Dark mode: ON

Infosec Decoded Season 4 #61: Infostealers

With @sambowne@infosec.exchange

Recorded Tue, July 30, 2024

Sam Bowne

MIT researchers advance automated interpretability in AI models
Imagine if we could directly investigate the human brain by manipulating each of its individual neurons to examine their roles in perceiving a particular object. “MAIA” (Multimodal Automated Interpretability Agent) automates a variety of neural network interpretability tasks on AI systems.
The automated agent is demonstrated to tackle three key tasks: It labels individual components inside vision models and describes the visual concepts that activate them, it cleans up image classifiers by removing irrelevant features to make them more robust to new situations, and it hunts for hidden biases in AI systems to help uncover potential fairness issues in their outputs.

How to Build a Quantum Artificial Intelligence Model – With Python Code Examples

From sci-fi to state law: California’s plan to prevent AI catastrophe
Critics say SB-1047, proposed by "AI doomers," could slow innovation and stifle open source AI.

Meta's AI safety system defeated by the space bar


People are overdosing on off-brand weight-loss drugs, FDA warns
Axe attack comes just days after arsonists target rail network

French internet cables cut in act of sabotage that caused outages across country

How Infostealers Pillaged the World’s Passwords
Infostealer malware is swiping millions of passwords, cookies, and search histories. It’s a gold mine for hackers—and a disaster for anyone who becomes a target. The malware, which often finds its way onto people’s machines through downloads of pirated software, can steal usernames and passwords, cookies, search history, financial information, and more from web browsers.

a CME arrives at Earth

“EchoSpoofing” — A Massive Phishing Campaign Exploiting Proofpoint’s Email Protection to Dispatch Millions of Perfectly Spoofed Emails
“EchoSpoofing” is a critical in-the-wild exploit of Proofpoint’s email protection service, responsible for securing 87 of the Fortune 100 companies. The critical flaw is that email relays accept emails that claim to come from Microsoft's Office365 without verifying ownership of the originating domain. Proofpoint has updated their systems to stop this attack.

Latest update for 'extremely fast' compression algorithm LZ4 sprints past old versions
On some hardware, LZ4 1.10 compresses data over five and up to nearly ten times faster than previous releases by using multiple CPU cores in parallel. Decompressing a 5GB text file locally takes 5 seconds with v1.9.4; this is reduced to 3 seconds in v1.10.0.

DigiCert mass-revoking TLS certificates due to domain validation bug
One of the methods used to validate domain ownership is to add a string with a random value in the DNS CNAME record on the certificate and then perform a DNS lookup for the domain to ensure the random values match. Per the CABF baseline requirements, a random value should be separated by the domain name with an underscore. This underscore was omitted for 0.4% of domain validations since 2019, so those customers must generate new Certificate Signing Requests (CSR) for their domains.

Loss of popular 2FA tool puts security-minded GrapheneOS in a paradox
GrapheneOS is an alterrnative Android ROM, intended to be veruy secure. But Android's Play Integrity API detects it as an untrusted OS, since it's not from Google. Therefore Authy, a popular two-factor authentication manager, won't run. There's no likely solution for this problem anytime soon.

Apple Intelligence beta lands in iOS 18.1, macOS 15.1 previews