A security flaw has been disclosed in OpenWrt's Attended Sysupgrade (ASU) feature that, if successfully exploited, could have been abused to distribute malicious firmware packages.
The vulnerability, tracked as CVE-2024-54143, carries a CVSS score of 9.3 out of a maximum of 10, indicating critical severity. Flatt Security researcher RyotaK has been credited with discovering and reporting the

Critical OpenWrt Vulnerability Exposes Devices to Malicious Firmware Injection

Care1, a Canadian healthcare solutions provider left a cloud storage instance freely accessible and unencrypted for anyone to find.

Your main business is healthcare, so your excuse when you get hacked is that you didn’t have the budget to secure your network. Am I right?

So, in order to prevent a ransomware gang from infiltrating your network, you could just give them what they want—all your data.

The seemingly preferred method to accomplish this is to leave the information unprotected and unencrypted in an exposed Amazon S3 bucket.

An S3 bucket is like a virtual file folder in the cloud where you can store various types of data, such as text files, images, videos, and more. There is no limit to the amount of data you can store in an S3 bucket, and individual instances can be up to 5 TB in size.

Security researcher Jeremiah Fowler is always looking for exposed cloud storage. And recently he found one that contained over 4.8 million documents with a total size of 2.2 TB.

He soon found out that it belonged to a Canadian company offering AI software solutions to support optometrists in delivering enhanced patient care, called Care1. Care1 Canada provides software tools that “take patient care to the next level.”

The information Jeremiah found included eye exam results, which detailed patient PII, doctor’s comments, and images of the exam results. The database also contained lists of patients which included their home addresses, Personal Health Numbers (PHN), and details regarding their health.

In the Canadian healthcare system, a Personal Health Number (PHN) is a unique lifetime identifier that is used to share a patient’s health information among healthcare providers.

This type of healthcare information can be used in phishing attacks, identity theft, and can cause health privacy issues. Ransomware gangs know this is highly coveted, which is why ThreatDown numbers regularly show that 5 to 6% of ransomware attacks are targeting the healthcare industry.

**We don’t just report on threats – we help safeguard your entire digital identity**

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.

 4.8 million healthcare records left freely accessible 

Small, easily weaponizable drones have become a feature of battlefields from the Middle East to Ukraine. Now the threat looms over the US homeland—and the Pentagon's ability to respond is limited.

A spectre is haunting the United States—the spectre of drone warfare.

Since the middle of November, unidentified unmanned aerial vehicles have lit up the skies above New Jersey, startling residents and baffling military and government officials. The US Army’s Picatinny Arsenal research and manufacturing facility in the state’s Morris County reported 11 confirmed instances of mysterious drones illegally entering its airspace since the middle of the month, while a dozen drones were spotted hovering over US Naval Weapons Station Earle in Monmouth County in early December. Similar sightings were reported in at least six other counties throughout the state; according to the Coast Guard, a group of drones even followed one of the service’s vessels “in close pursuit” near a state park.

The spate of drone sightings in the skies above New Jersey have caused alarm among state lawmakers, prompting one to call for a “limited state of emergency … until the public receives an explanation” regarding the source of the unidentified drones. One Republican US congressman even claimed the drones were originating from an Iranian “mothership” lurking off of the state’s coastline, an assertion the US Defense Department quickly batted down.

“As you know, Joint Base McGuire-Dix-Lakehurst possess \[sic\] capabilities to identify and take down unauthorized unmanned aerial systems and have utilized this capability to address overflights of the installation,” New Jersey representative Chris Smith told Defense Secretary Lloyd Austin in a December 10 letter. “I urgently request all capabilities possessed by the Department of Defense, especially those in use by JBMDL to be immediately deployed to identify and address the potential threats posed by \[drones\] over the state of New Jersey.”

