CyberWire Daily - The takedown of a ransomware ringleader.
Episode Date: May 8, 2024International law enforcement put a leash on a LockBit leader. Updates from RSA Conference, including our Man on the Street Rob Boyce, Managing Director at Accenture. TikTok sues the U.S. government. ...The Commerce Department restricts chip sales to Huawei. A third-party breach exposes payroll records of Britain’s armed forces. BogusBazaar operates over 75,000 fake webshops. Android security updates address 26 vulnerabilities. A Philadelphia real estate investment trust gets hit with ransomware. BetterHelp will pay $7.8 million to settle FTC charges of health data misuse. On the Learning Layer, Sam and Joe dive into CISSP Domain 4, Communication and Network Security, and discuss networking, the OSI model, and firewalls. AI steals the Met Gala spotlight. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Rob Boyce, Managing Director at Accenture is our Man on the Street today. Rob stops by to share his thoughts on the 2024 RSA Conference. Learning Layer On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey using N2K’s comprehensive CISSP training course, CISSP practice test, and CISSP practice labs. Sam and Joe dive into CISSP Domain 4, Communication and Network Security, and discuss networking, the OSI model, and firewalls, which includes: 4.1 Assess and implement secure design principles in network architectures 4.2 Secure network components 4.3 Implement secure communication channels according to design Selected Reading International law enforcement put a leash on a LockBit leader. Updates from RSA Conference, including our Man on the Street Rob Boyce, Managing Director at Accenture. TikTok sues the U.S. government. The Commerce Department restricts chip sales to Huawei. A third-party breach exposes payroll records of Britain’s armed forces. BogusBazaar operates over 75,000 fake webshops. Android security updates address 26 vulnerabilities. A Philadelphia real estate investment trust gets hit with ransomware. BetterHelp will pay $7.8 million to settle FTC charges of health data misuse. On the Learning Layer, Sam and Joe dive into CISSP Domain 4, Communication and Network Security, and discuss networking, the OSI model, and firewalls. AI steals the Met Gala spotlight. Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K. of you, I was concerned about my data being sold by data brokers. So I decided to try Delete.me.
I have to say, Delete.me is a game changer. Within days of signing up, they started removing my
personal information from hundreds of data brokers. I finally have peace of mind knowing
my data privacy is protected. Delete.me's team does all the work for you with detailed reports
so you know exactly what's been done. Take control of your data and keep your private life Thank you. JoinDeleteMe.com slash N2K and use promo code N2K at checkout.
The only way to get 20% off is to go to JoinDeleteMe.com slash N2K and enter code N2K at checkout.
That's JoinDeleteMe.com slash N2K, code N2K. Thank you. Accenture. TikTok sues the U.S. government. The Commerce Department restricts chip sales to Huawei.
A third-party breach exposes payroll records of Britain's armed forces. Bogus Bazaar operates
over 75,000 fake web shops. Android security updates address 26 vulnerabilities. A Philadelphia
real estate investment trust gets hit with ransomware. BetterHelp will pay $7.8 million
to settle FTC charges of health data misuse. On the learning layer, Sam and Joe dive into the CISSP
domain for communication and network security and discuss networking the OSI model and firewalls.
And AI steals the Met Gala spotlight.
It's Wednesday, May 8th, 2024.
I'm Dave Bittner, and this is your CyberWire Intel Briefing. Thank you for once again joining us here today.
It is great to have you with us.
Britain, the United States, and Australia
have taken significant legal action against Dmitry Koroshev, identifying him as a senior leader of the notorious cybercrime organization LockBit.
The coordinated sanctions involve asset freezes and travel bans, effectively isolating Koroshev from global financial systems and restricting his international movement.
systems and restricting his international movement. LockBit, the ransomware group he leads,
has been responsible for extorting over $1 billion from victims across the world through digital means. LockBit's operations were notably disrupted in February by an unprecedented
international law enforcement campaign. Agencies involved included the NCA, U.S. Department of Justice, the FBI, and Europol.
During this operation, LockBit's dark web site was seized and used as a platform by police
to leak sensitive information about the group and its members.
Furthermore, the U.S. has charged two Russian nationals linked to deploying LockBit ransomware against various targets globally,
and these individuals were also sanctioned by the U.S. Treasury.
Before law enforcement seized control, LockBit's website displayed a gallery of victim organizations
with digital timers indicating the deadline for ransom payments.
International law enforcement has utilized the hijacked LockBit platform
to further expose Koroshev, including publishing a wanted poster
and offering a $10 million reward for information leading to his capture.
