Crypto.com emphasizes a “zero trust” security strategy and views ethical hackers as extensions of its internal security team. CEO Kris Marszalek stated the program underscores the company's commitment to consumer protection and raising industry standards.
To qualify for the top payout, hackers must identify vulnerabilities capable of causing immediate losses exceeding $1 million or exposing extensive customer data.
Stoli USA Files Chapter 11
Stoli Group USA, the American division of the spirits producer known for Stoli vodka (formerly Stolichnaya), filed for Chapter 11 bankruptcy on November 27, 2024, in Texas. The company cited a ransomware attack in August that disrupted its primary operational systems, leading to significant challenges in tracking resources and fulfilling banking compliance requirements.
Additionally, Stoli Group USA is contending with financial strains, including liabilities estimated between $50 million and $100 million, and ongoing legal disputes with Russia over brand ownership. Despite these setbacks, the company plans to restructure and continue operations, aiming to complete the reorganization by mid-2025.
Odessa Cyberattack Cripples City Services
And there’s more cyber security news out of Texas—the City of Odessa is entering its third week of disruptions caused by a "cyber incident" that began on November 21, impacting all city departments and services. A "malicious script" was identified and removed the same day, but extensive system restoration has delayed full functionality. The city aims to be back online by December 5.
The attack prevented residents from paying bills and forced the local court system to revert to paper filings and reschedule dockets. City officials assured residents that no late fees would be applied and services would not be disconnected during the outage. Payments can be made via money orders or checks at City Hall.
Efforts to restore services include installing new water meters with improved usage insights. The city continues to work diligently on resolving the issue while emphasizing cybersecurity improvements to prevent future disruptions.
Regulators Crack Down on Brokers
US regulators are taking significant steps to curb data broker practices and enhance privacy protections. The Consumer Financial Protection Bureau (CFPB) has proposed a rule under the Fair Credit Reporting Act (FCRA) to block data brokers from selling Americans’ sensitive personal and financial information, such as Social Security numbers and phone numbers.
The rule would align data brokers with credit bureaus, imposing stricter compliance measures and limiting the sale of identifiable information. Public comments on the proposal will remain open until March 2025.
In a related story, the Federal Trade Commission (FTC) reached settlements with data brokers Gravy Analytics and Mobilewalla over allegations of unlawfully collecting and selling granular location data. The data included visits to sensitive locations like medical facilities, places of worship, and military bases. Both companies must delete previously collected sensitive data, stop gathering such information, and implement programs to prevent misuse.
Telegram Partners to Combat Abuse
The scandal-dogged Telegram is making moves to clean up its platform (and image). The company has partnered with the UK-based Internet Watch Foundation (IWF) to combat the spread of child sexual abuse material on its platform, marking a significant shift for the encrypted messaging service.
The IWF, a non-profit organization focused on removing child abuse content online, will provide Telegram access to tools like content detection hashes to identify and block abusive images, videos, and links to known illicit sites. The collaboration will also address AI-generated and non-photographic depictions of child abuse.
The move follows criticism of Telegram for inadequate cooperation with law enforcement on crimes like child abuse and drug trafficking. CEO Pavel Durov’s arrest in France earlier this year for allegedly ignoring such issues further heightened scrutiny.
Telegram, which has 950 million active users, has since revised its policies, allowing authorities access to user data through legal requests. This partnership signals a stricter stance against criminal misuse of the platform.
Upgrade your subscription for exclusive access to member-only insights and services.
Interesting Read
A new article on Ars Technica from Dave Paresh narrates the story of an online tool that is both interesting and, when you really think about it, quite terrifying.
Software engineer Vishnu Mohandas left his job at Google in 2020 and stopped using Google Photos, concerned that personal content could be exploited to train AI systems. He wanted to create a private, secure alternative, so Mohandas developed Ente—an open-source, end-to-end encrypted photo storage service.
But who cares about private photo storage? Who cares if Google AI eats up all our photos?
To help the full implication of this sink in, Ente launched Theyseeyourphotos.com, demonstrating how Google’s AI models analyze uploaded images.
Spending even a little time on the site begins to turn the stomach, thanks to the sheer amount of information that a single image seems to give. It’s definitely worth a look. And it’s a great tool to share with less tech-savvy loved ones who aren’t sure why image security is important.
Principal Software Engineer (ZDX)
Zscaler
San Jose, CA, US
PINKERTON | Comprehensive Risk Management
Washington, DC, US
Sr. Staff Deployment Engineer, SASE
Netskope
Santa Clara, CA, US
CITI
Irving, TX, US
DevSecOps Engineer / Principal DevSecOps Engineer (AHT)
Northrop Grumman
Maryland, United States
Sentinel Blue
Remote
Senior Security Engineer, Operational Technology, Cloud CISO
Google
Kirkland, Washington, US
VioletX
Los Angeles, CA, US
Head of Information Security / CISO
Cherry Bekaert
Arlington, Virginia, United States
Twitter Highlights
Europol has taken down the encrypted messaging platform known as 'Matrix'.
For three months, authorities were able to monitor the messages from possible criminals. MATRIX was first discovered by Dutch authorities on the phone of a criminal convicted for the murder of a Dutch… x.com/i/web/status/1…
— vxdb (@vxdb)
4:23 AM • Dec 4, 2024
US critical infrastructure, military at risk of Chinese LiDAR tech compromise
— Nicolas Krassas (@Dinosn)
4:13 AM • Dec 4, 2024
Stay Safe, Stay Secure.
The CybersecurityHQ Team
Reply