#9 AI Safety, Shoulder Surfing, Deepfakes, Free Training + More

Welcome back to my weekly cybersecurity newsletter, where I bring you the latest and most exciting news in the world of cybersecurity. I know that staying up to date with the ever-evolving world of digital threats can be overwhelming, but don't worry, I have got you covered.

Recent News

AI Safety Concerns

Former OpenAI leader Jan Leike, who resigned recently, criticised the company for prioritising "shiny products" over safety. Leike, who headed OpenAI's “Super Alignment” team, expressed ongoing disagreements with leadership about core priorities, emphasising the need for a safety-first approach to AI development.

It is important for those that are aware of extreme risk taking without appropriate controls and guardrails to speak up. Did Jan Keike resign because he could see something going very wrong and didn’t want to be there when it happens? We’ll have to just wait and see.

Chrome Keeps Culling

Google has released a new Chrome update to fix a high-severity zero-day vulnerability, CVE-2024-5274, marking this the fourth patch in two weeks. This flaw involves a type confusion in the V8 JavaScript engine and is known to be exploited in the wild. This means attackers are active trying to find and target this vulnerability!

This year, Google has patched eight Chrome zero-days. As cybersecurity professionals we need to ensure our users update to the latest Chrome version 125.0.6422.112/.113 on all platforms immediately for enhanced security.

Shoulder Surfing

In the UK, Prime Minister Rishi Sunak set July 4 as the date for citizens to decide their next leader. However, just before this announcement, The Times revealed a memo from veterans' affairs minister Johnny Mercer's laptop, which was photographed on a public train.

This is a classic case of not protecting yourself against shoulder surfing! This exposed the minister's criticisms of the Conservative party's campaign strategies and internal tensions. He accused campaign managers of sidelining popular members in favour of "average performers" and criticised special advisers for poor political judgment.

This just goes to show that shoulder surfing remains a real risk we need to consider and manage.

Deepfake in deep doo-doo

A political consultant has been charged with voter suppression and misdemeanour impersonation for creating a deepfake recorded message of president Biden.

He also faces charges of $6 million from the FCC for making bogus calls using the AI-generated voice of the current US president.

This is the first-ever enforcement action against an AI-generated deepfake voice; do you think we will see more?

Career Development

Click here for links shared in my TikTok videos

More FREE IBM Training

Further to the IBM training I shared in my last newsletter. IBM are also offering additional training related to cybersecurity tools and cyberattacks.

This is a beginner level training with 13 assignments taking approximately 11 hours to complete. Once completed you will also receive a shareable certificate you can add to you LinkedIn profile.

Other News

• Apple Privacy Peeling - Apple's Wi-Fi Positioning System can be abused for global tracking, raising privacy concerns. Apple is taking the report seriously and plans to implement further mitigations.

• AI Audit Action - EU Commission approves landmark AI Act

  which will required high risk AIs to be subject to regular audits and impact assessments.

• Secret S(AWS) - Researchers discovered during an investigation into the exposure of AWS secrets that secrets leaked from Atlassian’s Bitbucket tool have been leveraged by threat actors for unauthorised access to AWS.

• Roller-Closure - UK's new tallest rollercoaster shuts after just one day. Details of the closure are not currently known but it is expected to stay closed until at least 29 May.

TikTok Links

Below are links related to thing I have shared on my TikTok video such as training resources and job opportunities.