A 26-count indictment in the U.S. unsealed on Tuesday
revealed that Koroshev personally received at least $100 million
in Bitcoin payments related to LockBit's criminal activities.
Returning to our coverage of this week's RSA conference in San Francisco,
yesterday the U.S. State Department's Chief Information Officer Kelly Fletcher
revealed the department is diversifying its security vendors beyond Microsoft. This is in
response to last year's China-linked hack compromising 60,000 emails, including those
of Commerce Secretary Gina Raimondo. The incident sparked widespread criticism of Microsoft's
transparency and security practices. Fletcher emphasized the need for secure vendor networks,
not just secure software,
and noted the State Department now relies on multiple vendors,
including Palo Alto Networks, Zscaler, and Cisco,
and has bolstered security measures like multi-factor authentication
and wider data encryption.
Microsoft's role remains crucial,
but Fletcher insists on a secure
corporate network across all vendors. Elsewhere at the conference, Homeland Security Secretary
Alejandro Mayorkas announced the first meeting of the Artificial Intelligence Safety and Security
Board, a new initiative aimed at managing AI's deployment and safeguarding against its risks.
aimed at managing AI's deployment and safeguarding against its risks.
During a keynote, he discussed the board's focus on AI's impact on critical infrastructure security and its civil rights implications, particularly the risk of perpetuating bias.
The board, comprised of AI leaders, government officials, and tech giants,
will meet quarterly to address AI use within Homeland Security,
which spans from managing disaster relief to training refugee caseworkers.
The department is also enhancing its AI workforce, having received over 3,000 applications for AI-related roles
and is coordinating internationally on AI defense strategies.
We have more insights from RSA Conference
later in the show from our partner and a man on the street, Rob Boyce from Accenture.
TikTok is suing the U.S. government to block the enforcement of a recent bill
that mandates the app's Chinese owner, ByteDance, either sell TikTok or face a ban.
Filed in the D.C. Circuit Court of Appeals,
the lawsuit argues that the Protecting Americans from Foreign Adversary Controlled Applications Act
infringes on free speech rights under the First Amendment by unfairly targeting TikTok as a unique
speech platform. TikTok contends that the law, which also allows for the potential ban of other platforms on national security grounds,
is an unprecedented and discriminatory action lacking sufficient justification.
The company emphasizes that the stipulated divestiture option within 270 days is not feasible,
challenging the law's legitimacy and its alignment with constitutional rights.
challenging the law's legitimacy and its alignment with constitutional rights.
The U.S. Commerce Department has tightened restrictions on Huawei technologies,
revoking previous allowances for U.S. chip sales to the Chinese tech giant.
This decision, impacting companies like Intel and Qualcomm,
prevents them from supplying chips for Huawei's smartphones and laptops.
The new export curbs were triggered by Huawei's recent product announcements involving U.S.
technology, intensifying scrutiny of the firm amid ongoing U.S.-China tensions.
Concurrently, the U.S. is bolstering domestic and allied capabilities to compete with Huawei, with the NTIA announcing $420 million in grants for developing alternative network gear and the FCC preparing to vote on barring Huawei
from certifying wireless equipment in the U.S. The shift continues policies aimed at curtailing
Huawei, which has been a central figure in U.S. national security concerns
due to fears of Chinese espionage, despite Huawei's denials of any espionage activities.
A security breach at a third-party contractor has exposed around 270,000 payroll records of
nearly all members of Britain's armed forces. The compromised data includes sensitive information
like names and bank details.
UK's defense secretary indicated the breach
might be the work of a state-backed actor
with suspicions pointing toward China,
although this has not been conclusively proven.
The situation has led to criticism
of the government's strategy toward China
and calls for a full review of the contractor, SSCL.
No data theft has been confirmed and measures are being taken to monitor for potential misuse of the exposed data.
Security research labs have published a report describing a criminal network named Bogus Bazaar,
a report describing a criminal network named Bogus Bazaar, which operates over 75,000 fake web shops that have processed over a million orders totaling more than $50 million in the
last three years. These shops, often leveraging expired domains with strong Google reputations,
mainly target Western European and U.S. customers, offering counterfeit or non-existent products while harvesting credit card details.
The network uses sophisticated infrastructure and a franchise model
with significant operations based in China, but servers predominantly in the U.S.
Some fraudulent shops have been taken down following the research exposure.
shops have been taken down following the research exposure.
