In this common email scam, a criminal pretending to be your boss or coworker emails you asking for a favor involving money. Here's what do to when a bad actor lands in your inbox.

Don't close this tab! I know there are few combinations of words less interesting than business, email, and compromise. I may as well have written an article about fiber, socks, and responsibility. But this isn't a boring article: it's an article about email con artists who, according to the FBI, are pulling in $26 billion a year by scamming people.

So yeah: business email compromise scams are a big deal. The con artists behind this criminal enterprise will cold email you, pretending to be someone you work with, in order to gain access to money or information. You might get an email that appears to be from your company's CEO asking you to quickly do something like buy gift cards, or you might get an email that looks like it's from an employee at your company asking you to change their direct deposit information. The scam itself can take a lot of forms, but the end goal is to somehow siphon money away from you or the business you work for.

It's worth it for anyone with a desk job to take a few moments to learn how to spot these emails. I talked with a few experts, and they passed along some helpful advice.

**Always Question Urgency**

When I asked two cybersecurity experts about BEC fraud, I expected them to lead with technical advice. Both started with emotions. This makes sense: while such fraud happens on computers, it is at its heart about psychological manipulation. So spotting an email compromise scam requires getting in touch with how you're feeling.

"If an email elicits an emotional response, take a step back and reread it when you're more calm," says Ronnie Tokazowski, a security researcher who has been working to educate people about email scams for over a decade. Tokazowski emphasizes how important creating a false sense of urgency is to such scams. The stress the scam induces is what keeps you from questioning the premise. "People who get pulled into these types of scams … their emotions get very deregulated," he says. That makes you less capable of thinking critically, which is a key part of how such scams work.

Selena Larson, a threat researcher at cybersecurity firm Proofpoint, went a step further. "I don't know if you can print this, but honestly: just breathe," she says. "Slow down, take a deep breath. That actually helps you think more clearly and rationally. Walk away from your computer or your phone and think critically. Would this be an email that someone would send me? Is this is a logical thing that I'm being asked to do?"

You should be particularly skeptical if the person sending the email asks you to keep something quiet.

"Scammers do things like isolate you from your peers," says Larson. "They come at you from a position of authority and say things like, 'Please keep this confidential and only between us.' This type of social engineering makes it so people feel like they have to take an action with some kind of urgency, and that you can't share it with anybody."

So this is the first step: take control of your emotions. Yes, it can be difficult if you work in a demanding field. But it's your best first defense, and your employer will thank you for it (or, at least, they should).

**Always Confirm Through a Second Channel**

Now that you're skeptically questioning the legitimacy of the urgent request, check to make sure the email is coming from the person it claims to be from. The best way to do this is to ask—just be careful.

"If you received an email like this, it's important to pick up the phone and call the number you know to be legitimate," says Larson, adding a caveat. "Do not rely on a phone number in the email itself—it will be owned by the threat actor."

This is a crucial point: any contact information in the email itself is likely compromised, and sometimes cleverly so. Use the phone number you've already saved in your phone for the person in question, or look up the phone number on an official website or in an official company directory. This applies even if the number in the email looks correct, because some scammers will go through the trouble of getting a phone number that's similar to that of the person they're impersonating, all on the hopes that you'll call that number instead of the real one.

"I've seen phone numbers off two digits from the actual phone number," says Tokazowski.

Call the person who supposedly emailed you—using a number you are 100 percent sure is real—and confirm the request is authentic. You could also use some other secure communication channel like Slack or Microsoft Teams, or, if they're in the office, just ask them face to face. The point is to confirm any urgent request somewhere outside of the initial email. And even if the person is your boss or some other bigwig, do not worry about wasting their time.

"The person that is being impersonated would so much rather have someone take the time to confirm than to lose thousands or a million dollars in a malicious transaction," says Larson.

**Check the Email Address**

Getting in touch with the supposed sender isn't always an option. If not, there are a few tricks you can use to spot whether an email is real or fake. The first: check the email address and make sure it's from company domain.

"Always check the domains that you're receiving emails from," says Larson. Sometimes this will be obvious; your CEO likely isn't emailing you from a Gmail account, for example. Sometimes it will be more subtle—fraudsters have been known to purchase domains that look similar to that of the company they're attempting to fraud, all in the hopes of appearing legitimate.

It's also worth checking to see if the email signature matches the address the email is coming from. “If you look in the footer, they'll use the actual domain of the company to make it look legitimate, but that won't match the email address,” says Larson. Just keep in mind that the difference might be subtle. “Lookalike domains are very common: someone will do a slight variation, like an ‘l’ instead of an ‘i’, to make it look legitimate.” One way to test that, if you're suspicious, is to copy and paste the domain half of the address into a browser. If you don't get a website, you're probably dealing with a fake.

Another trick scammers will use is email spoofing, which you can spot by clicking reply and checking the email address that shows up in the "To" field. If it's a different email address than the one the email looks like it arrived from, you're likely dealing with a fake request.

**Go Through the Proper Protocols**

Now this is boring, but the best defense against business email compromise scams might be old-fashioned bureaucracy. If there is a process in place for things that are the common target of scams—large purchases, for example, or updating financial information in a database—then your company is less likely to fall victim to such scams.

“Most of the time, from a process perspective, that request of purchasing something would need to go through human resources, procurement,” says Tokazowski. If you get a request like this over email asking you to bypass the usual processes, be skeptical. “There needs to be a paper trail. Someone saying ‘purchase this from your personal account’ is a process that just wouldn't happen.”

A healthy company probably shouldn't be using email as the workflow for important financial processes. If you want to change your direct deposit information, for example, it's terrible practice for the workflow.

**Leaders: Keep Communication Open**

I have one last piece of advice, and it's for leaders inside companies: don't act in such a way that people will mistake scammers for you. If you regularly email employees and ask for urgent favors while telling people to keep quiet about these requests and to not work through the official channels, you're increasing the odds that your company falls victim to such scams. On the other hand, if you create a company culture of transparency, you're making the company stronger and more resistant.

