Microsoft and Facebook Announce Their Election Interference Plans Ahead of 2024
In the last few years, the role of social media platforms and tech companies in influencing the outcomes of elections has become a cause of more pressing concern. In light of this growing pressure for transparency, many social media platforms have made various announcements about combating “election disinformation.” Microsoft, for instance, just came out with “new steps to protect elections” and is framing this concern for election integrity more broadly than just the goings-on in the US.
From the EU to India and many places in between, elections will be held over the next year or so, says Microsoft; however, these democratic processes are at peril. “While voters exercise this right, another force is also at work to influence and possibly interfere with the outcomes of these consequential contests,” said a blog post co-authored by Microsoft Vice Chair and President Brad Smith.
Another one of the measures is the Content Credentials digital metadata scheme, similar to meme stamp watermarking. The scheme aims “to show how, when, and by whom the content was created or edited, including if it was generated by AI.” However, considering that the most widely used browser, Chrome, is not signed up to the group (C2PA) that spawned Content Credentials, the question remains how helpful it will be to political campaigns using this tech in their images or videos.
Meta (Facebook) also announced its own effort in the same vein, seeking to combat altered content such as deepfakes – in case they “merge, combine, replace, and/or superimpose content onto a video, creating a video that appears authentic (… and) would likely mislead an average person.” Meta will also “rely on ‘independent fact-checking partners’ to review media for fake content that slipped through the company’s new disclosure requirement.”
Read:
https://reclaimthenet.org/microsoft-and-meta-detail-plans-to-combat-election-disinformation
What Users Need to Know About the New Outlook App
Microsoft is pushing users to switch to the new Outlook, but this may risk transferring users’ IMAP and SMTP mail account credentials and sending all of their emails to Microsoft’s servers. Although Microsoft explains that it is possible to switch back to the previous apps at any time, the data will already be stored by the company, continuing to give them access to read users’ emails.
The new Outlook now appears as a recommended app in the Windows Start menu of Windows 11 devices with the 2023 update. Though still under development, it is set to replace the mail program and the calendar included in Windows in 2024.
For example, when adding a mail account in the new Outlook that is not hosted by Microsoft but is located on company mail servers, the program displays a message. It links to a support article that simply states that non-Microsoft accounts are synchronized with the Microsoft cloud, whereby Gmail, Yahoo, iCloud, and IMAP accounts are currently supported. The new Outlook also does this in Android, iOS, and Mac versions. This means copies of your email, calendar, and contacts will be synchronized between your email provider and Microsoft data center. This gives the company full access to all emails and allows it to read and analyze them. Microsoft wants to provide functions that way that Gmail and IMAP do not offer.
The Federal Commissioner for Data Protection and Freedom of Information of Germany, Professor Ulrich Kelber, is alarmed by the data detour in Microsoft’s new Outlook. He posted on Mastodon that he wants to ask for a report from the Irish Data Protection Commissioner, who is responsible for companies like Microsoft, during a meeting of the European data protection supervisory authorities on Tuesday of the coming week.
Read:
https://www.heise.de/news/Microsoft-lays-hands-on-login-data-Beware-of-the-new-Outlook-9358925.html
Middle Eastern APT Group Uses Gaza as Lure for Latest Phishing Campaign
According to Proofpoint, a Middle Eastern advanced persistent threat (APT) group launched a new series of targeted cyber-espionage attacks from July to October 2023, using a new initial access downloader dubbed IronWind. The security vendor identified the actor as TA402 (aka Molerats, Gaza Cybergang, Frankenstein, WIRTE), which supports Palestinian intelligence gathering objectives.
Although active since 2020, the group’s latest campaign showed signs of new tactics – notably the use of IronWind as part of a “labyrinthine” infection chain.
“TA402 utilized three variations of this infection chain—Dropbox links, XLL file attachments, and RAR file attachments—with each variant consistently leading to the download of a DLL containing the multifunctional malware,” Proofpoint explained.
“In these campaigns, TA402 also pivoted away from its use of cloud services like Dropbox API, which Proofpoint researchers observed in activity from 2021 and 2022, to using actor-controlled infrastructure for C2 [command-and-control] communication.”