Google has released a comprehensive Android security update to address 26 vulnerabilities,
including a critical flaw in the System component that allows local privilege escalation on Android 14 devices. The updates, split into two parts, fix issues across multiple components, including the framework, system,
kernel, and chipset-specific vulnerabilities from ARM, MediaTek, and Qualcomm. Additionally,
Google updated Pixel devices and Wear OS, addressing further vulnerabilities,
with no current evidence of these vulnerabilities being exploited in the wild.
evidence of these vulnerabilities being exploited in the wild.
Philadelphia-based Brandywine Realty Trust reported a ransomware attack on May 1,
disrupting certain business applications, including financial systems.
The attack, detailed in an SEC filing, involved unauthorized access and encryption of files on the company's corporate systems. Brandywine has contained the
incident, started system restoration, and engaged with cybersecurity experts and law enforcement.
Although some files were stolen, the real estate operations remain unaffected,
and the company does not anticipate a significant financial impact.
a significant financial impact. BetterHelp will pay $7.8 million to settle FTC charges alleging misuse of consumer health data for advertising. The online therapy service shared sensitive data,
including health questionnaire responses, with platforms like Facebook and Snapchat to target
potential customers. This practice, conducted
without user consent, reportedly boosted its client base and revenue significantly. Approximately
800,000 users who paid for services between August 2017 and December 2020 are eligible for
refunds with a June 10, 2024 deadline to select a payment method.
Coming up after the break, Rob Boyce, Managing Director at Accenture, checks in from the RSA
Conference. And on The Learning Layer, Sam and Joe dive into CISSP Domain 4.
Stay with us. Too sweaty. We could go skating. Too icy. We could book a vacation. Like somewhere hot.
Yeah, with pools.
And a spa.
And endless snacks.
Yes! Yes! Yes!
With savings of up to 40% on Transat South packages, it's easy to say, so long to winter.
Visit Transat.com or contact your Marlin travel professional for details.
Conditions apply.
Air Transat. Travel moves us.
Do you know the status of your compliance controls right now?
Like, right now.
We know that real-time visibility is critical for security, but when it comes to our GRC programs, we rely on point-in-time checks.
But get this.
More than 8,000 companies like Atlassian and Quora
have continuous visibility into their controls with Vanta.
Here's the gist.
Vanta brings automation to evidence collection across 30 frameworks,
like SOC 2 and ISO 27001.
They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done five times faster with AI.
Now that's a new way to GRC.
Get $1,000 off Vanta when you go to vanta.com slash cyber.
That's vanta.com slash cyber for $1,000 off. cybercriminals to bypass your company's defenses is by targeting your executives and their families
at home. Black Cloak's award-winning digital executive protection platform secures their
personal devices, home networks, and connected lives. Because when executives are compromised
at home, your company is at risk. In fact, over one-third of new members discover they've already
been breached. Protect your executives and their families 24-7, 365 with Black Cloak.
Learn more at blackcloak.io.
In our latest Learning Layers segment, we continue Joe Kerrigan's journey to prepare for his CISSP exam.
This time, Sam and Joe dive into CISSP Domain 4. Welcome back to the Learning Layer segment.
On this segment, we are continuing to follow Joe Kerrigan
as he gets ready for his CISSP.
Today, we're going to talk about his studies in Domain 4.
So, Joe, you're basically halfway there.
Halfway there now.
Halfway there.
How did Domain 4 go?
Domain 4 was good.
A lot of information in Domain 4.
Oh, yeah.
It's a big one.
But it's not all foreign to me.
Sure.
I started off in the tech world as a help desk network administrator.
So I'm pretty good with communications and networks.
So I get it.
And being in security for as long as I have been,
one of the key things I understand is that every time there's any kind of interface
between two different things,
it doesn't matter what they are, that is part of the attack surface.
So when you start looking at things like these layering models for networking,
even the spaces between those different layers of the model is an opportunity
to insert yourself as a malicious actor. So actually, if you don't mind, we can go down
that rabbit hole talking about those models, because I think those are some of the common
areas that a lot of students struggle with when they're actually studying. So what's your strategy
for memorizing the layers of the OSI model, for example?
Actually, this was not a problem.
Okay.
Because at my first job,
somebody gave me a mnemonic.
Okay.
And I could still see the guy's name.
His name was Scott.
And this is how good,
I can remember who told me this.
Thank you, Scott.
This is for you, Scott.
Right.
It was, please do not throw sausage pizza away.
Nice.
And that's from layer one all the way up to layer seven.
Yep.