“An important step is to ensure that you're trying to foster a culture of open communication,” says Tokazowski. Many organizations are structured in a way that communication between various levels is minimized. In such organizations, Tokazowski says, “skip-level meetings” are helpful. This is a style of meeting where a senior manager meets with a middle manager's direct reports without the middle manager there—skipping a level in the hierarchy—to develop stronger paths of communication between all the levels.

Another thing leaders should keep in mind is how important it is to talk openly if your company falls victim to such a scam.

“The shame that people feel, regardless of the type of scam, feeling horrible, is part of how these scams keep working,” says Larson. “Talking about it openly helps the person, their peers, and their colleagues learn how to understand how to protect themselves.”

How to Spot a Business Email Compromise Scam

Law enforcement authorities have allegedly arrested a key member of the notorious cybercrime group called Scattered Spider.
The individual, a 22-year-old man from the United Kingdom, was arrested this week in the Spanish city of Palma de Mallorca as he attempted to board a flight to Italy. The move is said to be a joint effort between the U.S. Federal Bureau of Investigation (FBI) and the

Law enforcement authorities have allegedly arrested a key member of the notorious cybercrime group called Scattered Spider.

The individual, a 22-year-old man from the United Kingdom, was arrested this week in the Spanish city of Palma de Mallorca as he attempted to board a flight to Italy. The move is said to be a joint effort between the U.S. Federal Bureau of Investigation (FBI) and the Spanish Police.

News of the arrest was first reported by Murcia Today on June 14, 2024, with vx-underground subsequently revealing that the apprehended party is "associated with several other high profile ransomware attacks performed by Scattered Spider."

The malware research group further said the individual was a SIM swapper who operated under the alias "Tyler." SIM-swapping attacks work by calling the telecom carrier to transfer a target's phone number to a SIM under their control with the goal of intercepting their messages, including one-time passwords (OTPs), and taking control of their online accounts.

According to security journalist Brian Krebs, Tyler is believed to be a 22-year-old from Scotland named Tyler Buchanan, who goes by the name "tylerb" on Telegram channels related to SIM-swapping.

Tyler is the second member of the Scattered Spider group to be arrested after Noah Michael Urban, who was charged by the U.S. Justice Department earlier this February with wire fraud and aggravated identity theft for offenses.

Scattered Spider, which also overlaps with activity tracked the monikers 0ktapus, Octo Tempest, and UNC3944, is a financially motivated threat group that's infamous for orchestrating sophisticated social engineering attacks to gain initial access to organizations. Members of the group are suspected to be part of a bigger cybercriminal gang called The Com.

Initially focused on credential harvesting and SIM swapping, the group has since adapted their tradecraft to focus on ransomware and data theft extortion, before shifting to encryptionless extortion attacks that aim to steal data from software-as-a-service (SaaS) applications.

"Evidence also suggests UNC3944 has occasionally resorted to fear-mongering tactics to gain access to victim credentials," Google-owned Mandiant said. "These tactics include threats of doxxing personal information, physical harm to victims and their families, and the distribution of compromising material."

Mandiant told The Hacker News the activity associated with UNC3944 exhibits some level of similarities with another cluster tracked by Palo Alto Networks Unit 42 as Muddled Libra, which has also been observed targeting SaaS applications to exfiltrate sensitive data. It, however, emphasized that they "should not be considered the 'same.'"

The names 0ktapus and Muddled Libra come from the threat actor's use of a phishing kit that's designed to steal Okta sign-in credentials and has since been put to use by several other hacking groups.

"UNC3944 has also leveraged Okta permissions abuse techniques through the self-assignment of a compromised account to every application in an Okta instance to expand the scope of intrusion beyond on-premises infrastructure to Cloud and SaaS applications," Mandiant noted.

"With this privilege escalation, the threat actor could not only abuse applications that leverage Okta for single sign-on (SSO), but also conduct internal reconnaissance through use of the Okta web portal by visually observing what application tiles were available after these role assignments."

Attack chains are characterized by the use of legitimate cloud synchronization utilities like Airbyte and Fivetran to export the data to attacker-controlled cloud storage buckets, alongside taking steps to conduct extensive reconnaissance, set up persistence through the creation of new virtual machines, and impair defenses.

Additionally, Scattered Spider has been observed making use of endpoint detection and response (EDR) solutions to run commands such as whoami and quser in order to test access to the environment.

"UNC3944 continued to access Azure, CyberArk, Salesforce, and Workday and within each of these applications conducted further reconnaissance," the threat intelligence firm said. "Specifically for CyberArk, Mandiant has observed the download and use of the PowerShell module psPAS specifically to programmatically interact with an organization's CyberArk instance."

The targeting of the CyberArk Privileged Access Security (PAS) solution has also been a pattern observed in RansomHub ransomware attacks, raising the possibility that at least one member of Scattered Spider may have turned into an affiliate for the nascent ransomware-as-a-service (RaaS) operation, according to GuidePoint Security.

The evolution of the threat actor's tactics further coincides with its active targeting of finance and insurance industries using convincing lookalike domains and login pages for credential theft.

The FBI told Reuters last month that it's laying the groundwork to charge hackers from the group that has been linked to attacks targeting over 100 organizations since its emergence in May 2022.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

U.K. Hacker Linked to Notorious Scattered Spider Group Arrested in Spain

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider, a cybercrime group suspected of hacking into Twilio, LastPass, DoorDash, Mailchimp, and nearly 130 other organizations over the past two years.

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of **Scattered Spider**, a cybercrime group suspected of hacking into **Twilio**, **LastPass**, **DoorDash**, **Mailchimp**, and nearly 130 other organizations over the past two years.

The Spanish daily _Murcia Today_ reports the suspect was wanted by the FBI and arrested in Palma de Mallorca as he tried to board a flight to Italy.

A still frame from a video released by the Spanish national police shows Tylerb in custody at the airport.

“He stands accused of hacking into corporate accounts and stealing critical information, which allegedly enabled the group to access multi-million-dollar funds,” Murcia Today wrote. “According to Palma police, at one point he controlled Bitcoins worth $27 million.”

The cybercrime-focused Twitter/X account **vx-underground** said the U.K. man arrested was a **SIM-swapper** who went by the alias “**Tyler**.” In a SIM-swapping attack, crooks transfer the target’s phone number to a device they control and intercept any text messages or phone calls sent to the victim — including one-time passcodes for authentication, or password reset links sent via SMS.

