FBI Director Admits that the Law Enforcement Agency Coerces Bank Of America, Other Businesses to Share Innocent Americans’ Records ‘All The Time’
In a recent House Judiciary meeting, FBI Director Christopher Wray admitted that the federal law enforcement agency regularly obtains innocent Americans’ personal data from companies with the intent of potentially charging them with crimes.
His confession confirms the testimony of an FBI whistleblower who told congressional investigators earlier this year that the Bank of America sent the federal law enforcement agency a list of financial records for Americans who used the bank’s credit or debit cards in close proximity to Washington D.C. around the Jan. 6, 2021 Capitol riot. It also confirms many Americans’ suspicions that the FBI is being weaponized against the people it’s sworn to protect.
“George Hill, former FBI supervisory intelligence analyst in the Boston field office, told us that the Bank of America, with no legal process, gave the FBI gun purchase records with no geographical boundaries for anybody that was a Bank of America customer. Is that true?” Republican Rep. Thomas Massie asked.
“A number of business community partners, including financial institutions, share information with us about possible criminal activity, and my understanding is that that’s fully lawful,” Wray explained.
Hill told investigators that of the customers on its list, Bank of America highlighted at the top of the list those who had ever purchased a firearm with a Bank of America card.
During the hearing, however, Wray insisted that Americans’ personal firearm transaction records were “shared with field offices for information only” and even claimed that data was “recalled to avoid even the appearance of any kind of overreach.”
The FBI, the retired analyst explained, also encouraged agents to use the transaction records to jump-start and pursue criminal investigations. When agents at branches like the Boston field office refused, Hill said the D.C. field office threatened to go above their heads to their superiors.
Read: https://thefederalist.com/2023/07/12/wray-admits-bank-of-america-other-businesses-share-innocent-americans-records-with-fbi-all-the-time/
WormGPT: New Generative AI Tool that Allows Cybercriminals to Launch Sophisticated Cyber Attacks Advertised Underground
As AI continues to sweep the world by storm, the new technology has also been repurposed by malicious actors to their own advantage, enabling avenues for accelerated cybercrime. According to SlashNext findings, a new generative AI cybercrime tool called WormGPT has been advertised on underground forums as a way for adversaries to launch sophisticated phishing and business email compromise (BEC) attacks.
“This tool presents itself as a blackhat alternative to GPT models, designed specifically for malicious activities,” says security researcher Daniel Kelley. “Cybercriminals can use such technology to automate the creation of highly convincing fake emails, personalized to the recipient, thus increasing the chances of success for the attack.”
In the hands of a bad actor, tools like WormGPT could be a powerful weapon, especially as OpenAI ChatGPT and Google Bard are increasingly taking steps to combat the abuse of large language models (LLMs) to fabricate convincing phishing emails and generate malicious code.
“Bard’s anti-abuse restrictors in the realm of cybersecurity are significantly lower compared to those of ChatGPT,” Check Point said in a report this week. “Consequently, it is much easier to generate malicious content using Bard’s capabilities.”
The fact that WormGPT operates without any ethical boundaries underscores the threat posed by generative AI, even permitting novice cybercriminals to launch attacks swiftly and at scale without having the technical wherewithal to do so.
Making matters worse, threat actors are promoting “jailbreaks” for ChatGPT, engineering specialized prompts and inputs that are designed to manipulate the tool into generating output that could involve disclosing sensitive information, producing inappropriate content, and executing harmful code.
“Generative AI can create emails with impeccable grammar, making them seem legitimate and reducing the likelihood of being flagged as suspicious,” Kelley said.
Read: https://thehackernews.com/2023/07/wormgpt-new-ai-tool-allows.html
Microsoft’s Ongoing Investigation Into How China-Backed Hackers Broke into Inboxes of US Officials
In a blog post Friday, Microsoft said it was a matter of “ongoing investigation” how China-backed hackers broke into dozens of email inboxes, including those belonging to several federal government agencies. Hackers had obtained a Microsoft signing key that was abused to allow access to private and confidential inboxes.
Microsoft divulged the incident last Tuesday, attributing the month-long activity to a newly discovered espionage group it calls Storm-0558. U.S. cybersecurity agency CISA said the hacks, which began in mid-May, included a small number of government accounts and that the hackers exfiltrated some unclassified email data. While the U.S. government has not publicly attributed the hacks, China’s top foreign ministry spokesperson denied the allegations on Wednesday.
