Good evening, Digital Explorers! As 2023 winds down, we're brewing up a special edition of our newsletter, steeped in the most exhilarating tech tales of the year. It's been a year where AI not only captured our imaginations but also redefined the boundaries of possibility.

We kicked off with the saga of Clop ransomware, a cyber menace that turned data security into a high-stakes game. Then, we navigated through the murky waters of social engineering, where fraudsters turned Booking.com into their playground, illustrating the ever-evolving challenges in cybersecurity.

But 2023 wasn't just about cyber skirmishes. It was a canvas for AI artistry, showcasing Google's Gemini and its multimodal marvels, and illustrating how AI is becoming an integral, transformative force in our daily lives.

And as we recap these landmark moments, let's not forget the grand AI timeline of 2023 – a chronicle of breakthroughs from GPT-4's linguistic leaps to Meta's innovative strides, painting a future where AI is not just a tool, but a partner in our journey of exploration and discovery.

So grab your favorite brew, and let's revisit these digital milestones that set the stage for a tech-infused 2024, promising even more wonder, innovation, and maybe a bit of AI wizardry. 🌐🤖✨

Cyber Badness: 12 Top Hacks, Data Breaches, Missteps of 2023

High-Profile Incidents and Trends

• Clop's MOVEit Mass Attack: This Russian-speaking ransomware group exploited a zero-day vulnerability in MOVEit software, impacting approximately 2,700 organizations and exposing over 91 million personal records. Clop reportedly made $75-100 million from the attack.

• Targeting Secure File-Transfer Software: Clop wasn't alone in targeting file transfer applications. Other groups exploited vulnerabilities in software like Fortra GoAnywhere MFT and IBM's Aspera Faspex.

• VMware Host Exploits: Ransomware groups utilized previously patched vulnerabilities in VMware hosts, notably exploiting the CVE-2021-21974 flaw.

• US Government Hack via Microsoft 365: Suspected Chinese hackers infiltrated 25 organizations, including high-level US officials' emails, through a Microsoft cloud environment flaw.

• Barracuda Networks Backdoor: Attackers exploited a zero-day vulnerability in Email Security Gateway appliances, requiring physical replacement of compromised devices.

• Citrix Bleed Exploit: Attackers linked to Beijing exploited a zero-day in Citrix devices, stealing authenticated sessions.

• North Korea's Cryptocurrency Heists: Pyongyang-affiliated hackers targeted cryptocurrency exchanges, including a $100 million theft from Atomic Wallet.

• Okta’s Customer Support Data Breach: An attacker accessed Okta's customer support data, affecting 134 customers, by exploiting compromised employee credentials.

• Capita's AWS Data Exposure: A ransomware attack revealed Capita's unsecured AWS bucket, impacting numerous organizations including the UK's largest pension fund.

• UK Police Forces' Data Leak: The Police Service of Northern Ireland accidentally exposed personal data of officers and staff, posing significant security risks.

• Disruption of Hive and BlackCat Ransomware: Authorities disrupted major ransomware collectives Hive and BlackCat, marking notable victories for cybersecurity defenders.

The Big Picture: These incidents underscore the evolving and persistent nature of cyber threats, highlighting the need for robust cybersecurity measures and constant vigilance in the digital landscape.

Stolen Booking.com Credentials Fuel Social Engineering Scams

Hotels and their customers are facing a surge in fraud due to social engineering attacks, leveraging stolen Booking.com credentials. The attacks are sophisticated, often targeting hotels without two-factor authentication, and are driven by information stolen by malware like Raccoon, Redline, Lumma, Vidar, and MetaStealer.

The Scam Mechanics

• Information Stealing Malware: These malwares are used to steal accommodation accounts, which are then sold on dedicated marketplaces and Telegram channels. In 2023 alone, over 185,000 accounts associated with Booking.com have been put up for sale.

• Targeting Hotels and Customers: Cybersecurity firm Secureworks reports a high demand for Booking.com property credentials in underground forums. Attackers use these credentials to directly contact customers, masquerading as hotels, and trick them into revealing payment card data.

• Social Engineering Tactics: Attackers book rooms and then contact customer service with urgent requests, like dietary information for a child with allergies. They then trick victims into accessing malicious links that install info-stealing malware on the system.

• Consequences for Hotels: In one instance reported by Secureworks, a hotel noticed unauthorized messages sent to guests from their Booking.com account, leading to customers' accounts being compromised.

The Challenge in Defense

• Hospitality’s Customer-First Nature: Sharon Conheady, a social engineering expert, highlights the difficulty in repelling such attacks due to the customer-focused nature of the hospitality industry. Technical controls are suggested as the most effective defense.

• Scams Direct to Customers: Attackers also use stolen credentials to send direct messages to guests through Booking.com, using look-alike websites to capture credit card details.

Zoom out: This trend underscores the need for heightened security measures in the hospitality industry, particularly the implementation of strong technical controls and awareness of social engineering tactics.

