Marcel Brown: November 9, 1922. Albert Einstein is named the winner of the 1922 nobel Prize for Physics for his explanation of the photoelectric effect. The Nobel Committee passed on several nominations for his many other seminal contributions, although these led to prizes for others who later applied more advanced technology to experimentally verify Einstein’s work.

Edwin Kwan: Security researchers have discovered modified versions of the Instant Messaging app being promoted and on website advertising on Telegram. Those versions contains suspicious components, such as a service and broadcast receiver, which cannot be found on the original WhatsApp client.

Katy Craig:  In the run up to the 2024 U. S. presidential election and key global elections, Russia, Iran, and China are expected to intensify their interference efforts, according to a Microsoft Threat Analysis report. Russia, in particular, is viewed as the most committed and capable threat to the upcoming U. S. election.

Ian Garrett: Artificial intelligence is reshaping the dynamics of cybersecurity, offering both opportunities and challenges. The survey by Axonius, conducted among IT and security decision makers, reveals that 76 percent of organizations are increasing their spending on AI and machine learning compared to the previous year.

 

The Stories Behind the Cybersecurity Headlines

 

Edwin Kwan
WhatsApp mods for Android May Contain Spyware

Modified versions of WhatsApp mods for Android have been found to contain spyware.

This is Edwin Kwan from Sydney, Australia.

Security researchers have discovered modified versions of the Instant Messaging app being promoted and on website advertising on Telegram. Those versions contains suspicious components, such as a service and broadcast receiver, which cannot be found on the original WhatsApp client.

Those components are found to activate the spyware module when the phone is either switched on or starts charging. It attempts to establish contact with a command and control server. before sending information about the compromised device.

The app sends the victim’s contact details to the server every five minutes. It also attempts to send files from any external storage along with recording files from the microphone and sending the recordings.

The command and control server is found to be in Arabic which indicates that the attacker is an Arabic speaker. Further analysis shows that the spyware has been active since August 2023, and the campaign has been primarily targeting users in Azerbaijan, Saudi Arabia, Yemen, Turkey, and Egypt.

It’s another reminder that we should only be using the official version for messaging services.

Resources
– Hacker News: https://thehackernews.com/2023/11/canesspy-spyware-discovered-in-modified.html

 

Katy Craig
Russia, Iran, and China: US 2024 Election Meddling Likely

In the run up to the 2024 U. S. presidential election and key global elections, Russia, Iran, and China are expected to intensify their interference efforts, according to a Microsoft Threat Analysis report. Russia, in particular, is viewed as the most committed and capable threat to the upcoming U. S. election.

This is Katy Craig in San Diego, California.

The report suggests that these authoritarian actors will employ new tactics, including the use of Generative AI to create sophisticated multimedia content. While China refrained from significant interference in the 2020 election, it has ramped up its activity since then.

The analysis highlights that influence campaigns will shift towards interference tactics targeting election processes and infrastructure as Election Day 2024 approaches.

Moscow, Tehran, and Beijing may also consider hack and leak operations as part of their influence strategies. Microsoft is taking five election security measures to safeguard electoral processes, including digital content authentication tools, advisory support for political campaigns, an election communications hub, and offering authoritative election information to voters.

They also intend to release regular reports on foreign influence efforts to enhance transparency.

This is Katy Craig, stay safe out there.

Resources
– Microsoft: https://blogs.microsoft.com/wp-content/uploads/prod/sites/5/2023/11/MTAC-Report-2024-Election-Threat-Assessment-11082023-2-1.pdf
– CBS News: https://www.cbsnews.com/news/russia-iran-china-likely-to-engage-in-new-election-interference-efforts-microsoft-analysis-finds/

 

Ian Garrett
Cyber Attackers and Defenders Enter an AI Arms Race

As AI technology continues to advance, cyber attackers and defenders are locked in an AI arms race. A recent survey by security company Axonius sheds light on the role of AI in cybersecurity and the challenges and opportunity it presents. Let’s explore the findings of the survey and discuss how AI is transforming the cybersecurity landscape.