Despite the growing chorus of concern from New Jersey lawmakers, the US military appears relatively unimpressed with the sudden incursions. In a December 11 statement, US Northern Command (NORTHCOM) revealed that the command had “conducted a deliberate analysis of the events, in consultation with other military organizations and interagency partners, and at this time we have not been requested to assist with these events.” The following day, White House national security communications adviser John Kirby stated that many of the alleged drone sightings that had alarmed civilian observers on the ground in recent weeks were, in fact, conventional manned aircraft. The Federal Bureau of Investigation and Department of Homeland Security echoed this assessment in a statement on Thursday, saying, “it appears that many of the reported sightings are actually manned aircraft, operating lawfully. There are no reported or confirmed drone sightings in any restricted air space.”

“At this time, we have no evidence that these activities are coming from a foreign entity or the work of an adversary. We're going to continue to monitor what is happening,” deputy Pentagon press secretary Sabrina Singh told reporters on Wednesday. “At no point were our installations threatened when this activity was occurring." (In an interesting confluence of events, the US Department of Justice that same day announced the arrest of a Chinese citizen for flying a drone over and taking photos of Vandenberg Space Force Base in California.)

The alarm over the sudden drone incursions over New Jersey, neighboring New York and Pennsylvania, and near sensitive US government sites in particular, even if overblown, isn’t completely unwarranted: Officials at North American Aerospace Defense Command (NORAD)—the joint US-Canadian military organization tasked with overseeing air sovereignty on the continent—revealed in October that they had received reports of nearly 600 incursions above domestic US military installations since 2022.

The issue is, US law severely limits how the US military can respond to these mysterious drones—even if the number of incidents has been growing for years.

Indeed, for several months earlier this year, unidentified drones repeatedly circled Plant 42 in California, the Edwards Air Force Base installation where defense contractor Northrop Grumman has been working on the Air Force’s vaunted new B-21 Raider stealth bombers. In December 2023, Langley Air Force Base in Virginia was targeted by a wave of mysterious drone overflights, prompting the Pentagon to relocate a contingent of F-22 Raptor fighter jets stationed there to another base. And the New Jersey incidents come on the heels of a mid-November series of drone incursions near RAF Lakenheath in the United Kingdom, which, while not a US domestic installation, hosts a strategically-important contingent of American fighter jets, among other capabilities.

It appears that Pentagon assets in the continental United States have been subject to such drone activity as far back as 2019, when a fleet of US Navy Arleigh Burke-class destroyers was shadowed by a swarm of drones for several days during maneuvers at a training range off the coast of southern California. Later that year, a series of mysterious drone sightings in eastern Colorado and western Nebraska and Kansas confounded not just local law enforcement and federal agencies, but alarmed Air Force officers at nearby F.E. Warren Air Force Base in Wyoming, home to one of the Pentagon’s many Minuteman III ICBM fields.

These incidents aren’t limited to US military facilities. In October 2023, several drones were detected in the airspace above the US Energy Department’s Nevada National Security Site, which is used for nuclear research and development, the Wall Street Journal recently reported. And back in 2019, the Palo Verde Nuclear Generating Station in Arizona—the most powerful nuclear power plant in the United States—was subject to a series of mass drone incursions that Nuclear Regulatory Commission officials would later characterize as a “drone-a-palooza,” albeit with grave concern over the potential vulnerability exposed by the incursion, according to email correspondence obtained by The War Zone in 2020.

“I would point out that restricted airspace will do nothing to stop an adversarial attack and even the detection systems identified earlier in this email chain have limited success rates, and there is even lower likelihood that law enforcement will arrive quickly enough to actually engage with the pilots,” one senior NRC security official at Palo Verde wrote in an email regarding the incident. “We should be focusing our attention on getting Federal regulations and laws changed to allow sites to be defended and to identify engineering fixes that would mitigate an adversarial attack before there our \[sic\] licensed facilities become vulnerable.”

While unmanned aerial vehicles have been in military use for generations for surveillance and reconnaissance, the US military is largely responsible for transforming modern drones into vehicles of precision violence during the early years of the Global War on Terrorism, a policy especially expanded under US president Barack Obama. In more recent years, the rise of cheap, commercially-available unmanned platforms like those used by hobbyists has turned the small drone into the weapon of choice for both nation states and irregular forces abroad, from militant groups like ISIS In Iraq and Syria and the Iran-backed Houthi rebels in Yemen to the Russian and Ukrainian militaries. With a potential conflict with China over Taiwan looming on the horizon amid the US military’s pivot to “great power competition,” the Pentagon is itself in the midst of a major surge in both unmanned capabilities and technology to defend against weaponized drones belonging to foreign adversaries.