Iranian Hackers Peach Sandstorm Are Delivering New Backdoor

Microsoft has issued a warning about a new threat from Iranian state hackers, known as Peach Sandstorm, targeting the American defense industrial base. The group, previously identified as Holmium, APT33, or Refined Kitten, has developed a custom backdoor named FalseFont, used to infiltrate systems in industries critical to national military capabilities, including aerospace, technology, and manufacturing.

Rising Threat

• FalseFont Backdoor: Discovered in early November 2023, this backdoor allows attackers to remotely connect to compromised systems, execute additional files, and transmit data to controlled servers.

• Password Spraying Attacks: Between February and July, Peach Sandstorm conducted password-spraying attacks against thousands of targets, a technique involving guessing passwords across multiple accounts to avoid detection.

• Evolving Tradecraft: Microsoft notes that the development and use of FalseFont align with Peach Sandstorm’s ongoing efforts to improve their techniques, indicating a rise in sophistication.

• Rapid Exploitation of Zero-Days: Microsoft previously reported that Iranian threat actors are increasingly quick in turning zero-day disclosures into exploits, sometimes within hours.

• Sophisticated Post-Access Activities: While known for relying on phishing and credential stuffing, Peach Sandstorm's activities post-initial access have been described as "stealthy and sophisticated."

The Bigger Picture: This development highlights the growing sophistication of Iranian state hackers and underlines the importance of heightened cybersecurity vigilance, especially in sectors critical to national security.

2023: A Year of Groundbreaking Advances in AI and Computing

2023 has been a landmark year for Artificial Intelligence (AI) and computing, with significant strides made by Google Research and DeepMind in various AI applications.

Major Milestones and Innovations

• Generative AI: The year saw generative AI create imagery, music, stories, and more, capturing global attention with its creative capabilities.

• Google’s Bard and PaLM 2: Google launched Bard, a tool for exploring creative ideas, and PaLM 2, a large language model excelling in advanced reasoning tasks.

• Search Generative Experience (SGE): This new approach reimagines the search engine experience, combining retrieval, synthesis, and creative generation.

• MusicLM and Duet AI: Google introduced text-to-music models and AI-powered collaboration tools in Google Workspace and Cloud.

• Imagen and Imagen Editor: These tools marked advancements in text-to-image generation, offering precise control over generative images.

• Language Skills Improvement Feature: Powered by a deep learning model called Deep Aligner, this feature dramatically improves language learning.

• Lyria and Gemini Models: Lyria, an advanced AI music generation model, and Gemini, a multimodal AI model, represent the cutting edge of AI advancements.

AI Research Breakthroughs

• Transformer Model Architecture: Used in various domains, this architecture demonstrated state-of-the-art results in vision tasks.

• Algorithmic Prompting and Visual Question Answering: These methods improved multi-step reasoning and complex question answering capabilities.

• Route Suggestion Improvements and ML Efficiency: Google's AI significantly improved route suggestions and developed efficient machine learning models.

• Robotics and Quantum Computing: AI advancements in robotics and the demonstration of quantum error correction marked significant progress.

Responsible AI

Google emphasized responsible AI development, focusing on privacy, security, and ethical use. This included creating safer AI models and tools to identify AI-generated content.

Conclusion

Google's 2023 achievements in AI showcase a rapid evolution in technology, promising even more advancements and applications in the future.

AI in 2023: A Timeline of Innovation

2023 has been a hallmark year in the field of Artificial Intelligence (AI), marked by a series of revolutionary developments that have significantly advanced the technology landscape.

Key AI Milestones of the Year

• March: The year began with the launch of OpenAI's GPT-4, setting new standards in language model sophistication. Adobe also introduced Adobe Firefly, while Midjourney V5 revealed advancements in journey simulation.

• April: Elon Musk's XAI captured public attention, and Meta released BabyAGI and a 'Segment anything' model, indicating strides towards autonomous AI systems. Pika, a mysterious yet promising tool, was also unveiled.

• May: Meta's Codec Avatars and Direct Preference Optimization technology marked a shift towards personalized AI experiences.

• June: Apple Vision Pro and Runway Gen-2 expanded AI's role in visual computing.

• July: Meta's Llama 2 and Stack Overflow's AI for Developers demonstrated AI's integration in software development.

• September: HeyGen's The Decoder and OpenAI's DALL-E 3 were released, followed by Microsoft’s EvoDiff and Stability AI's text-to-audio generation tool.

• October: Shutterstock incorporated an AI Image-Generating Tool, and Zephyr introduced Direct Distillation of LM Alignment.

• November: OpenAI launched GPT Store and Copyright Shield, Elon Musk revealed AI Chatbot "Grok," and Kai-Fu Lee introduced 01.AI - Y-34B llm. Stability AI also open-sourced its large language models.

• December: The year ended with Google's Gemini, pointing to the future of AI in search and web services, and Mistral's Mixstral.

The Bigger Picture

These milestones not only reflect a year rich in AI advancements but also lay the groundwork for a future brimming with technological innovation and potential.