Hey folks, this is Ian Garrett in Arlington, Virginia.

Artificial intelligence is reshaping the dynamics of cybersecurity, offering both opportunities and challenges. The survey by Axonius, conducted among IT and security decision makers, reveals that 76 percent of organizations are increasing their spending on AI and machine learning compared to the previous year.

This emphasizes the growing recognition of AI’s significance in strengthening cybersecurity measures.

Defenders are leveraging AI tools to identify and counter emerging threats. The survey indicates that over 85 percent of respondents express interest in applying AI in their organization’s IT and security operations in the coming year. This proactive approach highlights the industry’s recognition of AI as a valuable asset in the cybersecurity arsenal.

The survey also notes an interesting trend where organizations that have reduced their IT or security headcounts are turning to AI based tools. Approximately 39 percent of IT and security decision makers in such organizations report adopting AI tools to streamline tasks and cope with increased workloads. This suggests that AI is not just a strategic choice, but a practical solution to operational challenges.

The rapid advancement of AI technology raises concerns about an asymmetric advantage, with attackers potentially gaining an upper hand due to the defender’s slower adoption of the latest AI defense tools.

Experts note that the timing difference is a significant factor, as building robust cyber defense systems takes time compared to the quick deployment of AI powered tools by attackers. Experts highlight that AI represents a double edged sword in cybersecurity. While it can automate tasks and enhance efficiency, it can also be misused by cybercriminals.

The ability of AI to generate synthetic content at scale is identified as the top concern, especially in creating realistic online identities for malicious purposes. As attackers use AI to improve the language of phishing emails, defenders are rising to the challenge.

AI is becoming a tool not only for attackers, but also for defenders in detecting patterns in phishing emails and enhancing overall cybersecurity. The consensus is that AI can make both attackers strategies and defenders capabilities more sophisticated.

The fast paced and complex nature of AI raises questions about potential liabilities, especially regarding sensitive data. Some companies are limiting employee use of certain AI tools to avoid the disclosure of sensitive information.

The implementation of AI technologies requires careful consideration of risk and liabilities, with the cybersecurity industry actively developing frameworks and guidelines.

Resources
– CSO Online: https://www.csoonline.com/article/1230640/cyber-attackers-and-defenders-are-racing-to-up-their-ai-game.html

 

Marcel Brown
This Day, November 9, in Tech History

This is Mark Miller sitting in for Marcel Brown this week, bringing you some technology history for November 9.

November 9, 1922. Albert Einstein is named the winner of the 1922 Nobel Prize for Physics for his explanation of the photoelectric effect. During the selection process in 1921, the Nobel Committee for Physics decided that none of the year’s nominations met the criteria as outlined in the will of Alfred Nobel.

According to the Nobel Foundation statutes, the prize can, in such a case, be reserved until the following year. Einstein’s Nobel Prize award mainly recognized his 1905 discovery of the mechanisms of the photoelectric effect and for his services to theoretical physics. The Nobel Committee passed on several nominations for his many other seminal contributions, although these led to prizes for others who later applied more advanced technology to experimentally verify Einstein’s work.

November 9, 2004, The Mozilla Foundation releases, The Mozilla Foundation releases version 1. 0 of the Firefox web browser. Firefox is significant in internet history because it represented The first serious alternative to the dominance of Microsoft’s Internet Explorer in several years. By many estimations, Internet Explorer had risen to over 90 percent of the browser market share since the downfall of Netscape many years earlier.

It’s interesting to note, however, it’s interesting to note It’s interesting to note, however, that it was Netscape itself that started the Mozilla project when it released the source code to their Netscape communicator software in 1998. It was upon this code base that the foundations of Firefox were laid.

Firefox’s original name was Phoenix, seemingly in tribute to the fact that out of the ashes of the fallen Netscape, That’s your technology history for today. For more, tune in tomorrow or visit Marcel’s website, thisdayintechhistory. com.

Resources
– https://thisdayintechhistory.com/11/09