The US military has been slowly but surely adjusting to the sudden spike in mysterious drone incursions near sensitive sites across the United States with an expanded counter-drone strategy. In early December, Defense Secretary Lloyd Austin signed the Pentagon’s new Strategy for Countering Unmanned Systems, which seeks to unify disparate DoD efforts to address the rise of drone threats both at home and abroad into a single coherent framework, one that implicitly acknowledges the potential for the rising tide of domestic drone threats to grow from intrusive surveillance risks to something more damaging.

“From the Middle East to Ukraine and across the globe—including in the US homeland—unmanned systems are reshaping tactics, techniques, and procedures; challenging established operational principles; and condensing military innovation cycles,” the unclassified fact sheet on the new Pentagon strategy states. “The relatively low-cost, widely available nature of these systems has, in effect, democratized precision strike.”

The Pentagon has been working overtime to field fresh counter-drone capabilities to US forces deployed overseas in recent years, including traditional firearms outfitted with computerized optics and remotely operated vehicle-mounted heavy weapons turrets, laser-guided rocket and missile systems, AI-assisted kinetic interceptors, radio frequency- and Global Positioning System-jamming electronic warfare suites, and even exotic directed energy weapons like high-energy lasers and high-powered microwaves, among others. As recently as late October, NORTHCOM was working in conjunction with the Federal Aviation Administration to demo fresh counter-drone tech as part of its Falcon Peak 2025 experiment at Fort Carson in Colorado.

“By all indications, \[small unmanned aerial systems\] will present a safety and security risk to military installations and other critical infrastructure for the foreseeable future,” NORTHCOM boss Air Force general Gregory Guillot told reporters at the time. “Mitigating those risks requires a dedicated effort across all federal departments and agencies, state, local, tribal and territorial communities, and Congress to further develop the capabilities, coordination and legal authorities necessary for detecting, tracking and addressing potential sUAS threats in the homeland.”

But US military officials also indicated to reporters that the types of counter-drone capabilities the Pentagon may be able to bring to bear for domestic defense may be limited to non-kinetic “soft kill” means like RF and GPS signal jamming and other relatively low-tech interception techniques like nets and “string streamers” due to legal constraints on the US military’s ability to engage with drones over American soil.

“The threat, and the need to counter these threats, is growing faster than the policies and procedures that \[are\] in place can keep up with,” as Guillot told reporters during the counter-drone experiment. “A lot of the tasks we have in the homeland, it’s a very sophisticated environment in that it’s complicated from a regulatory perspective. It’s a very civilianized environment. It’s not a war zone.”

Defense officials echoed this sentiment during the unveiling of the Pentagon’s new counter-drone strategy in early December.

“The homeland is a very different environment in that we have a lot of hobbyist drones here that are no threat at all, that are sort of congesting the environment,” a senior US official told reporters at the time. “At the same time, we have, from a statutory perspective and from an intelligence perspective, quite rightly, \[a\] more constrained environment in terms of our ability to act.”

The statute in question, according to defense officials, is a specific subsection of Title 10 of the US Code, which governs the US armed forces. The section, known as 130(i), encompasses military authorities regarding the “protection of certain facilities and assets from unmanned aircraft.” It gives US forces the authority to take “action” to defend against drones, including with measures to “disrupt control of the unmanned aircraft system or unmanned aircraft, without prior consent, including by disabling the unmanned aircraft system or unmanned aircraft by intercepting, interfering, or causing interference with wire, oral, electronic, or radio communications used to control the unmanned aircraft system or unmanned aircraft” and to “use reasonable force to disable, damage, or destroy the unmanned aircraft system or unmanned aircraft.”

