Arizona Woman Running a Laptop Farm for North Korean IT Workers

 

Going digital is changing -almost- everything, and that's mostly a good thing. But it also means that it brings new dangers to our lives. One area we really need to look at is how we hire people. The old ways of doing things might not be safe anymore in this digital world. We have to think about these new risks and find ways to protect ourselves. Otherwise, we're going to keep seeing stories like the one about the woman in Arizona. She set up a whole system to create fake online workers, a "laptop farm" as they called it. She made a ton of money, over $17 million, by pretending these fake workers were real people working in the US. And, unbelievably, some of that money ended up going to North Korea. This kind of thing shows us just how important it is to update how we hire people. We need to find ways to make sure we're hiring real people and not falling for these kinds of scams. If we don't change how we do things, these problems are just going to get worse.

https://bit.ly/3CWVuin

Headlines:

"An Arizona woman who created 'laptop farm' in her home to help fake IT workers pose as US-based employees has pleaded guilty in a scheme that generated over $17 million for herself... and North Korea."

"According to court documents, Chapman ran a laptop farm out of her home from October 2020 to October 2023. During this time she hosted computers for overseas IT workers — who were posing as American citizens and residents — to ensure the devices had local IP addresses, making them appear to be in the US."

"Those who successfully obtained employment as part of the scam then received payroll checks at Chapman's home with direct deposits sent to her US bank accounts before ultimately being laundered and funneled to North Korea, and then potentially contributing to the DPRK's weapons programs, the court document says."

"Some of the overseas workers were hired at Fortune 500 companies, including a top-five television network, a premier Silicon Valley technology company, an aerospace and defense manufacturer, an American car manufacturer, a luxury retail chain, and a US-hallmark media and entertainment company."

"In total, more than 300 US companies were scammed,..."

Chinese AI DeepSeek Database Is Exposed

A Chinese company DeepSeek AI Database is exposed recently and over 1 million log lines and secret keys are leaked.

Choose your AI wisely. Choose your software wisely. Cheap software might end up costing you far more in the long run. While no choice is entirely risk-free, it's best to use software from countries that uphold strong democratic values, justice, and human rights. Your data is being collected and sold to third parties. This is almost unavoidable. If it must happen, it's (relatively) safer in the hands of democratic countries. (Consider it the lesser of two evils.)

https://bit.ly/4hmIqBQ

[Headlines]

"Buzzy Chinese artificial intelligence (AI) startup DeepSeek, which has had a meteoric rise in popularity in recent days, left one of its databases exposed on the internet, which could have allowed malicious actors to gain access to sensitive data.

The ClickHouse database 'allows full control over database operations, including the ability to access internal data,' Wiz security researcher Gal Nagli said.

The exposure also includes more than a million lines of log streams containing chat history, secret keys, backend details, and other highly sensitive information, such as API Secrets and operational metadata. DeepSeek has since plugged the security hole following attempts by the cloud security firm to contact them.

The database, hosted at oauth2callback.deepseek[.]com:9000 and dev.deepseek[.]com:9000, is said to have enabled unauthorized access to a wide range of information. The exposure, Wiz noted, allowed for complete database control and potential privilege escalation within the DeepSeek environment without requiring any authentication."

"Furthermore, DeepSeek's apps became unavailable in Italy shortly after the country's data protection regulator, the Garante, requested information about its data handling practices and where it obtained its training data..."

"Bloomberg, Financial Times, and The Wall Street Journal have also reported that both OpenAI and Microsoft are probing whether DeepSeek used OpenAI's application programming interface (API) without permission to train its own models on the output of OpenAI's systems, an approach referred to as distillation."

50,000 Fortinet Firewalls Vulnerable to Zero-day

Everybody agrees that the organizations have to have a vulnerability management system but is that enough? Well... NO! Having a vulnerability management system without a robust patch management means to sit back and wait for the attackers compromise your systems. It will only increase your headache and pain. (Remember: Ignorance is bliss 😜 )

A zero-day exploit for Fortinet firewalls was announced in mid-January this year (2025) but it seems that too many firewall administrators are still not aware of this threat. Approximately 50,000 Fortinet boxes on the world are still exposed to that zero-day exploit. (CVE-2024-55591) (According to the reports of Shadowserver: https://bit.ly/42wNjDI)

Nearly 50,000 Fortinet firewalls remain vulnerable to a zero-day exploit (CVE-2024-55591) discovered in mid-January 2025, according to Shadowserver (https://bit.ly/42wNjDI).

While vulnerability management is essential for identifying weaknesses, it's only half the battle. