Dark mode: ON

Infosec Decoded Season 4 #90: Fake Subpoenas

With Doug Spindler and @sambowne@infosec.exchange

Recorded Tue, Nov 12, 2024

Sam Bowne

The Reckoning

Elon Musk suggests support for replacing democracy with government of ‘high-status males’

FBI: Spike in Hacked Police Emails, Fake Subpoenas
Cybercriminals are likely gaining access to compromised US and foreign government email addresses and using them to conduct fraudulent emergency data requests to US based companies. These EDRs largely bypass any official review and do not require the requester to supply any court-approved documents. Also, it is difficult for a company that receives one of these EDRs to immediately determine whether it is legitimate.

Stanford Scientists Overturn Mendel’s Law With Shocking Cancer Discovery
Small DNA circles — until recently dismissed as inconsequential — are major drivers of many types of human cancers. They are called ecDNA for extrachromosomal DNA, and apparently play a role in cancer metastasis.

Toyota says California-led EV mandates are ‘impossible’ as states fall short of goal
Regulations call for 35% of 2026 model-year vehicles, which will begin to be introduced next year, to be zero-emission vehicles.

Hackers now use ZIP file concatenation to evade detection
The malicious ZIP files contain two ZIP archives instead of one. Parsers handle them diffently:

  • 7zip only reads the first ZIP archive and may generate a warning about additional data, which users may miss
  • WinRAR reads and displays both ZIP structures, revealing all files, including the hidden malicious payload.
  • Windows File Explorer may fail to open the concatenated file or, if renamed with a .RAR extension, might display only the second ZIP archive.

Taylor Swift sparks outrage: ‘She should be sued for fraud’

Australia tells tots: No TikTok till you're 16... or X, Instagram and Facebook
The ban includes Instagram, TikTok, Facebook, X and YouTube. They will detect age with biometric facial analysis, voice analysis, and behavioral data to estimate user age without relying solely on traditional identification.

Windows 11 is adding a 'Share' button to the Start menu and Taskbar

Despite its impressive output, generative AI doesn’t have a coherent understanding of the world
Generative AI can provide turn-by-turn driving directions in New York City with near-perfect accuracy, but it doesn't have an accurate map of the city. By closing some streets and adding detours, researchers found that the New York maps the model implicitly generated had many nonexistent streets curving between the grid and connecting far away intersections.

Is “AI welfare” the new frontier in ethics?
Anthropic's new hire is preparing for a future where advanced AI models may experience suffering.