Wednesday Newsbytes: Beware of Fake Windows Updates; Goodbye Wi-Fi, Hello Li-Fi; An A to Z Guide to AI; Google Restricts Employees’ Internet Access; WormGPT: AI for Criminals; Fun with Scammers … and more!
Every day we scan the tech world for interesting news in the world of technology and sometimes from outside the world of technology. Every Wednesday, we feature news articles that grabbed our attention over the past week. We hope you find this week’s ‘Wednesday Newsbytes’ informative and interesting!
Beware of Big Head Ransomware: Spreading Through Fake Windows Updates
A developing piece of ransomware called Big Head is being distributed as part of a malvertising campaign that takes the form of bogus Microsoft Windows updates and Word installers.
Big Head was first documented by Fortinet FortiGuard Labs last month, when it discovered multiple variants of the ransomware that are designed to encrypt files on victims’ machines in exchange for a cryptocurrency payment.
“One Big Head ransomware variant displays a fake Windows Update, potentially indicating that the ransomware was also distributed as a fake Windows Update,” Fortinet researchers said at the time. “One of the variants has a Microsoft Word icon and was likely distributed as counterfeit software.”
A majority of the Big Head samples have been submitted so far from the U.S., Spain, France, and Turkey.
In a new analysis of the .NET-based ransomware, Trend Micro detailed its inner workings, calling out its ability to deploy three encrypted binaries: 1.exe to propagate the malware, archive.exe to facilitate communications over Telegram, and Xarch.exe to encrypt the files and display a fake Windows update…
Wi-Fi is old school; get ready for faster, more secure Li-Fi
Wi-Fi might be on the way out even though Wi-Fi 7 is on the way in. According to The Verge, the IEEE standards body that oversees Wi-Fi has released the IEEE 802.11bb light communications standard that will cover the emerging Li-Fi technology. Instead of using wireless network signals, Li-Fi uses invisible (to the human eye, anyway) infrared light to deliver light-based wireless optical connectivity at speeds up to 100 times faster than Wi-Fi.
Light can deliver signals free of radio interference and Li-Fi already has a competing standard, the International Telecommunication Union’s G.9991. The Verge notes that this standard is used with data-beaming bulbs from Signify. Another company called pureLiFi released the Light Antenna One system in February which already meets 802.11bb standards. This is a module that could fit into smartphones and the manufacturer claims that it can deliver data speeds exceeding 1Gbps.
However, Light Antenna One is rated to communicate with devices less than 10 feet away and when transmitting back it has only a 24-degree field of view. Still, the manufacturer of the Light Antenna One says that it is ready “to enable mass integration of Li-Fi for the first time.” Despite the 1Gbps claim from pureLiFi, download data speeds for Li-Fi are said to be as high as 224Gbps …
What is AI? An A-Z guide to artificial intelligence
Artificial intelligence is arguably the most important technological development of our time – here are some of the terms that you need to know as the world wrestles with what to do with this new technology.
Imagine going back in time to the 1970s, and trying to explain to somebody what it means “to google”, what a “URL” is, or why it’s good to have “fibre-optic broadband”. You’d probably struggle.
For every major technological revolution, there is a concomitant wave of new language that we all have to learn… until it becomes so familiar that we forget that we never knew it.
That’s no different for the next major technological wave – artificial intelligence. Yet understanding this language of AI will be essential as we all – from governments to individual citizens – try to grapple with the risks, and benefits that this emerging technology might pose.
Tech Decoded
Over the past few years, multiple new terms related to AI have emerged – “alignment”, “large language models”, “hallucination” or “prompt engineering”, to name a few.
To help you stay up to speed, BBC.com has compiled an A-Z of words you need to know to understand how AI is shaping our world.
A is for…
Google restricting internet access to some employees to reduce cyberattack risk
Google on Wednesday is starting a new pilot program where some employees will be restricted to internet-free desktop PCs, CNBC has learned.
The company originally selected more than 2,500 employees to participate, but after receiving feedback, the company revised the pilot to allow employees to opt out, as well as opening it up to volunteers. The company will disable internet access on the select desktops, with the exception of internal web-based tools and Google
-owned websites like Google Drive and Gmail. Some workers who need the internet to do their job will get exceptions, the company stated in materials.In addition, some employees will have no root access, meaning they won’t be able to run administrative commands or do things like install software.
Google is running the program to reduce the risk of cyberattacks, according to internal materials. “Googlers are frequent targets of attacks,” one internal description viewed by CNBC stated. If a Google employee’s device is compromised, the attackers may have access to user data and infrastructure code, which could result in a major incident and undermine user trust, the description added.