The phishing emails themselves were sent from a compromised Ministry of Foreign Affairs account to target various Middle Eastern government entities using a spoofed Gulf Cooperation Council lure.
That last phishing campaign used the war in Gaza as a lure for the first time.
“Currently, TA402 only appears to be using the conflict for lure purposes,” Proofpoint said. “Additionally, TA402 continues to phish, indicating the conflict has not significantly disrupted the group’s operations.”
Read: https://www.infosecurity-magazine.com/news/propalestine-apt-group-novel/
Massive $60M Ethereum Theft: Exploited ‘Create2’ Feature Targets 99K Victims
Over a period of six months, malevolent actors have misused Ethereum’s ‘Create2’ function to circumvent wallet security alerts and contaminate cryptocurrency addresses, resulting in the misappropriation of $60 million worth of cryptocurrency from 99,000 individuals.Web3 anti-scam specialists at ‘Scam Sniffer’ have reported multiple real-world cases of function exploitation, with individual losses reaching up to $1.6 million.
Create2, unlike the original Create opcode, permits address calculation prior to contract deployment. This powerful tool empowers Ethereum developers with advanced and flexible contract interactions, parameter-based address pre-calculation, deployment flexibility, and compatibility with off-chain transactions and specific dApps.
Scam Sniffer recorded 11 victims, losing almost $3 million since August 2023. One victim transferred $1.6 million to a similar address. While most attacks went unnoticed, some caught community attention. MetaMask warned about scammers using fresh addresses matching recent transactions. In the scam, attackers may send a small amount to register the address in the victim’s wallet history, increasing the chances of payment.
Read:
https://www.bleepingcomputer.com/news/security/ethereum-feature-abused-to-steal-60-million-from-99k-victims/
Mirai Confessions: Three Young Hackers’ Web-Killing Monster
The internet outage had significant ramifications, leading to disruptions across prominent websites and digital services. The New York Times website, Twitter, The Guardian, The Wall Street Journal, CNN, the BBC, and Fox News were among the platforms that experienced downtime. As the outage persisted, users discovered that a multitude of other digital services were also affected, uncovering an alarming number of victims. Popular platforms like Amazon, Spotify, Reddit, PayPal, Airbnb, Slack, SoundCloud, HBO, and Netflix suffered varying degrees of impairment, leaving a substantial portion of the East Coast of the United States and other regions of the country severely impacted.
The scale and breadth of the disruption became evident as Twitter intermittently sputtered back online. Users cataloged an untold number of additional digital services that had fallen victim to the outage, further amplifying the impact. The outage’s effects were felt across various sectors, with e-commerce, entertainment, communication, and media services crippled for a significant period.
This widespread impairment not only affected individuals but also had economic consequences, with businesses and organizations reliant on these services experiencing disruptions in their operations. The outage’s scope underscored the digital landscape’s interconnectedness and the importance of robust cybersecurity measures to safeguard against such cyberattacks.
Read: https://www.wired.com/story/mirai-untold-story-three-young-hackers-web-killing-monster/
Elsewhere online:
Cybercriminals Advertise New AI Chatbot Abrax666; Experts Warn of Potential Scam
Read: https://www.hackread.com/abrax666-ai-chatbot-exposed-as-potential-scam/
Hackers Compromise 22 Energy Organizations in Coordinated Attack Against Danish Critical Infrastructure
Read: https://www.securityweek.com/22-energy-firms-hacked-in-largest-coordinated-attack-on-denmarks-critical-infrastructure/
Google Takes Legal Action Against Fraudsters in Escalating Fight
Read: https://www.digitalinformationworld.com/2023/11/googles-fight-against-fraudsters.html
Israel Raises Alarm Over BiBi Wiper Attacks on Linux and Windows Systems
Read: https://www.bleepingcomputer.com/news/security/israel-warns-of-bibi-wiper-attacks-targeting-linux-and-windows/
Critical Security Vulnerability Addressed in VMware’s Cloud Director Appliance
Read: https://www.cisa.gov/news-events/alerts/2023/11/14/vmware-releases-security-update-cloud-director-appliance
Previously on #AxisOfEasy
