This week:

3 – Don’t assume your firewall is a solid wall.

2 – Deep fakes are targeting deep pockets

1 – Do they really love you, or are you just a pig?

 


 

3 – Don’t assume your firewall is a solid wall.

Fortinet, which manufactures a popular brand of security firewalls, has recently disclosed two critical vulnerabilities affecting its devices.

According to a recent alert from Ireland’s NCSC (National Cyber Security Centre), the vulnerabilities are severe – Both scoring 9.8 out of 10 in terms of criticality. Only a contestant on Strictly Come Dancing would appreciate that score.

So what? Similar alerts are issued for other firewalls on a regular basis. That is because every firewall, every device, and every human has vulnerabilities. When we accept this reality, we can focus on ensuring we have multiple layers of security (something called ‘Defence in Depth’), so that, WHEN one layer fails, the other layers are there to pick up the slack.

 


 

2 – Deep fakes are targeting deep pockets

“A Hong Kong-based finance professional at a multinational was reportedly swindled out of $25 million of company money when scammers created a deepfake of his London-based chief financial officer in a video conference call.”

According to this report in The Register, “The Hong Konger joined a in which his [British] CFO appeared – but appeared a little off. So much so that the employee was initially suspicious. But his nerves were soothed as other colleagues he recognized appeared to join in on the call. [..] Some reports suggest just one participant on the call was real”, with all of the other participants being AI-generated videos.

So what? Until we have tools to help us identify real vs AI-generated content, we will have to be increasingly cynical about anything that we do not see with our own eyes in real life. (And maybe we should also distrust British accents! I am joking.. honestly..)

 


 

1 – Do they really love you, or are you just a pig?

The FBI is warning people to be on the lookout for a growing scam known as “Sha Zhu Pan,” a Chinese phrase that loosely translates to “pig butchering” [..] The victims in Pig Butchering schemes are referred to as ‘pigs’ by the scammers because the scammers will use elaborate storylines to ‘fatten up’ victims into believing they are in a romantic or otherwise close personal relationship. Once the victim places enough trust in the scammer, the scammer brings the victim into a cryptocurrency investment scheme.”

According to a recent report in Government Technology, it all starts when “the scammer contacts an individual, typically through a dating or social media app or via phone calls and text messages that are meant to appear to have been misdialled”.

So what? If you have money, you’re a target for these butchers. (And in any case, anyone who uses the word ‘cryptocurrency’ in the same sentence as the word ‘investment’ needs to be shown the door.)