Right.
So that's a physical data link network transport session presentation application.
And I have known that for 20 some years.
Wow.
Because of Scott.
There you go. Thank you. Thank you, Scott. My first job in of Scott. There you go.
Thank you, Scott.
My first job in the field.
That's awesome.
And for those of you who think top-down,
I have one,
which is all people should take notes during physics.
Ah.
And look, it's a podcast about learning.
We got to talk about taking notes, right?
Yeah.
All people should take notes during physics.
Yeah.
Okay.
Is that right?
Yeah, that's right.
Have you heard my mnemonic for the Great Lakes?
No.
It's Lisa likes licking lettuce lightly for Lake Superior, Lake Huron, Lake Michigan,
Lake Erie, and Lake Ontario.
I got it.
In 20 years, I won't forget that.
So, but you know what's interesting about this exam is knowing the layer and the name is not enough, right?
So, that's what makes this test hard.
You got to apply the information.
So, for example, on CC,
they might ask you,
what is layer two?
Right.
Or like, what layer
does this protocol operate at?
That's just like a flashcard question, right?
Yep.
The CSSP is different and unique
in that they're going to ask you
to apply the information.
So Joe, let's do this in real time.
Okay.
Here's a common
CSSP type question.
At what layer
does a
stateful firewall operate at?
Okay, so
let's see. The stateful
firewall...
So, what's interesting
is you have to know
like three things to get that question right, right?
You got to know what a stateful firewall is.
You have to know what the OSI levels are.
And you have to kind of make connections
across all the different firewalls.
So, a packet filtering firewall
is that one that's at layer three, right?
Because all it does is it looks at the source IP and says,
like, that's the rule list, right?
That's it.
Are you on the list or not?
Very simple, very basic, not smart.
You can think of a packet filtering firewall as in Linux.
Well, actually was.
It's not on Linux.
I'm sorry.
It's on OpenBSD.
PF, packet filtering firewall.
There you go.
And then the step up from that is a stateful firewall,
which is a little bit smarter
because it can track the state of the connection.
And what are we talking about
when we talk about the state of connection?
The TCP, right?
The way handshake state, right?
Whether it's been secured and connected.
So, for example, let me ask you another follow-up question, Joe.
connected. So, for example, let me ask you another follow-up question, Joe. When a TCP connection has not been fully connected, and it's a half of a connection, we call it, what type of attack
could that indicate? You could be suffering a SYN flood attack. There you go. So, a stateful
firewall can look at that and say, this is a suspicious, unusual connection.
There's a lot of them. I'm going to block this type of traffic. So that's what it does. Now,
my next question is, at what layer does the TCP and UDP protocols operate at?
They're on the transport layer. Which is layer four. Which is layer four, correct. Yeah, I could do the,
please do not throat death, four.
Right.
Right.
I would argue the most true answer is four.
Because that's where all of that,
like connection and state connection analysis is happening.
Right.
And then the last thing,
just to bring this firewall discussion home,
what is it about firewalls at layer seven?
Like, what's happening at that layer
that makes them unique from some of the other ones that are lower?
They're actually digging into the packet,
into the contents of the packets.
So they're actually looking if there are
maybe indicators of compromise in the packets.
Some of these may actually have certificates
on the inside of the firewall
that allow them to decrypt the HTTPS traffic
or any of the other encrypted traffic
so that they are trusted by the devices inside.
And the devices inside encrypt the traffic for the firewall,
which then decrypts it and re-encrypts it for the internet.
And that way they can do the application inspection.
The problem with that, though,
is that it's very time-consuming and processor-intensive.
So they're not the fastest of things,
but they can provide you better insight
than the other two lower-layer firewalls.
Yep, it's always that trade-off, right?
Performance for speed.
I mean, like Palo Alto Networks would argue
there is no trade-off,
but in the CSSP exam world,
you know, the test makers are very clear
that there is a trade-off, you know,
and if you needed to pick, you know,
the most expensive one
or the one that's going to use the most resources,
we're typically talking about the ones that operate higher
in the stack, especially at Layer 7.
Yep.
Joe, seems like you are really good
and you're able to wrap your head around
some of these technical concepts.
So I look forward to what happens in the next domain.
We talked a little bit more about, you know,
identity access management, a little more abstract,
a bit more conceptual.
I got to get to the midterm first.
That's right.
That's right.
And we'll talk about the midterm next time on Learning Layer.
So Joe, keep up the good work.