As The War Zone points out, 130i limits when and where the US military can actually deploy counter-drone assets outside of immediate self-defense in the face of an imminent threat. Notably, it requires the defense secretary to “coordinate” with both the US transportation secretary and Federal Aviation Administration (FAA) administrator regarding any counter-drone implementation that “might affect aviation safety, civilian aviation and aerospace operations, aircraft airworthiness, or the use of airspace.” Not only that, but 130i authority is only applicable to a specific list of installations, mainly those dealing with nuclear deterrence and missile defense functions of the US national security apparatus.

This, in turn, limits what kinds of counter-drone systems the US military can actually employ domestically. Service members may be up to their eyes in fresh counter-drone tech overseas, but the regulatory environment at home is rigid enough that “hard kill” solutions like missiles, guns, and other kinetic interceptors aren't even considered potential options because there’s simply too much risk that they might end up inflicting collateral damage on innocent, unsuspecting civilians in nearby neighborhoods. Even “soft kill” solutions like RF and GPS jamming require coordination with the FAA and other federal agencies to prevent potential harm to civilian air travel, approvals that could slow down the reaction time among base security forces amid a potential drone incursion.

“Given the impact of GPS denial, just across infrastructure and all that stuff, it is a very, very difficult capability to get permissions to utilize,” as one official told The War Zone at Falcon Peak.

While the Pentagon’s broad new counter-drone strategy is a step in the right direction when it comes to bolstering domestic drone defenses, Congress is taking action as well. In the compromise version of the annual National Defense Authorization Act defense budget legislation unveiled in December, lawmakers included language calling upon the Pentagon to not just conduct an assessment of the counter-drone technology landscape at large, but generate recommendations on how policy changes could reduce the amount of burdensome bureaucratic coordination between federal agencies required to address the growing number of drone incursions—and, in an ideal world, allow the US military to move quickly and decisively to counter intrusive drones at sensitive installations before they become dangerous.

“We agree that US troops have the inherent right of self defense, including from \[drone\] attacks, wherever they may be,” the explanatory statement accompanying the compromise NDAA says.

At the moment, the Pentagon seems unconvinced that the Northeast drone sightings and earlier incursions are connected to a foreign adversary. But with lawmakers increasingly concerned with the potential threat to sensitive installations and critical infrastructure in their states, the US military’s renewed approach to counter-drone defense can’t come soon enough.

Why the US Military Can't Just Shoot Down the Mystery Drones

Learn how blockchain and smart contracts improve cybersecurity factors in online transactions, remove the element of fraud, and…

Learn how blockchain and smart contracts improve cybersecurity factors in online transactions, remove the element of fraud, and promote trust with automation and transparency.

In this connected age, where data breaches and online fraud are rising concerns, blockchain technology and smart contracts have become powerful solutions for secure transactions. Their ability to provide transparency, remove middlemen, and enable fraud-resistant mechanisms has made them a key part of today’s financial systems and more.

****How Blockchain Builds a Secure Foundation****

Blockchain is best known as the technology behind cryptocurrencies like Bitcoin and Ethereum, but its uses go well beyond digital currencies. It works as a decentralized ledger, recording transactions across multiple points in a network, which makes it incredibly secure and nearly impossible for cybercriminals to tamper with or hack.

When it comes to digital payments, this decentralization is key. Traditional payment systems rely on central authorities, which are vulnerable to malware attacks, breaches and fraud.

Blockchain, on the other hand, distributes the transaction record across a network, reducing the risk of a single point of failure. The stability of blockchain also means that once a transaction is recorded, it cannot be changed, adding another layer of trust and accountability.

****The Role of Smart Contracts****

Smart contracts take blockchain’s security a step further. These self-executing agreements operate based on established criteria rules written into code. Once the conditions are met, the contract automatically executes, removing the need for intermediaries.

For example, imagine buying a digital service. A smart contract can be programmed to release payment only when the service is delivered and verified. This reduces the risk of fraud and disputes, as the terms are enforced automatically.

Another benefit is efficiency. By automating processes, smart contracts not only save time but also reduce costs associated with manual verification and third-party oversight. This makes them especially appealing for industries like supply chain management, insurance, and real estate, where trust and speed are paramount.