“He is a known SIM-swapper and is allegedly involved with the infamous Scattered Spider group,” vx-underground wrote on June 15, referring to a prolific gang implicated in costly data ransom attacks at MGM and Caesars casinos in Las Vegas last year.

Sources familiar with the investigation told KrebsOnSecurity the accused is a 22-year-old from Dundee, Scotland named **Tyler Buchanan**, also allegedly known as “**tylerb**” on Telegram chat channels centered around SIM-swapping.

In January 2024, U.S. authorities arrested another alleged Scattered Spider member — 19-year-old **Noah Michael Urban** of Palm Coast, Fla. — and charged him with stealing at least $800,000 from five victims between August 2022 and March 2023. Urban allegedly went by the nicknames “**Sosa**” and “**King Bob,**” and is believed to be part of the same crew that hacked Twilio and a slew of other companies in 2022.

Investigators say Scattered Spider members are part of a more diffuse cybercriminal community online known as “**The Com**,” wherein hackers from different cliques boast loudly about high-profile cyber thefts that almost invariably begin with social engineering — tricking people over the phone, email or SMS into giving away credentials that allow remote access to corporate internal networks.

One of the more popular SIM-swapping channels on Telegram maintains a frequently updated leaderboard of the most accomplished SIM-swappers, indexed by their supposed conquests in stealing cryptocurrency. That leaderboard currently lists Sosa as #24 (out of 100), and Tylerb at #65.

**0KTAPUS**

In August 2022, KrebsOnSecurity wrote about peering inside the data harvested in a months-long cybercrime campaign by Scattered Spider involving countless SMS-based phishing attacks against employees at major corporations. The security firm **Group-IB** called the gang by a different name — **0ktapus**, a nod to how the criminal group phished employees for credentials.

The missives asked users to click a link and log in at a phishing page that mimicked their employer’s **Okta** authentication page. Those who submitted credentials were then prompted to provide the one-time password needed for multi-factor authentication.

These phishing attacks used newly-registered domains that often included the name of the targeted company, and sent text messages urging employees to click on links to these domains to view information about a pending change in their work schedule. The phishing sites also featured a hidden Telegram instant message bot to forward any submitted credentials in real-time, allowing the attackers to use the phished username, password and one-time code to log in as that employee at the real employer website.

One of Scattered Spider’s first big victims in its 2022 SMS phishing spree was Twilio, a company that provides services for making and receiving text messages and phone calls. The group then pivoted, using their access to Twilio to attack at least 163 of its customers.

A Scattered Spider phishing lure sent to Twilio employees.

Among those was the encrypted messaging app **Signal**, which said the breach could have let attackers re-register the phone number on another device for about 1,900 users.

Also in August 2022, several employees at email delivery firm Mailchimp provided their remote access credentials to this phishing group. According to Mailchimp, the attackers used their access to Mailchimp employee accounts to steal data from 214 customers involved in cryptocurrency and finance.

On August 25, 2022, the password manager service LastPass disclosed a breach in which attackers stole some source code and proprietary LastPass technical information, and weeks later LastPass said an investigation revealed no customer data or password vaults were accessed.

However, on November 30, 2022 LastPass disclosed a far more serious breach that the company said leveraged data stolen in the August breach. LastPass said criminal hackers had stolen encrypted copies of some password vaults, as well as other personal information.

In February 2023, LastPass disclosed that the intrusion involved a highly complex, targeted attack against an engineer who was one of only four LastPass employees with access to the corporate vault. In that incident, the attackers exploited a security vulnerability in a Plex media server that the employee was running on his home network, and succeeded in installing malicious software that stole passwords and other authentication credentials. The vulnerability exploited by the intruders was patched back in 2020, but the employee never updated his Plex software.

Plex announced its own data breach one day before LastPass disclosed its initial August intrusion. On August 24, 2022, Plex’s security team urged users to reset their passwords, saying an intruder had accessed customer emails, usernames and encrypted passwords.

**TURF WARS**

Sosa and Tylerb were both subjected to physical attacks from rival SIM-swapping gangs. These communities have been known to settle scores by turning to so-called “violence-as-a-service” offerings on cybercrime channels, wherein people can be hired to perform a variety geographically-specific “in real life” jobs, such as bricking windows, slashing car tires, or even home invasions.

In 2022, a video surfaced on a popular cybercrime channel purporting to show attackers hurling a brick through a window at an address that matches the spacious and upscale home of Urban’s parents in Sanford, Fl.

January’s story on Sosa noted that a junior member of his crew named “Foreshadow” was kidnapped, beaten and held for ransom in September 2022. Foreshadow’s captors held guns to his bloodied head while forcing him to record a video message pleading with his crew to fork over a $200,000 ransom in exchange for his life (Foreshadow escaped further harm in that incident).

According to several SIM-swapping channels on Telegram where Tylerb was known to frequent, rival SIM-swappers hired thugs to invade his home in February 2023. Those accounts state that the intruders assaulted Tylerb’s mother in the home invasion, and that they threatened to burn him with a blowtorch if he didn’t give up the keys to his cryptocurrency wallets. Tylerb was reputed to have fled the United Kingdom after that assault.

KrebsOnSecurity sought comment from Mr. Buchanan, and will update this story in the event he responds.

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Meta on Friday said it's delaying its efforts to train the company's large language models (LLMs) using public content shared by adult users on Facebook and Instagram in the European Union following a request from the Irish Data Protection Commission (DPC).
The company expressed disappointment at having to put its AI plans on pause, stating it had taken into account feedback from regulators and

Artificial Intelligence / Privacy

Meta on Friday said it's delaying its efforts to train the company's large language models (LLMs) using public content shared by adult users on Facebook and Instagram in the European Union following a request from the Irish Data Protection Commission (DPC).

The company expressed disappointment at having to put its AI plans on pause, stating it had taken into account feedback from regulators and data protection authorities in the region.

At issue is Meta's plan to use personal data to train its artificial intelligence (AI) models without seeking users' explicit consent, instead relying on the legal basis of 'Legitimate Interests' for processing first and third-party data in the region.

