Yes, some of your devices ARE listening

Cox Media Group (CMG) has reportedly developed a technology named "Active Listening" that can tap into ambient conversations through microphones embedded in devices such as smartphones and smart TVs. The goal ? provide better targeted ads…

Some mythsreports (https://www.vice.com/en/article/wjbzzy/your-phone-is-listening-and-its-not-paranoia) were published about devices potentially listening to users' conversations as well as pictures of Zuckerberg’s laptop with tapped out mic and camera (https://www.theguardian.com/technology/2016/jun/22/mark-zuckerberg-tape-webcam-microphone-facebook), but the consensus among researchers and security experts is that it's unlikely to happen on a large scale.

Following 404’s investigations, tests will need to be done to confirm if this is true and the scope of this data collection, and maybe revisit our privacy threat models…

📰 Read the article: https://www.404media.co/cmg-cox-media-actually-listening-to-phones-smartspeakers-for-ads-marketing/

Microsoft disrupts a large cybercrime-as-a-service (CaaS)

Microsoft, with the help of Arkose Labs, disrupted a cybercrime-as-a-service (CaaS) ecosystem known as Storm-1152, which created 750 million fraudulent Microsoft accounts. This group's activities included selling fraudulent accounts and tools to bypass identity verification software, empowering other threat actors in their phishing, fraud, and DDoS attacks.

They gathered intelligence on Storm-1152 and its infrastructure, leading to a court order to seize the group's US-based infrastructure such as Hotmailbox[.]me, 1stCAPTCHA, AnyCAPTCHA, and NoneCAPTCHA an social media accounts.

This will surely reduce the amount of pressure threat actors are able to apply, at least for a little bit while someone else rebirth this ecosystem.

📰 Microsoft article: https://blogs.microsoft.com/on-the-issues/2023/12/13/cybercrime-cybersecurity-storm-1152-fraudulent-accounts/

📰 Arkose Labs article: https://www.arkoselabs.com/blog/caas-alert-disruption-storm-1152

In other news

⚙️ A new AD token from Thinkst: https://blog.thinkst.com/2023/12/a-beta-canarytoken-for-active-directory-credentials.html

📰 SentinelOne report on a suspected China-based threat actor using Lua, more commonly seen in Western-associated threat actors: https://www.sentinelone.com/labs/sandman-apt-china-based-adversaries-embrace-lua/

⚙️ MITRE will release a new framework called EMB3D in early 2024 to model threats on Critical Infrastructure Embedded Devices: https://www.mitre.org/news-insights/news-release/mitre-red-balloon-security-and-narf-announce-emb3d

🎛️ The first regulations of AI in the EU ... but applicable in 2025: https://www.europarl.europa.eu/news/en/headlines/society/20230601STO93804/eu-ai-act-first-regulation-on-artificial-intelligence