However, security vulnerabilities have also affected smart contracts, which need to be addressed by skilled blockchain developers or specialized auditing teams. According to Onchainpay, a European secure cryptocurrency payment gateway, smart contract vulnerabilities are one single major factor that continues to pose security risks within the blockchain infrastructure.

A recent systematic literature review identified 101 distinct vulnerabilities in Ethereum smart contracts, categorized into ten groups. In particular, in the first quarter of 2024 alone, exploits targeting these vulnerabilities resulted in nearly $45 million in losses across 16 incidents, averaging $2.8 million per exploit.

****Real-World Applications****

Nevertheless, despite ups and downs, Blockchain and smart contracts are already being used to secure payments and transactions globally. As noticed by Halborn, Microsoft, JPMorgan Chase, Walmart, IBM and Amazon are just some major examples.

In international payments, they enable faster and more transparent transfers without the hefty fees associated with traditional banking. In e-commerce, smart contracts can automate escrow services, protecting both buyers and sellers.

Even outside of payments, blockchain is enhancing security. From safeguarding healthcare records to verifying the authenticity of luxury goods, its applications are vast.

****What This Means for Businesses****

As cybersecurity threats grow, businesses opting for blockchain and smart contracts gain a competitive advantage in security and efficiency. For consumers, this means safer and more reliable transactions.

While the technology isn’t without challenges, such as regulatory hurdles and technical complexity, its benefits are clear. Businesses looking to adopt secure payment systems should consider solutions that leverage blockchain and smart contracts to protect their data and enhance trust in their transactions.

1.  **6 of the Best Crypto Bug Bounty Programs**
2.  **5 Platforms for Identifying Smart Contract Vulnerabilities**
3.  **Growing Importance of Secure Crypto Payment Gateways**
4.  **Best Crypto Marketing Agencies for Web3 Security Brands**
5.  **Why Hosting firms have started accepting crypto payments**
6.  **Top 5 Platforms for Identifying Smart Contract Vulnerabilities**

The Role of Blockchain and Smart Contracts in Securing Digital Transactions

The U.S. Department of Justice (DoJ) has indicted 14 nationals belonging to the Democratic People's Republic of Korea (DPRK or North Korea) for their alleged involvement in a long-running conspiracy to violate sanctions and commit wire fraud, money laundering, and identity theft by illegally seeking employment in U.S. companies and non-profit organizations.
"The conspirators, who worked for

DoJ Indicts 14 North Koreans for $88M IT Worker Fraud Scheme Over Six Years

As the adoption of LCNC grows, so will the complexity of the threats organizations face.

Source: ArtemisDiana via Alamy Stock Photo

COMMENTARY

As organizations lean into low-code/no-code (LCNC) platforms to streamline development and empower citizen developers, security risks become increasingly challenging to manage. One of the more under-the-radar LCNC threats is OData injection, an attack vector that can expose sensitive corporate data and is predominant on the Microsoft Power Platform. This new vulnerability is poorly understood by security professionals in LCNC environments, where traditional safeguards are lacking.

**What Is OData? **

OData, or Open Data Protocol, is an OASIS standard that has gained traction in LCNC platforms as a way to manage and deliver data through REST APIs. It's widely adopted because it allows seamless communication between applications and data sources, regardless of the underlying data storage model. In LCNC environments, it is commonly used as a query language to retrieve data from a variety of sources, such as SQL databases, SharePoint, or Dataverse.

OData is particularly valuable in LCNC platforms because of its simplicity — developers don't need to be database experts to use it, and the same query language can be used for very different data sources. 

**The OData Injection Threat**

OData injection manipulates user input that is later used by an application or automation to form an OData query. The query is then applied to an enterprise data source. This allows an attacker to gain unauthorized access to manipulate or exfiltrate sensitive user and corporate data. 

While SQL injection (SQLi) is generally understood by security professionals, OData injection poses a different set of challenges, especially in LCNC environments, where multiple data sources are often connected and managed by citizen developers with minimal security training. Unlike SQLi, which is confined to relational databases, OData can connect to a wide array of data sources, including custom applications and third-party services, broadening the potential impact of an attack. 