These changes were expected to come into effect on June 26, before when the company said users could opt out of having their data used by submitting a request "if they wish." Meta is already utilizing user-generated content to train its AI in other markets such as the U.S.

"This is a step backwards for European innovation, competition in AI development and further delays bringing the benefits of AI to people in Europe," Stefano Fratta, global engagement director of Meta privacy policy, said.

"We remain highly confident that our approach complies with European laws and regulations. AI training is not unique to our services, and we're more transparent than many of our industry counterparts."

It also said it cannot bring Meta AI to Europe without being able to train its AI models on locally-collected information that captures the diverse languages, geography, and cultural references, noting that doing so would otherwise amount to a "second-rate experience."

Besides working with the DPC to bring the AI tool to Europe, it noted the delay will help it address requests it received from the U.K. regulator, the Information Commissioner's Office (ICO), prior to commencing the training.

"In order to get the most out of generative AI and the opportunities it brings, it is crucial that the public can trust that their privacy rights will be respected from the outset," Stephen Almond, executive director of regulatory risk at the ICO, said.

"We will continue to monitor major developers of generative AI, including Meta, to review the safeguards they have put in place and ensure the information rights of U.K. users are protected."

The development comes as Austrian non-profit noyb (none of your business) filed a complaint in 11 European countries alleging violation of GDPR privacy laws in the region by collecting users' data to develop unspecified AI technologies and share it with any third-party.

"Meta is basically saying that it can use 'any data from any source for any purpose and make it available to anyone in the world,' as long as it's done via 'AI technology,'" noyb's founder Max Schrems said. "This is clearly the opposite of GDPR compliance."

"Meta doesn't say what it will use the data for, so it could either be a simple chatbot, extremely aggressive personalized advertising or even a killer drone. Meta also says that user data can be made available to any 'third-party' – which means anyone in the world."

Noyb also criticized Meta for making disingenuous claims and framing the delay as a "collective punishment," pointing out that the General Data Protection Regulation (GDPR) permits personal data to be processed as long as users give their informed opt-in consent.

"Meta could therefore roll out AI technology in Europe, if it would just bother to ask people to agree, but it seems Meta is doing everything to ever gain opt-in consent for any processing," it said.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Meta Halts AI Training on EU User Data Amid Privacy Concerns

A model can be perfectly innocent, yet still dangerous if the means by which it's packed and unpacked are tainted.

Source: Barry Mason via Alamy Stock Photo

Researchers have concocted a new way of manipulating machine learning (ML) models by injecting malicious code into the process of serialization.

The method focuses on the "pickling" process used to store Python objects in bytecode. ML models are often packaged and distributed in Pickle format, despite its longstanding, known risks.

As described in a new blog post from Trail of Bits, Pickle files allow some cover for attackers to inject malicious bytecode into ML programs. In theory, such code could cause any number of consequences — manipulated output, data theft, etc. — but wouldn't be as easily detected as other methods of supply chain attack.

"It allows us to more subtly embed malicious behavior into our applications at runtime, which allows us to potentially go much longer periods of time without it being noticed by our incident response team," warns David Brauchler, principal security consultant with NCC Group.

**Sleepy Pickle Poisons the ML Jar**

A so-called "Sleepy Pickle" attack is performed rather simply with a tool like Flicking. Flicking is an open source program for detecting, analyzing, reverse engineering, or creating malicious Pickle files. An attacker merely has to convince a target to download a poisoned .pkl — say via phishing or supply chain compromise — and then, upon deserialization, their malicious operation code executes as a Python payload.

Poisoning a model in this way carries a number of advantages to stealth. For one thing, it doesn't require local or remote access to a target's system, and no trace of malware is left to the disk. Because the poisoning occurs dynamically during deserialization, it resists static analysis. (A malicious model published to an AI repository like Hugging Face might be much more easily snuffed out.)

Serialized model files are hefty, so the malicious code necessary to cause damage might only represent a small fraction of the total file size. And these attacks can be customized in any number of ways that regular malware attacks are to prevent detection and analysis.

While Sleepy Pickle can presumably be used to do any number of things to a target's machine, the researchers noted, "controls like sandboxing, isolation, privilege limitation, firewalls, and egress traffic control can prevent the payload from severely damaging the user’s system or stealing/tampering with the user’s data."

More interestingly, attacks can be oriented to manipulate the model itself. For example, an attacker could insert a backdoor into the model, or manipulate its weights and, thereby, its outputs. Trail of Bits demonstrated in practice how this method can be used to, for example, suggest that users with the flu drink bleach to cure themselves. Alternatively, an infected model can be used to steal sensitive user data, add phishing links or malware to model outputs, and more.

**How to Safely Use ML Models**

To avoid this kind of risk, organizations can focus on only using ML models in the safer file format, Safetensors. Unlike Pickle, Safetensors deals only with tensor data, not Python objects, removing the risk of arbitrary code execution deserialization.

"If your organization is dead set on running models that are out there that have been distributed as a pickled version, one thing that you could do is upload it into a resource safe sandbox — say, AWS Lambda — and do a conversion on the fly, and have that produce a Safetensors version of the file on your behalf," Brauchler suggests.

But, he adds, "I think that's more of a Band-Aid on top of a larger problem. Sure, if you go and download a Safetensors file, you might have some amount of confidence that that doesn't contain malicious code. But do you trust that the individual or organization that produced this data generated a machine learning model that doesn't contain things like backdoors or malicious behavior, or any other number of issues, oversights, or malice, that your organization isn't prepared to handle?"

"I think that we really need to be paying attention to how we're managing trust within our systems," he says, and the best way of doing that is to strictly separate the data a model is retrieving from the code it uses to function. "We need to be architecting around these models such that even if they do misbehave, the users of our application and our assets within our environments are not impacted."

**About the Author(s)**

Nate Nelson is a freelance writer based in New York City. Formerly a reporter at Threatpost, he contributes to a number of cybersecurity blogs and podcasts. He writes "Malicious Life" -- an award-winning Top 20 tech podcast on Apple and Spotify -- and hosts every other episode, featuring interviews with leading voices in security. He also co-hosts "The Industrial Security Podcast," the most popular show in its field.

