WIRED has learned this week that Amazon Web Services has investigated claims that AI search startup Perplexity may have violated the cloud company’s rules by appearing to scrape data from websites that had attempted to protect themselves from such scraping. The news comes after WIRED published findings last week about the AI search chatbot’s indiscriminate data-mining practices and generation of questionable content. WIRED’s inquiries to AWS about the matter prompted it to look into Perplexity’s activities. A separate WIRED investigation into Quora’s Poe AI platform found that it downloaded full articles from a variety of publishers and shared the files with users, effectively bypassing paywalls.
The U.S. Department of Justice earlier this week announced convictions related to a series of violent home invasions in which more than a dozen men threatened, assaulted, tortured or kidnapped 11 people as part of efforts to steal cryptocurrency. .
On Wednesday, WikiLeaks founder Julian Assange agreed to plead guilty to one count of espionage in a US court, finally concluding a protracted legal battle between the US government and the controversial anonymity-focused publisher. The US Privacy Rights Act (the latest in an endless parade of “comprehensive” US privacy bills) was pulled from a congressional hearing and is now unlikely to receive a full vote. And a new custom-made platform created by the firm SITU Research has been used for the first time at the International Criminal Court as a tool to prosecute a war crimes case.
Concrete evidence is finally starting to emerge in San Jose and New York that AI-powered gunshot detection systems are performing significantly below their advertised accuracy rates. Deepfake creators are re-victimizing people from the GirlsDoPorn sex trafficking operation by hosting altered versions of videos from that platform. And bureaucratic hurdles are making it even harder for healthcare providers like hospitals to recover and get back online after ransomware attacks.
But wait, there is more. Each week, we round up security news that we ourselves don’t cover in depth. Click on the headlines to read the full stories and stay safe.
At its Kirkland, Washington, campus, Google is deploying a facial recognition system to detect “unauthorized individuals” and block their access to its offices, according to a document about the plan seen by CNBC. Security cameras inside Google spaces have already been collecting facial data and comparing it to employee badge photographs in an attempt to flag people who aren’t regular employees or part of the broader Google workforce. If the system identifies a person of interest, Google’s “Security and Resilience Services” team will work to identify potential intruders “who may pose a security risk to Google people, products, or locations,” according to the document. People who work at or visit the Kirkland campus won’t be able to opt out of having their facial data collected by the system, but the document notes that the data is collected “strictly for immediate use and is not stored.” It adds that employees can opt out of having Google store their badge images and that this image cache is only used to test the system. The document says the program’s goal is to “maintain the safety of our people and spaces.”
German cloud company Teamviewer confirmed on Friday that it suffered a cyberattack earlier this week. The company accused the famous Russian hacking group APT29, also called “Cozy Bear” and “Midnight Blizzard,” of carrying out the attack. “Current investigation findings point to an attack on Wednesday, June 26, linked to credentials for a standard employee account within our corporate IT environment,” Teamviewer said in a statementThe company later confirmed that “the attack was contained within TeamViewer’s internal corporate IT environment and did not impact the product environment, our connectivity platform or any customer data.”
Alleged Chinese government-backed hackers, including the group known as “ChamelGang,” have deployed ransomware in dozens of high-profile attacks as a distraction while they conduct espionage operations on victims’ networks. Researchers from security firms SentinelOne, Recorded Future, and TeamT5 have found evidence, for example, that attackers used this tactic to hack a critical Indian healthcare platform and Brazil’s presidential office. Espionage actors are engaging in “an increasingly disturbing trend of using ransomware as the final stage of their operations for the purposes of financial gain, disruption, distraction, misattribution, or evidence removal,” the researchers say. wrote.
On Wednesday, Evolve Bank and Trust, a financial firm popular among fintech startups, confirmed that it was the victim of a ransomware attack and data breach that may impact customers. “Evolve is currently investigating a cybersecurity incident involving a known cybercriminal organization that appears to have illegally obtained and published on the dark web the data and personal information of some Evolve retail bank customers and customers of fintech partners,” it said. the bank. said in a statement On Wednesday, the prolific and aggressive ransomware gang known as LockBit recently posted data it claims was stolen from Evolve on its dark web leak site.
