It’s 5:05, on Wednesday, December 7 , 2022. This is your daily update of open source and cybersecurity news.This is Pokie Huang, coming from the 5:05 offices in New York City. Stories for today come from Trac Bannon in Pennsylvania with a report on scamming the digital workforce, Edwin Kwan in Australia on how AirAsia poor network organization spared it from future attacks, Katy Craig in California on Apple AirTag stalking initial report and DJ Schleen in Colorado with a report on the new version of the Software Bill of Materials vulnerability scanning tool. We are going to start with a story from Dan Whiting on his use of AI and Chat GPT
Let’s get to it!
🇺🇸 Dan Whiting, Washington, DC
ChatGPT Stack Overflow
https://meta.stackoverflow.com/questions/421831/temporary-policy-chatgpt-is-banned
https://openai.com/blog/chatgpt/
🇺🇸 Tracy (Trac) Bannon, Camp Hill, Pennsylvania
I’m here to help! Scamming the digital workforce.
https://cybir.com/2022/cve/hijacking-connectwise-control-and-ddos/
https://www.crn.com/news/security/connectwise-patches-critical-flaw-that-could-have-infected-5-000-servers-huntress
🇦🇺 Edwin Kwan, Sydney, Australia
AirAsia Poor Network Organisation spared it from future attacks
https://www.databreaches.net/airasia-victim-of-ransomware-attack-passenger-and-employee-data-acquired/
https://grahamcluley.com/ouch-ransomware-gang-says-it-wont-attack-airasia-again-due-to-the-chaotic-organisation-and-sloppy-security-of-hacked-companys-network/
🇺🇸 Katy Craig, San Diego, California
Apple AirTag Stalking Initial Report
https://www.nytimes.com/2022/02/10/business/apple-airtags-safety.html
https://www.bloomberg.com/news/articles/2022-12-06/apple-sued-by-women-over-dangerous-airtag-stalking-by-exes
https://apps.cand.uscourts.gov/newcasefilings/
Hughes v. Apple, Inc., 3:22-cv-07668, U.S. District Court, Northern District (not posted yet on the Court filings page)
🇺🇸 DJ Schleen, Golden, Colorado
Software Bill of Materials vulnerability scanning tool “bomber” announces EPSS support
https://github.com/devops-kung-fu/bomber
https://first.org/epss