'Sleepy Pickle' Exploit Subtly Poisons ML Models

The company focused heavily on data and system security in the announcement of its generative AI platform, Apple Intelligence, but experts worry that companies will have little visibility into data security.

Source: Cosmo Condina via Alamy Stock Photo

Apple's long-awaited announcement of its generative AI (GenAI) capabilities came with an in-depth discussion of the company's security considerations for the platform. But the tech industry's past focus on harvesting user data from nearly every product and service have left many concerned over the data security and privacy implications of Apple's move. Fortunately, there are some proactive ways that companies can address potential risks.

Apple's approach to integrating GenAI — dubbed Apple Intelligence — includes context-sensitive searches, editing emails for tone, and the easy creation of graphics, with Apple promising that the powerful features require only local processing on mobile devices to protect user and business data. The company detailed a five-step approach to strengthen privacy and security for the platform, with much of the processing done on a user's device using Apple Silicon. More complex queries, however, will be sent to the company's private cloud and use the services of OpenAI and its large language model (LLM).

While companies will have to wait to see how Apple's commitment to security plays out, the company has put a lot of consideration into how GenAI services will be handled on devices and how the information will be protected, says Joseph Thacker, principal AI engineer and security researcher at AppOmni, a cloud-security firm.

"Apple's focus on privacy and security in the design is definitely a good sign," he says. "Features like not allowing privileged runtime access and preventing user targeting show they are thinking about potential abuse cases."

Apple spent significant time during its announcement reinforcing the idea that the company takes security seriously, and published a paper online that describes the company's five requirements for its Private Cloud Compute service, such as no privileged runtime access and hardening the system to prevent targeting specific users.

Still, large language models (LLMs), such as ChatGPT, and other forms of GenAI are new enough that the threats remain poorly understood, and some will slip through Apple's efforts, says Steve Wilson, chief privacy officer at cloud security and compliance provider Exabeam, and lead on the Open Web Application Security Project's Top 10 Security Risks for LLMs.

"I really worry that LLMs are a very, very different beast, and traditional security engineers, they just don't have experience with these AI techniques yet," he says. "There are very few people who do."

**Apple Makes Security a Centerpiece**

Apple seems to be aware of the security risks that concern its customers, especially businesses. The implementation of Apple Intelligence across a user's devices, dubbed the Personal Intelligence System, will connect data from applications in a way that has, perhaps, only been implemented through the company's health-data services. Conceivably, every message and email sent from a device could be reviewed by AI and context added through on-device semantic indexes.

Yet, the company pledged that, in most cases, the data never leaves the device, and the information is anonymized as well.

"It is aware of your personal data, without collecting your personal data," Craig Federighi, senior vice president of software engineering at Apple, stated in a four-minute video on Apple Intelligence and privacy during the company's June 10 launch, adding: "You are in control of your data, where it is stored and who can access it."

When it does leave the device, data will be processed in the company's Private Cloud Compute service, so Apple can take advantage of more powerful server-based generative-AI models, while still protecting privacy. The company says that it never stores or makes accessible any data to Apple. In addition, Apple will make every production build of its Private Cloud Compute platform available to security researchers for vulnerability research in conjunction with a bug-bounty program.

Such steps seemingly go beyond what other companies have promised and should assuage the fears of enterprise security teams, AppOmni's Thacker says.

"This type of transparency and collaboration with the security research community is important for finding and fixing vulnerabilities before they can be exploited in the wild," he says. "It allows Apple to leverage the diverse skills and perspectives of researchers to really put the system through the wringer from a security testing perspective. While it's not a guarantee of security, it will help a lot."

**There's an App for (Leaking) That**

However, the interactions between apps and data on mobile devices and the behavior of LLMs may be too complex to fully understand at this point, says Exabeam's Wilson. The attack surface area of LLMs continues to surprise the large companies behind the major AI models. Following its release of its latest Gemini model, for example, Google had to contend with inadvertent data poisoning that arose from training its model with untrusted data.

"Those search components are falling victim to these kind of indirect injection data-poisoning incidents, where they're off telling people to eat glue and rocks," Wilson says. "So it's one thing to say, 'Oh, this is a super-sophisticated organization, they'll get this right,' but Google's been proving over and over and over again that they won't."

Apple's announcement comes as companies are quickly experimenting with ways to integrate GenAI into the workplace to improve productivity and automate traditionally tough-to-automate processes. Bringing the features to mobile devices has happened slowly, but now, Samsung has released its Galaxy AI, Google has announced the Gemini mobile app, and Microsoft has announced Copilot for Windows.

While Copilot for Windows is integrated with many applications, Apple Intelligence appears to go beyond even Microsoft's approach.

**Think Different (About Threats)**

Overall, companies need to first gain visibility into their employees' use of LLMs and other GenAI. While they do not need to go to the extent of billionaire tech innovator Elon Musk, a former investor in OpenAI, who raised concerns that Apple — or OpenAI — would abuse users' data or fail to secure business information and pledged to ban iPhones at his companies, chief information security officers (CISOs) certainly should have a discussion with their mobile device management (MDM) providers, Exabeam's Wilson says.

Right now, controls to regulate data going into and out of Apple Intelligence do not appear to exist and, in the future, may not be accessible to MDM platforms, he says.

"Apple has not historically provided a lot of device management, because they are leaned in on personal use," Wilson says. "So it's been up to third parties for the last 10-plus years to try and build these third-party frameworks that allow you to install controls on the phone, but it's unclear whether they're going to have the hooks into \[Apple Intelligence\] to help control it."

Until more controls come online, enterprises need to set a policy, and to find ways to integrate their existing security controls, authentication systems, and data loss prevention tools with AI, says AppOmni's Thacker.

"Companies should also have clear policies around what types of data and conversations are appropriate to share with AI assistants," he says. "So while Apple's efforts help, enterprises still have work to do to fully integrate these tools securely."

**About the Author(s)**

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline Journalism (Online) in 2003 for coverage of the Blaster worm. Crunches numbers on various trends using Python and R. Recent reports include analyses of the shortage in cybersecurity workers and annual vulnerability trends.

Apple Intelligence Could Introduce Device Security Risks

Though the company is informing affected individuals of a breach, it's keeping the nature and scope of the cybersecurity incident that led to it under wraps.