OData also lacks the well-established security practices that have been developed for SQL. For example, SQLi can typically be mitigated with parameterized queries, a practice that has become standard over the years. OData injection, however, doesn't have a similar one-size-fits-all solution. Developers must create custom input validation mechanisms — a manual and error-prone process. In addition, the general lack of awareness of OData injection techniques further reduces the likelihood that custom validation methods will be implemented. 

**A New External Attack Surface**

OData vulnerabilities in LCNC environments often stem from the unrecognized risks associated with external data inputs. These are frequently integrated into workflows that manipulate critical enterprise data, including Web forms, email messages, social media, and external Web applications. These inputs typically are accepted without stringent validation, leaving the attack surface vulnerable and often undefended, as developers and security teams may overlook these sources as potential risks.  

This oversight allows attackers to exploit these inputs by injecting malicious OData queries. For instance, a simple product feedback form could be exploited to extract sensitive data or modify stored information. 

**Security Challenges **

Because most citizen developers don't have formal security training and are often unfamiliar with the dangers of accepting unchecked external inputs in their workflows, OData Injection vulnerabilities can flourish undetected.

Also, unlike SQL injection, validating user inputs in OData queries requires a more hands-on approach. Developers must manually sanitize inputs — removing harmful characters, ensuring proper formatting, and guarding against common injection techniques. This process takes time, effort, and more advanced programming knowledge that most LCNC developers lack.

Furthermore, in traditional development environments, security vulnerabilities are often tracked and remediated through ticketing systems or backlog management tools like Jira. This formal process does not exist in most LCNC development environments, where developers may not be full-time coders and have no formalized way to handle bug tracking or vulnerability management.

**Mitigation Best Practices**

Combating OData injection requires a proactive security strategy. Ideally, LCNC developers should be trained on OData query risks and how external inputs could be exploited. This is unrealistic, since citizen developers aren't full-time coders. 

Instead, automation can play a significant role in monitoring and detecting OData injection vulnerabilities. Security teams should deploy tools that continuously assess LCNC environments for potential vulnerabilities, especially as new applications and workflows are created. This will help identify weaknesses early and quickly provide developers with actionable insights into how to fix them.

Collaboration between security teams and LCNC developers is another essential piece of the puzzle. Security teams should be granted access to monitor the development process in real-time, particularly in environments where critical corporate data is being processed. When vulnerabilities are identified, security must communicate clearly with developers, offering specific guidance on how to remediate issues. This could include best practices for input validation and sanitation, as well as tools for automating the process where possible.

Lastly, security should be integrated into the LCNC development life cycle. Much like the "shift-left" movement in traditional software development, security checks should be built into the LCNC workflow from the outset. Automated testing tools can be leveraged to scan for vulnerabilities as applications are being built, reducing the likelihood of OData injection vulnerabilities slipping through the cracks.

As the adoption of LCNC continues to grow, so will the complexity of the threats organizations face. Addressing LCNC vulnerabilities like OData injection now will help keep enterprises safe in the long run.

**About the Author**

CTO & Co-Founder, Nokod Security

Amichai Shulman, chief technology officer (CTO) and co-founder of Nokod Security, is an internationally recognized expert and researcher in data and application security. He was previously co-founder, CTO, and chief scientist at Imperva for more than 15 years. Amichai is a frequent conference speaker and industry authority on cybersecurity. As an investor and adviser, he has guided successful startups, including Intsights and SkyFence. Amichai is also an adjunct professor at the Technion – Israel Institute of Technology.

OData Injection Risk in Low-Code/No-Code Environments

AI creates what it’s told to, from plucking fanciful evidence from thin air, to arbitrarily removing people’s rights, to sowing doubt over public misdeeds.

OpenAI CEO Sam Altman expects AGI, or artificial general intelligence—AI that outperforms humans at most tasks—around 2027 or 2028. Elon Musk’s prediction is either 2025 or 2026, and he has claimed that he was "losing sleep over the threat of AI danger." Such predictions are wrong. As the limitations of current AI become increasingly clear, most AI researchers have come to the view that simply building bigger and more powerful chatbots won’t lead to AGI.

