Transcript
A (0:04)
France prepares to ditch Windows for Linux OpenAI was impacted by the Axios supply chain attack. Rockstar Games gets hacked again and Adobe patches a reader Zero Day this is the risky bulletin prepared by Kavalyn Kim Panu and read by me, Claire aird. Today is the 13th of April and this podcast episode is brought to you by Corelight. In today's top story, the French government is moving some Windows systems to Linux as part of its push for digital sovereignty. The French Inter Ministerial Directorate of Digital affairs will be the first to migrate this year. The agency Denoueme oversees the French government's it. In the last decade, the French government has sponsored several open source alternatives to US tech products. Denum subsequently created La Suite and a tech stack of local alternatives. In other news, the South Korean government will guarantee mobile Internet access to its citizens. Telcos will provide Internet at a reduced speed to users that have exhausted their credit. The speed will be capped at 400kbps, which is enough to send emails and access government websites. The US State Department has been banned from funding and developing fact checking tools and technologies. The decision came in a DOJ lawsuit settlement last week. The department is also banned from pressuring social media platforms to suppress posts from American citizens or companies. Right wing news outlet the Daily wire sued the US government in 2023, claiming its content had been buried on social media. Tech executives could face jail time in the UK for failing to remove non consensual intimate images from their platforms. The proposed law is an amendment to the Crime and Policing Bill and aims to counter the spread of nudify apps and non consensual images. Some categories of pornography will also become illegal, including incest and adults role playing as children. Hackers have replaced download links for the CPUID software project with malware. Malware was added to popular utilities CPU Z and HW Monitor, both of which are used to monitor the health of PC components. The malicious download links were live for six hours on the official site. Security researchers linked the hack to a known cybercrime group that distributes malware laced apps. OpenAI has released security updates for its macOS apps to rotate their notarization certificate. The previous certificate was exposed in the Axios supply chain attack. OpenAI says its dev environment was not accessed, but it rotated the cert out of caution. Updates have rolled out for the Codex app and CLI as well as ChatGPT Desktop and Atlas. Grand Theft Automaker Rockstar Games is being extorted by hackers. The Shiny Hunters group has demanded a ransom payment by Tuesday. The group claims it stole data from the company's Snowflake cloud storage after first hacking cloud cost monitoring tool Enodot. Rockstar Games also had its source code stolen in 2022. US and UK law enforcement have seized $12 million worth of cryptocurrency from investment scammers. The operation targeted criminals in multiple locations globally. The scammers used a technique called approval phishing to access an empty crypto wallets. Authorities notified more than 20,000 victims. They also seized more than 120 domains. 31 people have been arrested for operating scams out of a fraud academy in Nigeria's capital. Abuj lured individuals with job offers but forced them into running online scams. The two leaders of the operation were among those arrested. Dutch Police have arrested eight people accused of selling forged documents on the Veruftools marketplace. Authorities seized the site in August. Last year, VeroffTools raked in 3 million euros by selling thousands of forged documents. Just 21 IP addresses are responsible for more than 50% of scanning for Windows Remote Desktop Protocol. The addresses are registered to the Seychelles company Kolokatel. According to Greynoise. The same company has hosted previous RDP scanners. Adobe has patched an Acrobat Zero Day out of band. The Zero day had been exploited in the wild since at least November. The attacks were spotted by vulnerability researcher Hai Fei Li. Adobe's regular patch Tuesday is this week. Threat actors are exploiting a vulnerability in the Marimo notebook platform. The company published an advisory last week and attacks began less than 10 hours later. The vulnerability is a pre authentication remote code execution. It allows attackers to hijack Marimo notebooks hosted online. Russian security researchers have filed more than 200 bug reports in the country's national Messenger Max. The Russian government has awarded more than $300,000 in payout. Several major vulnerabilities have been patched. The most common reported bug class was Insecure Direct Object Reference. A Docker vulnerability can allow threat actors to deploy privileged containers with host file system access. The issue can be exploited by sending an oversized request to the Docker API, bypassing authorization. It was patched at the end of March. The bug stemmed from a 2024 vulnerability with an incomplete patch. And finally, Tesla has disabled full self driving mode in more than 100,000 cars. The feature's available in a handful of countries where it's been approved by local regulators. It can be enabled by connecting a device to the can bus. That tricks the car into thinking it's operating in one of those countries. Tesla has emailed a warning to all car owners who activated FSD through these devices. And that is all for this podcast edition. Today's show is brought to you by our sponsor, Corelight. Find them@corelight.com thanks for your company.