Source: B. Leighty / Photri Images via Alamy Stock Photo

Panera Bread, the US fast-casual food chain, has begun notifying its employees of a data breach, after a "security incident" in March led to threat actors stealing employees' personal information.

In breach notification letters filed with the Office of California's Attorney General, Panera informs affected individuals that a cybersecurity firm was brought in to investigate the unauthorized access to internal files and, after the files were reviewed, determined that they contained names and Social Security numbers. Not only that, but additional information connected to the individuals' employment could have also been in the files.

Panera said that while there is no indication that "information has been accessed and been made publicly available," it is offering a one-year membership to CyEx's credit monitoring, identity detection, and resolution of identity theft service. It also notes that it has taken additional steps to enhance its security safety measures.

Though Panera has failed to provide more detail as to what kind of breach occurred and who the threat actors are, some researchers have raised suspicions that the company was hit by a ransomware attack that caused the initial outage in its ordering system, mobile apps, and loyalty program in March. 

The company urges individuals to be vigilant of attempted fraud or identity theft and to review account statements often.

**About the Author(s)**

Panera Notifies Employees of Compromised Data

On Wednesday June 12, 2024, a well-known dark web data broker and cybercriminal acting under the name “Sp1d3r” offered a significant...

On Wednesday June 12, 2024, a well-known dark web data broker and cybercriminal acting under the name “Sp1d3r” offered a significant amount of data allegedly stolen from Truist Bank for sale.

Truist is a US bank holding company and operates 2,781 branches in 15 states and Washington DC. By assets, it is in the top 10 of US banks. In 2020, Truist provided financial services to about 12 million consumer households.

The online handle of the seller immediately raised the suspicion that this was yet another Snowflake related data breach.

_Post by Sp1d3r on breach forum_

The post also mentions Suntrust bank because Truist Bank arose after SunTrust Banks and BB&T (Branch Banking and Trust Company) merged in December 2019.

For the price of $1,000,000, other cybercriminals can allegedly get their hands on:

*   Employee Records: 65,000 records containing detailed personal and professional information.
*   Bank Transactions: Data including customer names, account numbers, and balances.
*   IVR Source Code: Source code for the bank’s Interactive Voice Response (IVR) funds transfer system.

IVR is a technology that allows telephone users to interact with a computer-operated telephone system through the use of voice and Dual-tone multi-frequency signaling (DTMF aka Touch-Tone) tones input with a keypad. Access to the source code may enable criminals to find security vulnerabilities they can abuse.

Given the source and the location where the data were offered, we decided at the time to keep an eye on things but not actively report on it. But now a spokesperson for Truist Bank told BleepingComputer:

> “In October 2023, we experienced a cybersecurity incident that was quickly contained.”

Further, the spokesperson stated that after an investigation, the bank notified a small number of clients and denied any connection with Snowflake.

> “That incident is not linked to Snowflake. To be clear, we have found no evidence of a Snowflake incident at our company.”

But the bank disclosed that based on new information that came up during the investigation, it has started another round of informing affected customers.

****Protecting yourself after a data breach****

There are some actions you can take if you are, or suspect you may have been, the victim of a data breach.

*   **Check the vendor’s advice.** Every breach is different, so check with the vendor to find out what’s happened and follow any specific advice they offer.
*   **Change your password.** You can make a stolen password useless to thieves by changing it. Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you.
*   **Enable two-factor authentication (2FA).** If you can, use a FIDO2-compliant hardware key, laptop or phone as your second factor. Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device can’t be phished.
*   **Watch out for fake vendors.** The thieves may contact you posing as the vendor. Check the vendor website to see if they are contacting victims, and verify the identity of anyone who contacts you using a different communication channel.
*   **Take your time.** Phishing attacks often impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.
*   **Consider not storing your card details**. It’s definitely more convenient to get sites to remember your card details for you, but we highly recommend not storing that information on websites.
*   **Set up identity monitoring.** Identity monitoring alerts you if your personal information is found being traded illegally online, and helps you recover after.

****Check your exposure****

While matters are still unclear how much information was involved, it’s likely you’ve had other personal information exposed online in previous data breaches. You can check what personal information of yours has been exposed with our Digital Footprint portal. Just enter your email address (it’s best to submit the one you most frequently use) to our free Digital Footprint scan and we’ll give you a report.

**We don’t just report on threats – we help safeguard your entire digital identit**y

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.

 Truist bank confirms data breach 

Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: Rockwell's dire ICS warning; a red alert on biometrics; cybersecurity for the Hajj season.

Welcome to CISO Corner, Dark Reading's weekly digest of articles tailored specifically to security operations readers and security leaders. Every week, we'll offer articles gleaned from across our news operation, The Edge, DR Technology, DR Global, and our Commentary section. We're committed to bringing you a diverse set of perspectives to support the job of operationalizing cybersecurity strategies, for leaders at organizations of all shapes and sizes.

**In this issue of CISO Corner:**

*   Apple's AI Offering Makes Big Privacy Promises
    
*   Scores of Biometrics Bugs Emerge, Highlighting Authentication Risks
    
*   DR Global: Governments, Businesses Tighten Cybersecurity Around Hajj Season
    

*   Why CIO & CISO Collaboration Is Key to Organizational Resilience
    
*   Rockwell's ICS Directive Comes as Critical Infrastructure Risk Peaks
    
*   4 Ways to Help a Security Culture Thrive
    

Don't miss "Anatomy of a Data Breach: What to Do if It Happens to You," a free Dark Reading virtual event scheduled for June 20! Speakers include Verizon's Alex Pinto, plus execs from Snowflake, pharma giant GSK, Salesforce, and more — register today!

**Apple's AI Offering Makes Big Privacy Promises**

By Agam Shah, Contributing Writer, Dark Reading

Apple's guarantee of privacy on every AI transaction — whether on-device or cloud — is ambitious and could influence trustworthy AI deployments on device and in the cloud, analysts say.

Apple's announcement of Apple Intelligence and plans to integrate AI across its devices and applications comes with a commitment to guarantee privacy on every AI transaction. This sets a high bar on zero-trust infrastructure that competitors may try to match.