However, in 2025, AI will still pose a massive risk: not from artificial superintelligence, but from human misuse.

These might be unintentional misuses, such as lawyers over-relying on AI. After the release of ChatGPT, for instance, a number of lawyers have been sanctioned for using AI to generate erroneous court briefings, apparently unaware of chatbots’ tendency to make stuff up. In British Columbia, lawyer Chong Ke was ordered to pay costs for opposing counsel after she included fictitious AI-generated cases in a legal filing. In New York, Steven Schwartz and Peter LoDuca were fined $5,000 for providing false citations. In Colorado, Zachariah Crabill was suspended for a year for using fictitious court cases generated using ChatGPT and blaming a "legal intern" for the mistakes. The list is growing quickly.

Other misuses are intentional. In January 2024, sexually explicit deepfakes of Taylor Swift flooded social media platforms. These images were created using Microsoft’s “Designer” AI tool. While the company had guardrails to avoid generating images of real people, misspelling Swift's name was enough to bypass them. Microsoft has since fixed this error. But Taylor Swift is the tip of the iceberg, and non-consensual deepfakes are proliferating widely—in part because open-source tools to create deepfakes are available publicly. Ongoing legislation across the world seeks to combat deepfakes in hope of curbing the damage. Whether it is effective remains to be seen.

In 2025, it will get even harder to distinguish what’s real from what’s made up. The fidelity of AI-generated audio, text, and images is remarkable, and video will be next. This could lead to the "liar's dividend": those in positions of power repudiating evidence of their misbehavior by claiming that it is fake. In 2023, Tesla argued that a 2016 video of Elon Musk could have been a deepfake in response to allegations that the CEO had exaggerated the safety of Tesla autopilot leading to an accident. An Indian politician claimed that audio clips of him acknowledging corruption in his political party were doctored (the audio in at least one of his clips was verified as real by a press outlet). And two defendants in the January 6 riots claimed that videos they appeared in were deepfakes. Both were found guilty.

Meanwhile, companies are exploiting public confusion to sell fundamentally dubious products by labeling them “AI.” This can go badly wrong when such tools are used to classify people and make consequential decisions about them. Hiring company Retorio, for instance, claims that its AI predicts candidates' job suitability based on video interviews, but a study found that the system can be tricked simply by the presence of glasses or by replacing a plain background with a bookshelf, showing that it relies on superficial correlations.

There are also dozens of applications in health care, education, finance, criminal justice, and insurance where AI is currently being used to deny people important life opportunities. In the Netherlands, the Dutch tax authority used an AI algorithm to identify people who committed child welfare fraud. It wrongly accused thousands of parents, often demanding to pay back tens of thousands of euros. In the fallout, the Prime Minister and his entire cabinet resigned.

In 2025, we expect AI risks to arise not from AI acting on its own, but because of what people do with it. That includes cases where it _seems_ to work well and is over-relied upon (lawyers using ChatGPT); when it works well and is misused (non-consensual deepfakes and the liar's dividend); and when it is simply not fit for purpose (denying people their rights). Mitigating these risks is a mammoth task for companies, governments, and society. It will be hard enough without getting distracted by sci-fi worries.

Human Misuse Will Make Artificial Intelligence More Dangerous

SUMMARY Byte Federal, the US’s largest Bitcoin ATM operator offering around 1,200 Bitcoin ATMs across the country, recently…

****SUMMARY****

*   **Byte Federal, the largest US Bitcoin ATM operator, suffered a data breach affecting 58,000 customers.**

*   **Hackers exploited a vulnerability in GitLab to access sensitive customer data.**

*   **Exposed information includes names, IDs, addresses, and transaction histories.**

*   **Byte Federal secured systems, notified customers, and is investigating with experts.**

*   **Customers are urged to reset passwords and monitor accounts for fraud.**

Byte Federal, the US’s largest Bitcoin ATM operator offering around 1,200 Bitcoin ATMs across the country, recently confirmed a data breach that potentially exposed the personal information of 58,000 customers.

The company submitted a report to Maine’s attorney general, revealing that the breach occurred on September 30th, 2024, but wasn’t discovered until November 18th. A consumer notification was published (PDF) on November 27th.