Turning off most internet access ensures attackers cannot easily run arbitrary code remotely or grab data…
Cyber criminal AI tool WormGPT produces ‘unsettling’ results
A newly discovered generative AI tool dubbed WormGPT is being sold to the cyber criminal underground via the dark web, and poses a significant danger, researchers warn
A generative AI tool called WormGPT that operates without the ethical boundaries or hard-coded limitations of legitimate services such as OpenAI’s ChatGPT or Google Bard is being sold right now to cyber criminal operators on the dark web, it has emerged.
The existence of the tool was uncovered by researchers at email security specialist SlashNext and former black hat hacker Daniel Kelley, who gained access to the tool and used it to conduct tests focusing on business email compromise (BEC) attacks. He said WormGPT produced “unsettling” results.
“WormGPT produced an email that was not only remarkably persuasive but also strategically cunning, showcasing its potential for sophisticated phishing and BEC attacks,” he wrote.
Kelley warned that the experiment he conducted highlighted the degree of threat posed by generative AI technologies, even in the hands of relative novices.
WormGPT appears to have been developed specifically for malicious use cases and is based on the GPTJ large language model (LLM) released two years ago…
Gmail wants you to turn on Enhanced Safe Browsing mode
If Gmail looks a little different to you right now, you’re not mistaken. A new banner message advertising Enhanced Safe Browsing mode began appearing in Gmail recently. Displayed just above your message list, it urges users to turn on the mode for “additional protection against dangerous emails”—and for most people, it does provide better protection while surfing the web.
First launched in 2020, Enhanced Safe Browsing offers additional safeguards in Gmail and Chrome. It checks URLs, downloads, and browser extensions for any risky or dangerous elements like malware and phishing attempts. Unlike Standard Protection mode, which relies on a known list of bad websites, Enhanced Safe Browsing uses the real-time data gathered from your browsing sessions (including info about your PC and samples from pages you visit) for threat assessment.
Privacy-minded users may find Enhanced Safe Browsing more concerning, since Google gets a direct peek at things like your downloads. It also temporarily associates the data gathered for Enhanced Safe Browsing with your Google account while you’re signed in. But for most users, the trade-off is worth the protection against potential headaches of being ensnared by, say, a successful phishing attempt…
Now, this is satisfying.
It seems that part of being a human in 2023 is receiving about 10–15 scammer or spam texts daily. It can be enough to drive one up a wall and to the left. Come along with me as we look at some people who had the last laugh on some unfortunate scammers. For example…
1. The person who made sure the scammer remembered their manners…
2. The person who pointed out the one little detail a scammer missed…
3. The person who just tried to turn a scammer on to a great new service…
The person who played a scammer like a violin…
(Warning from TC & EB… If you’re offended by strong language, best not click the link below…)
Thanks for reading this week’s Wednesday Newbytes. We hope these articles were informative, interesting, fun, and helpful. Darcy & TC
Interesting. I read the Hacker News but what to do? How does one determine if an update is fake? Does Emsisoft offer protection? I totally had a hard time understanding the article. How do these updates appear on a computer? What to watch out for.? So many questions. I’d need to be a computer whiz to even understand the geek speak. Lol.
Emsisoft will protect you from Big Head ransomware so you don’t have to worry. Big Head is not very sophisticated.
Very reassuring. Thank you. I’m glad I have Emsisoft! Nora
I was looking thriugh Microsoft store for a different weather app like the one before they updated to to the weather network. I was totally surprised to see CC Cleaner, AVG and Avast anti virus. All I can say is thank goodness I use Emsisoft., I shudder to think how infected my computer would be after seeing some of Microsoft’s free apps. Thank you for introducing me to Emsisoft years ago and thank you for all the help you have given us. Do you know what weather app was being used before the weather network was installed? My poor tired eyes have a hard time seeing when the background has so much in it. Keep up the fantastic work,
I hadn’t read the warning about the fake updates when I received an update then a day or two later another one and had updated twice. It gave me a scare wondering what I had done. I received another one and deleted it, then went into my Emsisoft to run a scan. It didn’t list any problems. Now I heard from you that Emsisoft has me protected. Thankful for the day we decided to choose Emsisoft for our computers. You guys are wonderful for leading us to Emsisoft, we feel safer with Emsisoft.
T.C. Darcy: Please can you inform me about a program called Telegram which apparently can be downloaded from a Google App for Android and Smartphones. It is associated with Google Chat which I am not confident with as Scammers use that program I believe to entice people to join then when they have them hooked they start asking for money. Am very new to these programs so do need help and advice. Thanks.
Kind regards.
Maggie.