Dark mode: ON

Infosec Decoded Season 5 #30: DOGE Whistleblower

With Doug Spindler and sambowne@infosec.exchange

Recorded Fri, Apr 18, 2025

Politics

Trump Threatens To Revoke Harvard’s Tax-Exempt Status One Day After Garber Rejects Demands

Leaders of the House Ways and Means Committee Workforce warned that they were willing to strip Harvard of its tax-exempt status over its response to pro-Palestine protests on campus. Nonprofits, including most institutions like Harvard, are exempt from federal income taxes, but their status can be revoked if they operate outside of their stated purposes. Republicans have frequently levied that line of attack against Harvard, arguing that the University has strayed from its educational and research mission.

How Long Will Republicans Deny They Want to Cut Medicaid?

We have Republicans on their back foot. | Alexandria Ocasio-Cortez

Republican house members warned GOP leadership that they may not dare to vote for Medicaid cuts now.

Someone hacked the crosswalks in Seattle

Elon Musk’s Wild Plan to Father ‘Legion’ of Kids by Hitting Women Up on X Revealed

Infosec

A whistleblower's disclosure details how DOGE may have taken sensitive labor data

The DOGE team demanded and obtained high-privilege accounts, turned off logging, disabled two-factor authentication, and exfiltrated a large amount of data using DNS tunneling and other methods. When the NLRB security tech complained, a threatening note was taped to his door, including threatening language, sensitive personal information and overhead pictures of him walking his dog, apparently from a drone.

Within minutes after DOGE accessed the NLRB's systems, someone with an IP address in Russia started trying to log in, using one of the newly created DOGE accounts — and the person had the correct username and password,

The NLRB's acting press secretary, denied that the agency granted DOGE access to its systems and said DOGE had not requested access to the agency's systems. Bearese said the agency conducted an investigation after Berulis raised his concerns but "determined that no breach of agency systems occurred."

Europe's cloud customers eyeing exit from US hyperscalers

"There are three factors. The first is really the unreliability, because we see what Trump is doing and the danger is that things will be just switched off from one day to another for negotiation purposes. Then we see the whole question around pricing with the tariffs. And then the other thing is really the espionage factor. This is relatively new and surprising to me ... but now you see what Musk is doing, that you can access really confidential databases ... I think this is a realistic fear nowadays."

Alex Stamos’ Post Supporting Chris Krebs

Patrick Gray from the Risky Business podcast has cancelled his trip to RSA

"It's not worth the risk to travel to the USA under this administration"

A weird phrase is plaguing scientific papers – and we traced it back to a glitch in AI training data

Earlier this year, scientists discovered a peculiar term appearing in published papers: “vegetative electron microscopy.” It came from parsing errors in digitized papers from the 1950s, combining words from two columns together.

This ‘College Protester’ Isn’t Real. It’s an AI-Powered Undercover Bot for Cops

Massive Blue is helping cops deploy AI-powered social media bots to talk to people they suspect are anything from violent sex criminals all the way to vaguely defined “protesters.”

To Make Language Models Work Better, Researchers Sidestep Language

By performing reasoning in "latent space," the stage of computation that merely works in weights and signal strengths without resolving the answer to words (tokens), reasoning models can run far more efficiently.

LAPD Publishes Crime Footage It Got From a Waymo Driverless Car

Police are starting to realize they can demand footage from driverless cars.

CCSF is #3 out of 116 colleges on the eCTF Contest

OpenAI is building a social network

A social app would give OpenAI its own unique, real-time data that X and Meta already have to help train their AI models.

New Okta Platform features help control surge of non-human identities (NHI)

Most of the user identities in the modern workplace aren't human, and the number of NHIs is rapidly growing. Their passwords tend to not be regularly rotated, they often have more privileges than they need, they may not be adequately monitored, and they may not use multi-factor authentication (MFA). Even worse, a NHI can cause a very big mess if it's compromised, as it can give attackers a hidden, powerful way into a network.

Okta limits NHI's duration of privileges and access to secrets, rotates secrets, and audits access logs.

Monk Trapped in Fake Police Call, Loses Rs 2.5 Crore During 26-Day Virtual Arrest