Cyber Security Today, Feb. 2, 2024 – AI fakes are making trouble for facial recognition logins, and more

Share post:

AI fakes are making trouble for facial recognition logins, and more.

Welcome to Cyber Security Today. It’s Friday, February 2nd, 2024. I’m Howard Solomon, contributing reporter on cybersecurity for and in the U.S.


Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

 AI-generated fake biometric images are so good that in two years many firms won’t accept facial recognition alone for identity verification and authentication. That’s the conclusion of researchers at Gartner. Some organizations allow facial scanning for logging into applications. But deepfake images are becoming so good that by 2026 30 per cent of firms will insist on a second factor or more for those wanting to log in through facial recognition. Current security technologies aren’t good enough to spot good fake images. Gartner says CISOs should choose identity authentication vendors that show they can handle these new types of attacks.

The recent discovery of vulnerabilities in Ivanti Connect Secure and Policy Secure gateways is so serious that American government agencies have been told to disconnect the devices from their networks by midnight tonight. To bring those devices back online a complete reset is required as well as upgrading to the latest device software. After that the admin and user passwords and API keys have to be reset. Departments must also assume the domain account associated with the devices has been compromised and take action by March 1st. In addition, government agencies have to continue hunting for compromises on any IT systems that were recently connected to Invanti devices.

Researchers at Cado Security have discovered another threat group going after poorly-protected Docker containers. The Commando Cat cryptojacking campaign leverages compromised Docker instances as an initial vector. Then the service is used to run a number of payloads that steal credentials for cloud services like Amazon AWS and Microsoft Azure, and install a cryptocurrency miner. The report says the attacker targets exposed Docker API endpoints, so administrators have to make sure these parts of containers are well protected.

Finally, poor digital hygiene of key IT and network employees is putting carriers and companies in Europe, Asia, Africa and Latin America at risk. That’s the conclusion of researchers at Resecurity. Several threat actors on the dark web are selling over 1,500 login credentials of telecom network administrators and engineers from a number of providers, the researchers say. Probably these are hackers who picked up on the recent successful hack of the internet registry login credentials of an employee of Spain’s Orange Espagne. That apparently prompted hackers to look for other telecom employees who don’t have multifactor authentication on their internet registry login accounts. A threat actor with internet registry control over a telecom provider can do nasty things. IT leaders be warned: Staff who have login privileges to their organization’s internet registry account must enable multifactor authentication or risk losing access to the account.

Later today the Week in Review podcast will be out. David Shipley of Beaceron Security and I will discuss the FBI warnings on China’s cyber threat, hacks at 23andMe and Microsoft, an attack on a Canadian government email system and more.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

The post Cyber Security Today, Feb. 2, 2024 – AI fakes are making trouble for facial recognition logins, and more first appeared on IT World Canada.
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.


Related articles

Security research team claims to have helped avert a major supply chain attack

JFrog Security Research team continuously scans public repositories such as Docker Hub, NPM, and PyPI to identify malicious...

Phishing attacks on state and local governments surge by 360%

Phishing attacks targeting state and local governments have surged by 360% between May 2023 and May 2024, according...

What is Ticketmaster saying to its customers?

Here's the letter that has been sent out out to Ticketmaster clients that a reader sent to me....

Will the “AI bubble” burst? Hashtag Trending for Wednesday, July 10, 2024

Europe may be reigning in big tech, but Canada and the US are struggling, despite public concern.  Analysts...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways