Dark mode: ON

Infosec Decoded Season 4 #75: 23andNobody

With Doug Spindler and @sambowne@infosec.exchange

Recorded Fri, Sep 20, 2024

Sam Bowne

Google Cloud Document AI flaw (still) allows data theft despite bounty payout

Rice research could make weird AI images a thing of the past
AI models can completely fail when prompted to generate images at different image sizes and resolutions. The new approach, called ElasticDiffusion, uses noise with two data types: local and global. The local signal contains pixel-level detail information like the shape of an eye or the texture of a dog’s fur. The global signal contains more of an overall outline of the image. ElasticDiffusion separates the local and global signals into conditional and unconditional generation paths. This produces better images, but takes up to 6-9 times as long to make an image.

Seattle Port and Airport Cyberattack Takes Ransomware to Another Level
In a move applauded by cybersecurity experts and law enforcement, the Port refused to pay the ransom demanded. Rhysida is a Russian-speaking cyber crew that acts as a part-time cyber militia for the Russian regime. Russia has called upon these Ransomware gangs to act patriotically and launch destructive attacks against US critical infrastructure.

macOS Sequoia Update Causes Issues for Security Tools and VPNs

Chinese botnet infects 260,000 SOHO routers, IP cameras with malware

Every single member of the board just resigned from DNA tester 23andMe

CISA urges software devs to weed out XSS vulnerabilities