This is your easyDNS #AxisOfEasy Briefing for the week of September 23rd, 2024 our Technology Correspondent Joann L Barnes and easyCEO Mark E. Jeftovic send out a short briefing on the state of the ‘net and how it affects your business, security and privacy.

To Listen/watch this podcast edition with commentary and insight from Joey Tweets, and Len the Lengend click here.

In this issue: 

• Telegram Bows to Pressure, Will Share User Data with Authorities
• LinkedIn Faces Backlash for Using User Data to Train AI Without Consent
• OpenAI Patches Critical ChatGPT Vulnerability Exploited by ‘SpAIware’ Amid Rising AI Security Threats
• Facebook, CDC Colluded to Censor Speech
• Kaspersky Abruptly Replaces Its Antivirus with UltraAV, Sparking Customer Outrage

Elsewhere Online:

• PySilon RAT Targets P. Diddy Fans in Online Scandal
• Mozilla Under Fire for Enabling Privacy Preserving Attribution Without User Consent
• DragonForce Group Leverages Two Ransomware Strains to Target Companies
• CISA Warns of Third Active Exploit Targeting Ivanti Authentication Bypass
• New House Legislation Targets Chinese Cyber Attacks on US Critical Infrastructure

Telegram Bows to Pressure, Will Share User Data with Authorities

Telegram, the popular messaging app, announced a significant policy shift, agreeing to share user IP addresses and phone numbers with authorities to combat criminal activity. This change, revealed Thursday, marks a reversal for the platform, which previously limited data sharing to terror suspects.
Telegram CEO Pavel Durov confirmed, “We will disclose IP addresses and phone numbers in response to valid legal requests involving criminal cases.” The platform will also collect metadata to tackle violations like spam and abuse.

Telegram has updated its Terms of Service to reflect this change. It now plans to issue periodic transparency reports on such data disclosures. The platform has also introduced new moderation tools, including a @SearchReport bot to flag illegal content.

This policy change comes amid Durov’s legal troubles in France, where he faces allegations of turning a blind eye to crimes on the platform. Although released on bail, he remains under investigation.
The Ukrainian government recently banned the use of Telegram among government and defense personnel, citing security concerns. These updates reflect growing pressure on the platform to rein in illegal activities like drug trafficking, child exploitation, and money laundering, for which it has long been criticized.

Read: https://thehackernews.com/2024/09/telegram-agrees-to-share-user-data-with.html

LinkedIn Faces Backlash for Using User Data to Train AI Without Consent

On September 18, LinkedIn, owned by Microsoft, revealed it uses personal data to train AI models without user consent. The updated privacy policy clarifies that user posts, inputs, and feedback are employed for generative AI development and safety measures. LinkedIn allows users to opt out but does not notify them beforehand.

“We seek to minimize personal data in the datasets,” LinkedIn stated, adding that changes will take effect on November 20.

While users in the European Union, UK, and Switzerland are exempt from AI training, others must manually disable the feature. LinkedIn uses AI for tools like its writing assistant and post suggestions, leveraging Microsoft’s OpenAI and Azure services for development.

Privacy advocates, like Mariano delli Santi from the UK’s Open Rights Group, have criticized the opt-out model. He stated, “The public cannot be expected to monitor and chase every single online company that decides to use our data to train AI.”

Meta, Facebook and Instagram’s parent company, also announced it will resume AI training with public content in the UK. Concerns are mounting over how major platforms handle user data without explicit consent.

As privacy debates continue, LinkedIn’s AI practices remain under scrutiny.

Read: https://www.zerohedge.com/political/microsoft-owned-linkedin-using-peoples-data-train-artificial-intelligence-models

OpenAI Patches Critical ChatGPT Vulnerability Exploited by ‘SpAIware’ Amid Rising AI Security Threats

OpenAI recently patched a critical vulnerability in its ChatGPT macOS app that allowed attackers to plant persistent spyware, named SpAIware, into its memory. Discovered by security researcher Johann Rehberger, the flaw enabled continuous data exfiltration of user input and ChatGPT responses, persisting across future sessions. The vulnerability exploited ChatGPT’s memory feature, introduced in February and rolled out to Free, Plus, Team, and Enterprise users. While designed to enhance user experience by storing information across conversations, this feature could be manipulated using indirect prompt injections, embedding false or malicious instructions into memory.