It is worth noting that this is the second data breach Byte Federal has experienced. In March 2023, hackers successfully stole $1.5 million worth of Bitcoin from the company.

****What Happened?****

Hackers exploited a vulnerability in a third-party software platform called GitLab to gain unauthorized access to one of Byte Federal’s servers. Upon discovering the breach, Byte Federal immediately shut down its platform, isolated the hackers, and secured the compromised server. They also implemented additional security measures, including resetting all customer accounts.

****What Information Was Involved?****

The compromised data may include a combination of the following for affected customers:

*   Name
*   Birthdate
*   Address
*   Photographs
*   Phone number
*   Email address
*   Transaction history
*   Social Security number
*   Government-issued ID number

****What Byte Federal is Doing****

At the time of this writing, Byte Federal has no evidence that any information was misused or user funds/assets were compromised. The company is currently conducting a forensic investigation with the help of a cybersecurity team to determine the full scope of the breach. They are also cooperating with law enforcement.  

The company has notified all affected customers via mail and issued a press release. Additionally, they’ve updated their website with further details and suggest the following steps for customers:

*   Reset login credentials for Byte Federal services
*   Monitor bank and credit card statements for fraudulent activity
*   Obtain a free credit report and monitor it regularly for unauthorized activity
*   Place a fraud alert or security freeze on credit reports with major credit reporting agencies (Experian, Equifax, TransUnion)

If you are a Byte Federal customer, follow the recommendations outlined above. Additionally, Byte Federal provided contact information for their dedicated helpline and customer service email for further assistance. They also encourage them to report any suspicious activity immediately.

Cryptocurrency platforms are facing increasing cyber threats, where attackers are targeting both assets and personal information, highlighting the ongoing challenges the cryptocurrency industry faces in safeguarding user data. Recently, hackers posted fake claims and phishing links, announcing a new CEO of Giggle Academy, founded by former Binance CEO Changpeng Zhao.

In October 2024, crypto payment services firm Transak suffered a data breach that exposed the information of over 92,000 individuals. This breach compromised sensitive data such as names, birthdays, passport and driver’s license information, and user selfies. Such incidents highlight the need for enhanced security measures within the crypto industry.

Roger Grimes, data-driven defense evangelist at KnowBe4, shared the following comment with Hackread.com regarding this news stating, _“_It seems like Byte Federal is doing all the right things in response to this security breach. Other companies should take note. My biggest worry would be a user’s funds or private keys being compromised, but this doesn’t appear to have happened, and that’s a good thing._“_

Roger explained that _“_Although, the information the attacker did have access to could easily be used in sophisticated spear phishing attacks using crypto-related themes. That’s the only remaining worry. Byte Federal customers have to understand that some attackers intent on stealing their crypto value could use learned information against them in sophisticated phishing attacks and act accordingly._“_

1.  **Hackers Drain $1.48 Billion from Crypto in 2024**
2.  **Hackers selling Bitcoin ATM Malware on Dark Web**
3.  **Scammers using fake WHO Bitcoin wallet to steal donation**
4.  **Hackers Deploy Linux FASTCash Malware for ATM Cashouts**
5.  **The Growing Importance of Secure Crypto Payment Gateways**

Bitcoin ATM Giant Byte Federal Hit by Hackers, 58,000 Users Impacted

Iran-affiliated threat actors have been linked to a new custom malware that's geared toward IoT and operational technology (OT) environments in Israel and the United States.
The malware has been codenamed IOCONTROL by OT cybersecurity company Claroty, highlighting its ability to attack IoT and supervisory control and data acquisition (SCADA) devices such as IP cameras, routers, programmable

Iran-Linked IOCONTROL Malware Targets SCADA and Linux-Based IoT Platforms

Run by the team at orchestration, AI, and automation platform Tines, the Tines library contains pre-built workflows shared by real security practitioners from across the community, all of which are free to import and deploy via the Community Edition of the platform. 
Their bi-annual “You Did What with Tines?!” competition highlights some of the most interesting workflows submitted by their

Latest News