Stolen Slack Employee Tokens Lead to Christmas Github Repository
According to a security incident notice posted by Slack on Dec 31, 2022, various threat actors gained access to Slack’s externally hosted GitHub repositories over the holidays through a limited number of stolen Slack employee tokens. According to the security notice, “No downloaded repositories contained customer data, means to access customer data, or Slack’s primary codebase.” The stolen tokens have since been invalidated.
Slack’s security team reports that, “Based on currently available information, the unauthorized access did not result from a vulnerability inherent to Slack. We will continue to investigate and monitor for further exposure.”
BleepingComputer.com noticed, however, that this new security update was not posted to the company’s international news blog at the time of writing, despite the very same update claiming to take customer transparency “very seriously.” Additionally, this security update is marked with a ‘noindex’ tag—an HTML feature that excludes a webpage from search engine results, thus making it harder to discover the page.
Other techniques that companies often use to decrease the transparency of news that shines an unfavorable light on them include the use of geofencing and tailoring the robots.txt file. Such techniques, including the use of ‘noindex’ in important announcements, are typically frowned upon, though they may be accidentally applied while trying to generate ‘canonical’ links.
Read: https://www.bleepingcomputer.com/news/security/slacks-private-github-code-repositories-stolen-over-holidays/
ChatGPT and the Potential for AI Tools to Democratize Cybercrime
Check Point Research (CPR) experts published new advisory findings last Friday concerning Open AI’s ChatGPT software. In an email to Infosecurity magazine, the former stated that various cyber criminals and threat actors were “creating infostealers, encryption tools and facilitating fraud activity” via ChatGPT.
The CPR findings were published in the wake of three cases in which ChatGPT was reportedly being used for nefarious reasons. In the first case, spotted on Dec 29 in a dark web forum, tutorials and techniques to recreate common malware strains were being posted. “These posts seemed to be demonstrating [to] less technically capable cyber-criminals how to utilize ChatGPT for malicious purposes, with real examples they can immediately use,” wrote CPR.
In last December’s second instance, security researchers had noticed how certain threat actors had been posting tutorials on how to make a multi-layered Python encryption tool, meaning that “cyber-criminals who have little to no development skills at all could leverage ChatGPT to develop malicious tools,” explained CPR.
In the final instance, the team spotted a cyber criminal write a tutorial on how to create dark web marketplace scripts using ChatGPT. “The marketplace’s main role in the underground illicit economy is to provide a platform for the automated trade of illegal or stolen goods like stolen accounts or payment cards, malware, or even drugs and ammunition, with all payments in cryptocurrencies,” reads the advisory.
The CPR report was published just a few weeks after cybersecurity experts had first warned about ChatGPT’s potential to democratize cybercrime. Indeed, Omer Dembinsky, data group manager at Check Point, predicts that AI tools like ChatGPT will continue to fuel cyber-attacks in 2023.
Read: https://www.infosecurity-magazine.com/news/chatgpt-develop-malicious-tools/
Claims of Russian bots narrative
In a revealing development, the latest Twitter Files report has exposed prominent Democrats who knowingly pushed an unsubstantiated narrative regarding Russian bots amplifying Rep. Nunes’ explosive memo that detailed efforts to spy on then-candidate Trump’s campaign — despite being assured by Twitter executives it was false information. This exposé is part of Matt Taibbi’s 14th installment series, highlighting government overreach and manipulation in today’s digital age.
Twitter was ablaze with #ReleaseTheMemo hashtags, reflecting the widespread call for public release of Nunes’s then-classified memo. Upon publication, the memo exposed how the FBI obtained a FISA warrant for Carter Page based on unverified opposition research.
Taibbi shared an email from Emily Horne, Twitter’s global policy communications director at the time. In the email shared internally on Jan. 23, Horne stated that it was impossible to identify whether or not an account was automated and Russian with any degree of certainty. Moreover, despite early speculation of potential Russian interference after the hashtag #releasethememo began to trend, Twitter’s trust and safety chief at the time explained that no accounts showed evidence of affiliating with Russia.
Despite their firm conviction that there was no Russian involvement present, Twitter still abided by the narrative of Russia’s interference without any resistance. As journalists from several major news outlets adopted and reinforced this line without reliable evidence, it became clear there was little incentive to stop pushing forward the unfounded angle.
“Russians weren’t just blamed for #ReleaseTheMemo but #SchumerShutdown, #ParklandShooting, even #GunControlNow—to ‘widen the divide,’ according to the New York Times,” Taibbi added.
Read: https://www.theepochtimes.com/claims-that-russian-bots-pushed-releasethememo-were-fake-latest-twitter-files-confirm_4982009.html
Elsewhere Online
What California’s COVID-19 Misinformation Law Has In Store
Read: https://www.zerohedge.com/political/dystopian-roots-californias-covid-19-misinformation-law
Several vulnerabilities in private taxonomies have been addressed in a Drupal security update
Read: https://www.cisa.gov/uscert/ncas/current-activity/2023/01/12/drupal-releases-security-update-address-vulnerability-private
Reviver’s plate authentication flaw lets hackers track people
Read: https://www.vice.com/en/article/wxn9vx/researchers-track-reviver-digital-license-plate-gps-location
Facebook’s Ad Manager Service Spoofed in Latest Phishing Attempts
Read: https://www.avanan.com/blog/facebook-termination-notices-leads-to-phishing
WhatsApp unveils revolutionary feature: users can now sidestep government blocks with new proxy support
Read: https://mybroadband.co.za/news/internet/475699-whatsapp-launches-feature-to-bypass-censorship.html
Sounds like an Aldous Huxley quote
This Week’s Quote: “The best way to keep a prisoner from escaping …. is by Fyodor Dostoevsky?
I hope I’m doing this correctly – my first time guessing.