You are halfway there. That's N2K Cyber Wire's Sam Meisenberg,
joined by my Hacking Humans co-host Joe Kerrigan
from the Johns Hopkins University Information Security Institute.
It is always my pleasure to welcome back to the show, Rob Boyce. He is the global lead for cyber resilience at Accenture Security. Rob, great to have you back.
Thanks, Dave. It's always a pleasure to be here.
So it is that time of year again.
You are on site at RSA Conference 2024.
What are your impressions so far?
Yeah, it's one of those events that we always look forward to as a security practitioner
because this is where we get to meet our colleagues at least once a year.
So it's great to be back.
It's very energizing.
I'll tell you, this year, a few things stand out to me.
First, it is very well attended.
I was a little skeptical, to be honest,
on how many people would be coming this year,
but the city is abuzz with security professionals.
So it's been really nice to see everyone.
The theme this year, which I thought was really interesting,
is the art of the possible.
And I feel like, you know,
we've lived through in the last year
so many, you know,
so many trials of, you know,
just combating the threat actors.
And I really do feel like
this is an opportunity for us to reflect
and think about how we could be changing,
you know, how we're really approaching
this problem of security.
So I love the theme around the art of the possible. I think it's really appropriate for this year.
You know, a couple of the things that are really standing out to me is this probably comes as no
surprise. Generative AI is a hot topic on the list of things. And there's a few other emerging
technologies that are also becoming, you know, pretty prevalent, I would say, in discussions, most notably probably quantum being the other big one that we're seeing a lot of for sure.
Can we dig into each of those?
I mean, I think generative AI is at the point of cliche already.
So how do you suppose companies who are out there selling this as something they're
offering, how do they break through that kind of skeptical noise that's surrounding that these days?
That's a great question. It's something I've been asking myself as well. I think generative AI
really made us pay attention again to the AI hype cycle because it was so tangible. It made it so
real for people as they were using things like chat GPT. And I think we are still struggling to see big organizations go from experimentation
to adoption of Gen AI in a lot of different use cases. So I do think there's going to be a little
bit more time required for us to see full adoption of generative AI. But I'll tell you, the fact that
we're getting ahead of this,
which I do feel like we are getting a little bit ahead of it, is really great because we found that a lot of times we have always been catching up to the technology. And this time, we're predicting
the technology and we're actually thinking about how do we apply security to that technology in a
meaningful way, whether it's secure by design, which is another great topic we should talk about
shortly, being released from CISA this week.
But creating the right foundation for organizations to be able to use generative AI.
I think that's going to be really, really important.
And even a lot of guest speakers this year, I think we had Bruce Schneider was talking about AI.
We had Chris Krebs talking about AI.
I think even the Secretary of State,
Lincoln, was talking a little bit about AI in his keynote yesterday. So, there was just so many
prominent figures now just talking about the risks that we need to be thinking about.
And it's really, if you think about it, it's really not like us to be thinking about the
risks ahead of the technology. So, it is nice to see that, whether it's still a little bit,
you know, intangible
as far as adoption goes. Well, how about quantum? What's the approach you're seeing
people taking with that? Yeah, quantum affects really just a much smaller population than
generative AI. So quantum really, governments and financial institutions are the ones that
are really focusing on how quantum could potentially impact them because they're the ones who are really thinking through the potential implications
of the cryptographic implications of quantum computing. So I would say we're just seeing a
little bit of a slower uptick there. It's still a lot of talking about the theory that's going to be
required, the risks that are coming, of course. And again, starting to think about how to get ahead of it a little bit
on what are the right protections or considerations
we have to think about as quantum computing
becomes more mainstream and more available
to the average person or the average threat actor,
I guess, in this case.
You mentioned some announcements coming from CISA.
Yeah, this is a really exciting one.
So again, I think when we spoke at Black Hat last
year, I think I mentioned to you that I was really surprised on how big the government showed up. And
I think they did the same thing here at RSA. It's actually very refreshing for me to see it because
we keep talking about the importance of collaboration between the private sector and the
public sector. And I really think we hadn't seen maybe the government step up like we wanted them
to. And now we are starting to see that. So I think that's really super interesting. I think the thing that most people are looking forward to from CISA this week is going to be the Secure by Design initiative that they're going to be really launching on pledge, I guess, committing to these seven best practices or six best practices that they've put out to really start making sure that people are creating products and creating solutions that are going to be more secure by design.
And how about for you and your colleagues from Accenture there?
I mean, what sort of things are you hoping to get out of this year's show?
to this year's show?