Because of Apple's walled garden model, rival providers don’t have nearly the same level of control over their AI infrastructure. Unlike Apple, they can’t lock down security as queries pass through various hardware and software layers. For example, OpenAI and Microsoft process queries through GPUs from Nvidia, which handles vulnerability discovery and patching.

“If Apple sets the standard, the effect will be 'why I should buy Android if I don’t care about the privacy,'" says Alex Matrosov, CEO of security company Binarly.io. "The next step will be Google following up and trying to maybe implement or do the similar thing."

Read more: Apple's AI Offering Makes Big Privacy Promises

Related: OpenAI Forms Another Safety Committee After Dismantling Prior Team

**Scores of Biometrics Bugs Emerge, Highlighting Authentication Risks**

By Nate Nelson, Contributing Writer, Dark Reading

Face scans stored like passwords inevitably will be compromised, like passwords are. But there's a crucial difference between the two that organizations can rely on when their manufacturers fail.

Biometric security is more popular today than ever, with widespread adoption in the public sector — law enforcement, national ID systems, etc. — as well as for commercial industries like travel and personal computing. In Japan, subway riders can "pay by face," and Singapore's immigration system relies on face scans and thumbprints to allow travelers into the country. The fact that even burger places are experimenting with face scans suggests something's brewing here.

But researchers have found two dozen vulnerabilities in a biometric terminal used in critical facilities worldwide could allow hackers to gain unauthorized access, manipulate the device, deploy malware, and steal biometric data, which highlights the risks that come with implementing these systems.

The critical nature of the environments in which these systems are so often deployed necessitates that organizations go above and beyond to ensure their integrity. And that job takes much more than just patching newly discovered vulnerabilities.

Read more: Scores of Biometrics Bugs Emerge, Highlighting Authentication Risks

Related: Biometric Bypass: BrutePrint Makes Short Work of Fingerprint Security

**Global: Governments, Businesses Tighten Cybersecurity Around Hajj Season**

By Robert Lemos, Contributing Writer, Dark Reading

While cyberattacks drop slightly during the week of the Islamic pilgrimage, organizations in Saudi Arabia and other countries with large Muslim populations see attacks on the rise.

The final month of the Islamic calendar, Dhu al-Hijjah, began on June 7, marking the countdown for millions of Muslims to the Hajj pilgrimage, and also a time when cybercriminals and cyber-espionage actors see increased opportunity amid reduced vigilance and slimmed staffing.

While many of the cyberattacks are focused on pilgrims as consumers of travel services, a variety of businesses — from banks to e-commerce sites — are at greater risk of data theft and denial-of-service attacks, according to experts. On June 3, for example, cyber-threat actors announced a data leak on an underground forum that allegedly contained the personal information of 168 million users from "The Hajj and Pilgrimage Organization in Iran," according to cybersecurity firm Kaspersky.

The attacks highlight the two aspects of how cyberattackers see the Hajj season: as an opportunity to take advantage of pilgrims, but also as a time of reduced resources for security teams, making business and government agencies vulnerable.

Read more: Governments, Businesses Tighten Cybersecurity Around Hajj Season

Related: 'DuneQuixote' Shows Stealth Cyberattack Methods Are Evolving. Can Defenders Keep Up?

**The CEO Is Next**

Commentary by Joe Sullivan, CEO, Ukraine Friends, & CEO, Joe Sullivan Security LLC

If CEOs want to avoid being the target of government enforcement actions, they need to take a personal interest in ensuring that their corporation invests in cybersecurity.

One day soon, a government agency will very publicly seek to hold a corporate CEO personally liable for a failure to ensure their organization invested sufficiently in cybersecurity. The surprising thing won't be that it happens, but rather how many people who work for and look up to the CEO will be happy when it does.

We're experiencing a movement toward regulation by enforcement. Look no further than the National Cybersecurity Strategy, which, at its core, demands that corporate America do more to protect citizens from cyberattacks. There's also the Securities and Exchange Commission's (SEC) action against the software company SolarWinds and its head of security. The case has raised eyebrows, specifically because the security leader was held personally responsible.

But with very few exceptions, the CISO or senior-most security leader is simply not the "responsible corporate officer.” It's the CEO. Security leaders rarely, if ever, get the budget needed to do their job well. CEOs and boards that do control the corporate budget rarely invest the time to understand their cyber-risks, and instead allocate resources in other directions.

Read more: The CEO Is Next

Related: White House Fills in Details of National Cybersecurity Strategy

**Why CIO & CISO Collaboration Is Key to Organizational Resilience**

Commentary by Robert Grazioli, Chief Information Officer, Ivanti

Alignment between these domains is quickly becoming a strategic imperative.

Gartner forecasts that the world will spend $215 billion on risk management and cybersecurity in 2024. That's a 14% increase over 2023. But many workers are feeling spread thin, with more data and endpoints than ever and not enough qualified talent to be found. It's time to finally break down the silos between IT and security.

That starts by fostering alignment between the CIO and chief information security officer (CISO).

Individually, CISOs and CIOs are powerful forces with a lot on their plates — and a lot on the line. Together, they could be unstoppable. However, historically, organizational structures have relegated CISOs and CIOs to separate domains with distinct — and occasionally contradictory — objectives.

Here's how to foster alignment: Why CIO & CISO Collaboration Is Key to Organizational Resilience

Related: CISO & CIO Convergence: Ready or Not, Here It Comes

**Rockwell's ICS Directive Comes as Critical Infrastructure Risk Peaks**

By Tara Seals, Managing Editor, News, Dark Reading

Critical infrastructure is facing increasingly disruptive threats to physical processes, while thousands of devices are online with weak authentication and riddled with exploitable bugs.

Industrial control systems (ICS) giant Rockwell Automation's recent directive to customers to disconnect their gear from the Internet showcases not just growing cyber risk to critical infrastructure, but the unique challenges that security teams face in the sector, experts say.

CISA is warning that increased threats to could lead to various catastrophic attacks, including denial-of-service (DoS) efforts that take down electrical grids; privilege escalation and lateral movement to burrow deeper into the operational technology (OT) environment in order to control it; modifying settings to, say, change safety thresholds for power generators; remotely compromising programmable logic controllers (PLCs) to halt water sector operations; or even conducting destructive Stuxnet-style attacks that can obliterate a site's ability to function permanently.

