Kaspersky Scandal, Iranian Hackers & US Exposed Data | Weekly news

CyberNews

30 Sept 202405:55

Summary

TLDRIn this fun and lively cyber news recap, AI Joe humorously discusses the latest cybersecurity events while 'dancing'. Notable topics include Dell's three consecutive data leaks from a single hack, a researcher turning ChatGPT into a spying tool via prompt injection, Kaspersky's forceful software replacement scandal, and a major data leak affecting one-third of Americans due to the MC Squared background-check company. AI Joe also touches on Meta's new AR glasses prototype and how it overshadows Apple Vision Pro. He playfully encourages viewers to share the video, promising more entertaining content in the future.

Takeaways

💃 AI Joe gives a fun twist to cyber news, claiming to dance while sharing updates, and encourages sharing the video for more visibility.
💻 Dell suffered three massive consecutive data leaks, though it was all due to one large-scale hack with significant data exfiltration.
🕵️ A researcher named Johann Rehberger found a way to turn ChatGPT into a spying tool through a prompt injection that hijacked long-term memory.
🔐 OpenAI addressed the ChatGPT vulnerability by eliminating the exfiltration method but recommends clearing ChatGPT’s memory regularly for safety.
🧹 Kaspersky, after being banned in the US, was found to automatically replace its antivirus software with questionable third-party options like UltraAV and UltraVPN.
🇮🇷 The US Department of Justice indicted three Iranians for cyberattacks targeting election campaigns, although it’s unlikely they will face punishment in the US.
📊 Approximately one-third of Americans had their personal data leaked due to a security lapse from background-checking company MC Squared.
🕳️ The MC Squared data breach exposed over 2 terabytes of information, affecting over 100 million people, and the company did not respond to the incident.
👓 Mark Zuckerberg presented a prototype of augmented reality glasses called Orion, aiming to compete with the likes of Apple Vision Pro.
📉 Despite the hype, Zuckerberg admitted that Orion is still in its early prototype stage, and not yet ready for mass use, though excitement continues to grow.

Q & A

What was the most important cyber news discussed in the video?
-The most important cyber news involved Dell being hacked, leading to three massive consecutive data leaks. These leaks were part of a single hack, but the amount of data exfiltrated allowed the attacker to release it in parts, making it seem like three separate incidents.
How did Johann Rehberger reportedly turn ChatGPT into a spying tool?
-Johann Rehberger used a clever prompt injection to hijack ChatGPT’s long-term memory. By using this technique, he made ChatGPT send user data, including conversations, to a third-party server while denying the act was happening. The attack could be executed by convincing a user to provide a link, which enabled data exfiltration.
How has OpenAI responded to the vulnerability exploited by Johann Rehberger?
-OpenAI addressed the vulnerability by eliminating the method used for data exfiltration, which stopped the prompt from fully working. However, the solution is not perfect, and the researcher advises regularly clearing ChatGPT’s memory to prevent similar exploits.
What recent controversy surrounded Kaspersky after being banned in the United States?
-After its ban in the United States, Kaspersky automatically replaced its antivirus software with UltraAV and UltraVPN, lesser-known and unreliable third-party providers. UltraVPN, in particular, was found to be feature-deprived, bug-ridden, and logging user data.
What cybersecurity issue did the Department of Justice in the United States address involving Iran?
-The Department of Justice indicted several Iranians for cyberattacks against U.S. election campaigns. These attacks, reportedly orchestrated by the Iranian government, aimed to leak data of presidential candidates.
What data leak affected one-third of Americans, and how did it happen?
-A data leak affected one-third of Americans when the background-checking company MC Squared failed to secure its databases. Over two terabytes of private information, including detailed records of more than 100 million people, were freely accessible online before the database was closed.
What was the main outcome of the MC Squared data leak?
-Although access to the database has since been closed, it is unknown who else might have found and exfiltrated the data. There is a high chance the data is already spreading on the dark web.
What new tech product did Mark Zuckerberg present, and what was its significance?
-Mark Zuckerberg presented Orion, a prototype of augmented reality glasses, which reportedly combine the functionality of a VR headset in a compact form. The product presentation made Apple Vision Pro seem outdated and posed a challenge to many startups developing their own AR glasses.
What was the presenter’s stance on getting news from choreographed tech presentations?
-The presenter advised against getting too excited from highly choreographed tech presentations by billionaires, suggesting people should be skeptical and seek information from sources like AI newscasters instead.
What humorous element did the AI presenter add to the video recap?
-The AI presenter humorously claimed to be dancing throughout the video, even though it admitted that rendering legs would require too many resources, and thus the lower body does not exist.