Yeah, I mean, for us,
we love seeing the new emerging technologies that are coming out
and seeing who's going to be,
you know, who do we think
that we place a bet on
of who's going to make a difference
in the ecosystem of security.
So that's always interesting.
And then for us,
we're even launching
a little bit of a special partnership
this year with Google and Mandiant,
which is going to be really exciting
and trying to change the landscape
of how we are going to be cooperating and collaborating to help organizations
in the midst of cyber events and making sure that, you know, that they have anything they need from,
you know, investigations to recovery to transformation. And I think that's going to be
really interesting for us to see how that unfolds as well.
Before I let you go, this is, of course,
an election year, a lot going on. What's your sense in terms of the overall tone here?
Yeah, well, it's not just an election year in the U.S. We have 60 global elections going on
this year. So it's a very big election year for the world. As far as elections, I guess,
and what we're seeing, I think the big thing for me is the concepts of this continual disinformation campaigns that we're seeing.
And we're seeing a lot of that activity globally, not even just focused in the U.S. at this moment.
I mean, it's quite global because of all of the other elections that are happening.
And we're seeing a huge uptick in things like deepfakes and misinformation.
in things like deep fakes and misinformation.
And it's going to be really interesting to see as we get on the other side of this year
and we look back on how much of the information
or how much of various influence campaigns
happened in various countries
influencing these different elections.
And we were able to see a little bit of that four years ago.
And now I think we're going to see it
even at a grander scale in the next year.
So I think it's going to be really interesting to see how all these new emerging technologies are going to help change the face of these different influence and disinformation campaigns.
Rob Boyce is global lead for cyber resilience at Accenture.
Rob, thanks so much for taking the time for us.
Of course, Dave. Anytime for you.
Cyber threats are evolving every second,
and staying ahead is more than just a challenge.
It's a necessity.
That's why we're thrilled to partner with ThreatLocker,
a cybersecurity solution trusted by businesses worldwide. ThreatLocker, a cybersecurity solution trusted by businesses worldwide.
ThreatLocker is a full suite of solutions designed to give you total control, stopping unauthorized applications, securing sensitive data, and ensuring your organization runs smoothly and securely.
Visit ThreatLocker.com today to see how a default-deny approach can keep your company safe and compliant.
And finally, our Fashion and Philanthropy Desk tells us that at this year's 2024 Met Gala,
generative AI stole the spotlight without even setting a foot on the red carpet.
Although they did not attend the lavish event,
online images of Katy Perry and Rihanna were virtually dressed up by AI,
in gowns so convincing that even Katy Perry's mom was duped.
Perry, known for her outlandish outfits, was seen in a cream-colored floral gown adorned with moss,
perfectly in tune with the gala's Garden of Time theme. The image was blurry enough to make even the paparazzi in the background look legit.
The image was blurry enough to make even the paparazzi in the background look legit.
Despite being flagged as fake, the AI-generated Perry caused quite a stir,
especially at the Perry household.
Katie took to Instagram to share the AI fashion faux pas alongside a screenshot of a text from her mom
who was dazzled by the rose parade-worthy dress,
exclaiming, didn't know you went to the Met.
Katie's response?
LOL, mom, the AI got you too. Beware.
This incident proves that while AI might not yet be invited to the Met Gala,
it's certainly crashing the party,
much to the amusement and confusion of celebrity moms everywhere.
And that's The Cyber Wire. For links to all of today's stories, check out our daily briefing
at thecyberwire.com. We'd love to know what you think of this podcast. Your feedback ensures we
deliver the insights
that keep you a step ahead
in the rapidly changing world of cybersecurity.
If you like our show,
please share a rating and review in your podcast app.
Please also fill out the survey in the show notes
or send an email to cyberwire at n2k.com.
We're privileged that N2K Cyber Wire
is part of the daily routine
of the most influential leaders and operators in the public and private sector,
from the Fortune 500 to many of the world's preeminent intelligence and law enforcement agencies.
N2K makes it easy for companies to optimize your biggest investment, your people.
We make you smarter about your teams while making your teams smarter.
Learn how at N2K.com.
This episode was produced by Liz Stokes. Thank you. and I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow. Thank you. AI and data products platform comes in. With Domo, you can channel AI and data into innovative uses that deliver measurable impact. Secure AI agents connect, prepare, and automate your data workflows,
helping you gain insights, receive alerts, and act with ease through guided apps tailored to your Data is hard. Domo is easy. Learn more at ai.domo.com. That's ai.domo.com.