Where China has used previously unknown vulnerabilities to individually hack into Microsoft-powered email servers to steal corporate data, this hacking group instead went directly to the source by targeting new and undisclosed vulnerabilities in Microsoft’s cloud.
In its blog post, Microsoft said the hackers acquired one of its consumer signing keys, or MSA key, which the company uses to secure consumer email accounts, like for accessing Outlook.com. It initially thought the hackers were forging authentication tokens using an acquired enterprise signing key, which are used to secure corporate and enterprise email accounts. It was later found, however, that the hackers were using the consumer MSA key to forge tokens that allowed them to break into enterprise inboxes. Microsoft said this was because of a “validation error in Microsoft code.”
Microsoft said it has blocked “all actor activity” related to this incident, suggesting that the incident is over and that the hackers lost access. The company says it has since hardened its key issuance systems, presumably to prevent hackers from churning out another digital skeleton key.
With the immediate threat thought to be over, Microsoft now faces scrutiny for its handling of the incident, thought to be the biggest breach of unclassified government data since the Russian espionage campaign that hacked SolarWinds in 2020.
Read: https://techcrunch.com/2023/07/17/microsoft-lost-keys-government-hacked/
Meta Blocks Canadian News Sites in Response to Government’s Cash Demand
Canada’s regulatory changes have led to a digital conflict between tech giants and Canadian news outlets. Instagram and Meta’s new app Threads are limiting access to news content due to the Canadian government’s attempt to demand cash payments.
Instagram’s blocking of Canadian news outlets was revealed after social media administrators in the nation received a notice saying, “People in Canada can’t see this content.” News information cannot be seen in Canada because of Canadian government legislation.
The blockade is being implemented gradually and has not yet reached all of the country’s news outlets, according to Meta.
In preparation for the adoption of the Online News Act, businesses have conducted experiments that limit access to news content for specific Canadian customers. Before the introduction of Bill C-18, commonly known as the Online News Act, Google, for example, censored Canadian and foreign news for a subset of Canadian customers. Similarly, Meta prohibited some users in the country from sharing and posting news.
Read: https://reclaimthenet.org/meta-starts-blocking-canadian-news-sites
Malicious Python Packages Target Windows Users on PyPI
Malicious packages are programs that are purposefully designed to harm machines or the data they process. Such packages might be disseminated via phishing emails, hijacked websites, or even legitimate software repositories.
Six malicious packages targeting Windows users were discovered on PyPI package manager by Prisma Cloud researchers in March 2023. These packages were designed to steal personal data, application credentials, and cryptocurrency wallet information.
Malicious packages can have severe consequences, such as secretly stealing valuable data, creating system interruptions, and even gaining control of entire systems. Furthermore, these malicious packages have the capability of spreading to other associated systems, causing broad harm and limiting production.
Read: https://unit42.paloaltonetworks.com/malicious-packages-in-pypi/
Elsewhere Online:
Cybersecurity Researchers Uncover Major Data Breach Across Multiple Dating Applications, Exposing Photos of 2.3M Dating App Users
Read: https://www.hackread.com/dating-app-users-database-pii-photos-leak/
Online Fanfiction Archive AO3 Disrupted by Extensive DDoS Attack
Read: https://www.hackread.com/archive-of-our-own-ao3-faces-ddos-attacks/
Tens of thousands of OpenAI credentials have been stolen and are being sold on the dark web
Read: https://www.bleepingcomputer.com/news/security/openai-credentials-stolen-by-the-thousands-for-sale-on-the-dark-web
Active attacks on WooCommerce Payments WP Plugin
Read: https://latesthackingnews.com/2023/07/20/woocommerce-payments-wp-plugin-flaw-goes-under-active-attack/
Mobile spyware WyrmSpy and DragonEgg are linked to China’s APT41
Read: https://www.darkreading.com/threat-intelligence/china-s-apt41-linked-wyrmspy-dragonegg-mobile-spyware
Previously on #AxisOfEasy
I believe the quote was MLK.
I thought is was Ghandi.
Freedom is never voluntarily given by the oppressor; it must be demanded by the oppressed.” By Karl Marx