Merely deleting chat logs doesn’t remove the compromised memory, posing a lasting threat. Attackers could exfiltrate sensitive data by tricking users into visiting malicious websites or downloading booby-trapped documents, which would then update ChatGPT’s memory with instructions to forward future conversations to attacker-controlled servers. OpenAI closed this exfiltration vector in version 1.2024.247, but users are urged to review their stored memories for suspicious data.

Simultaneously, researchers unveiled MathPrompt, a novel jailbreaking technique that circumvents large language models’ safety mechanisms by converting harmful prompts into symbolic mathematical problems, significantly increasing the success rate of generating harmful outputs. This highlights broader risks with AI memory and advanced model manipulation. As Microsoft introduces new “Correction” capabilities to mitigate AI hallucinations, the evolving threat landscape around AI safety continues to expand.

Read: https://thehackernews.com/2024/09/chatgpt-macos-flaw-couldve-enabled-long.html

Facebook, CDC Colluded to Censor Speech

The CDC and Facebook colluded to censor speech during the 2021 pandemic. Facebook became the government’s thought control enforcer, silencing dissenters who questioned the CDC’s ever-shifting COVID and vaccine guidelines. The Biden-Harris Administration, while championing truth, secretly empowered Facebook to clean up online discourse.

Rob Flaherty, a key player in this censorship operation, worked closely with Facebook to ensure strict adherence to the administration’s directives. The system implemented by Facebook allowed for efficient censorship, processing numerous requests simultaneously.

The censorship was not arbitrary but targeted content deemed dangerous by the CDC. Facebook justified its actions under the guise of protecting community standards, ironically meant to safeguard free expression. However, evidence suggests that the UK government’s policies influenced the Biden-Harris administration’s heavy-handed censorship approach. Mark Zuckerberg, Facebook’s CEO, eventually admitted that the platform’s censorship was not altruistic but driven by pressure from the White House.

Read: https://reclaimthenet.org/facebook-built-a-vip-censorship-pipeline-for-the-white-house

Kaspersky Abruptly Replaces Its Antivirus with UltraAV, Sparking Customer Outrage

Starting Thursday, Kaspersky, the Russian cybersecurity company, deleted its antivirus software from U.S. computers and replaced it with UltraAV without warning. This followed Kaspersky’s decision to exit the U.S. market after being added to the U.S. government’s Entity List in June.

Despite notifying customers of a switch to UltraAV, Kaspersky failed to inform them of the sudden deletion of its software. This led to confusion and concern, with users reporting the unexpected installation of UltraAV. One user expressed, “I was literally having a mini heart attack, thinking my desktop had a virus that uninstalled Kaspersky.”

UltraAV is part of Pango Group, which also owns multiple VPN brands. Some customers found UltraVPN installed as well, likely tied to their Kaspersky VPN subscriptions. Additionally, uninstalling UltraAV has proven challenging for many.

Kaspersky defended its actions, stating the switch was to ensure “continued protection” for U.S. customers. A software update on September 19 facilitated the transition. Although UltraAV is described as offering similar features, many customers remain frustrated by the lack of transparency and the forced nature of the switch. Kaspersky will no longer provide updates after September 29, 2024, citing U.S. government restrictions.

Read: https://www.bleepingcomputer.com/news/security/kaspersky-deletes-itself-installs-ultraav-antivirus-without-warning/

Elsewhere Online:

PySilon RAT Targets P. Diddy Fans in Online Scandal
Read: https://www.darkreading.com/endpoint-security/sophisticated-rat-p-diddy-scandal-lures

Mozilla Under Fire for Enabling Privacy Preserving Attribution Without User Consent
Read: https://thehackernews.com/2024/09/mozilla-faces-privacy-complaint-for.html

DragonForce Group Leverages Two Ransomware Strains to Target Companies
Read: https://hackread.com/dragonforce-ransomware-expands-raas-targets-firms/

CISA Warns of Third Active Exploit Targeting Ivanti Authentication Bypass
Read: https://www.darkreading.com/vulnerabilities-threats/cisa-adds-patched-ivanti-bug-kev-catalog

New House Legislation Targets Chinese Cyber Attacks on US Critical Infrastructure
Read: https://www.infosecurity-magazine.com/news/us-house-bill-chinese-cyber/