This week's newsletter covers the latest global cyberattacks and the risks associated with AI chatbots. We also discuss the threat of Russia cutting off the West's internet, hardware hacking to bypass BIOS passwords, and a C.S. Lewis novel that helps explain the weirdness of 2023. Additionally, we look at India's ban on encrypted chat apps and Google's legal action against fake review scams.
A Peek at the Week: Top News
🌐 Dmitry Medvedev (Russia) threatens to cut off the West’s internet
(link)
Former Russian president Dmitry Medvedev has warned that Russia could destroy underwater cables that are vital for internet and other global communications in Europe and the United States. Medvedev claimed that Moscow had the “moral” right to target its enemies’ communications infrastructure because of western complicity in the blasts that ruptured the Nord Stream 1 and 2 gas pipelines last year.
🤖 Google warns own staff about entering data into, using code from, chatbots
(link)
Google has warned its employees about the use of chatbots, including its own Bard, due to the risk of leaking confidential information. Alphabet, Google's parent company, has advised its employees not to enter confidential materials into AI chatbots and to avoid direct use of computer code that chatbots can generate. The caution reflects what’s becoming a security standard for corporations, namely to warn personnel about using publicly-available chat programs.
🔒 US Government agencies hit in global cyberattack
(link)
Several US federal government agencies have been hit in a global cyberattack that exploits a vulnerability in widely used software. The US Cybersecurity and Infrastructure Security Agency is providing support to several federal agencies that have experienced intrusions affecting their MOVEit applications. The hacking spree mounts pressure on federal officials who have pledged to put a dent in the scourge of ransomware attacks that have hobbled schools, hospitals and local governments across the US.
💻 Hardware Hacking to Bypass Bios Passwords
(link)
The article discusses how to bypass BIOS passwords on Lenovo laptops by identifying a vulnerable chip and intercepting or interrupting communication. It identifies the Electrically Erasable Programmable Read-Only Memory (EEPROM) as the vulnerable chip and explains how to locate it on a Lenovo laptop. The article also provides steps to perform a successful attack against the BIOS password, which involves locating the correct EEPROM chip, locating the SCL and SDA pins, and shorting the SCL and SDA pins at the right time.
🔓 Moveit hacks include banks and universities
(link)
Clop, a Russia-linked ransomware gang, has listed the first batch of organizations it hacked by exploiting the MOVEit flaw, including a number of U.S. banks and universities. The victim list, which was posted to Clop’s dark web leak site, includes U.S.-based financial services organizations 1st Source and First National Bankers Bank; Boston-based investment management firm Putnam Investments; the Netherlands-based Landal Greenparks; and the U.K.-based energy giant Shell. Other victims listed include financial software provider Datasite; educational non-profit National Student Clearinghouse; student health insurance provider United Healthcare Student Resources; American manufacturer Leggett & Platt; Swiss insurance company ÖKK; and the University System of Georgia (USG).
Keep making sense of the world with us at Nuse. Every day, we're working hard to filter through the noise and bring you the stories that matter most in AI and Tech. If you have any questions, suggestions, or feedback, we'd love to hear from you.
Stay curious and keep learning,