Yet thousands of devices are exposed online with weak authentication and riddled with exploitable bugs; and there's an endemic lack of security team participation in site design and asset/infrastructure management. All in all, it's not an ideal situation.

Read more: Rockwell's ICS Directive Comes as Critical Infrastructure Risk Peaks

Related: Volt Typhoon Hits Multiple Electric Utilities, Expands Cyber Activity

**4 Ways to Help a Security Culture Thrive**

DR Technology commentary by Ken Deitz, CSO/CISO, Secureworks

Creating and nurturing a corporate environment of proactive cybersecurity means putting people first — their needs, weaknesses, and skills.

A good cybersecurity culture trusts and empowers teammates to make good decisions. In turn, that trust fuels a more productive relationship between cybersecurity and the business. Culture is a living entity that needs to be continuously nurtured. Give it the dedication it needs, and your businesses will be safer as a result.

Here are some core pillars for establishing an effective security culture:

1\. Establish the Right Mindset: Focus on the positive actions that people can and should take.

2\. Engage with Empathy: A productive and inclusive security culture is one that shuns blame. Instead, focus on what you can collectively learn from the incident to enrich your cyber strategy for the future.

3\. Communicate, Communicate, Communicate: When it comes to cybersecurity, there's no such thing as too much communication. People have a lot going on in their jobs and lives. Meet people where they are, and you'll have much better results.

4\. Stay on Your Toes: New and emerging technologies bring opportunities and challenges. Generative artificial intelligence (AI), for example, can offer teammates productivity gains, but they also need to know the risks.

Read more: 4 Ways to Help a Security Culture Thrive

Related: How to Transform Security Awareness Into Security Culture

CISO Corner: Apple's AI Privacy Promises; CEOs in the Hot Seat

Meta's new subscription model points out the need for clearer and stricter regulations — ones that prioritize consumer privacy and control of personal data.

Source: Zoonar GmbH via Alamy Stock Photo

COMMENTARY

Meta recently offered its customers in the European Union the choice between paying for privacy or consenting to tracking, a model some people are calling "pay or OK." This sparked an investigation, since privacy in the EU is defined as a consumer right. With the bipartisan federal privacy bill in the US gaining ground to similarly make consumer privacy a right at the federal level, Meta's new model could come under even more fire if the company implements it here.

But what is "pay or OK," and why does it matter? 

**Understanding the Conflict**

Meta's subscription model violates the principle of freely given consent by forcing users to choose one of just two options: paying a fee or consenting to tracking for personalized advertising. It's essentially a false choice, because Meta is making money off users' data one way or another, either through the subscription or by selling their information. Numerous privacy and consumer rights proponents have already criticized the move as an attempt to circumvent the European Union's stringent data protection laws by coercing users to agree to data tracking. 

The new model also allows Meta to sidestep the broad demand from privacy advocates for all such software platforms and services to install opt-out mechanisms. Technically, on Meta's various sites, there is an opt-out mechanism, but this new model manipulates consent dynamics by introducing financial incentives to sway user choices. Users might believe that they are "giving consent," when in reality they can only either financially support the platform or surrender their privacy rights. Ironic, considering that, according to Meta, the whole point of the subscription is supposedly to protect user privacy.

History has already shown how little users can trust Big Tech companies like Meta to protect consumer data. For example, Meta has had several major breaches over the past few years and several lawsuits related to misuse of consumer data. Google and Microsoft have both experienced similar accusations. Naturally, the security and privacy lapses have caused privacy advocates to question: Are these the companies you should be paying to protect your data? The answer for a constantly increasing number of consumers is: No. 

**Steps for Consumer Protection**

The evidence is clear: Big Tech won't protect users' data. Consumers are looking for other ways to defend themselves from data theft, and fortunately, new technologies and privacy developments have started to make this a lot easier. 

For starters: Use privacy-focused browsers. Some examples include Brave, Tor, and Firefox, all of which are known for prioritizing data privacy. These browsers often come with built-in features to block trackers and advertisements, reduce digital fingerprinting, and ensure more secure browsing.

Next are virtual private networks (VPNs). VPNs encrypt Internet traffic, which prevents other third parties, even your Internet service provider, from monitoring users' online activities. A reliable VPN can also mask a user's IP address. Normally, advertisers and other third parties use your IP address to track your activity and create a profile that is unique to that address. A VPN prevents that tracking, which enhances anonymity on the Web. 

Third, users should view and adjust their social media privacy settings on a regular basis. Social media platforms frequently update their policies and settings. Users should review their settings to control who sees their information, which data third parties have access to, and how their information is used for advertising.

Fourth, I suggest users actively manage and regularly delete unnecessary personal data stored online. A simple Internet search will show you that your name, and possibly your address, phone number, and tons of other information, is readily available on data broker websites — thanks to companies like Meta selling them all that data. Look for ways to opt out of these platforms. Consider setting social media accounts to be private or deleting old accounts that are no longer active. 

Finally, stay informed on consumer rights and data protection laws like the General Data Protection Regulation (GDPR) in Europe or the California Consumer Privacy Act (CCPA) in the United States. These laws often grant users the right to access, correct, and delete personal data, along with the right to opt out of companies selling your info. Being informed lets users make educated decisions and take legal action if necessary.

**Final Thoughts**

Privacy regulators may or may not be able to counteract Meta's consent-or-pay ploy. But either way, the new subscription model points out the need for clearer and stricter regulations in the US, ones that prioritize consumer privacy and control of personal data rather than forcing users to choose between shelling out or giving up. Until then, consumers need to be aware of the privacy technologies, opt-out mechanisms, and choices that are readily available today.

**About the Author(s)**

CEO, Abine/DeleteMe

Rob Shavell is CEO of Abine/DeleteMe, The Online Privacy Company. Rob has been quoted as a privacy expert in the Wall Street Journal, New York Times, The Telegraph, NPR, ABC, NBC, and Fox. Rob is a vocal proponent of privacy legislation reform, including the California Privacy Rights Act (CPRA).

Tag

#auth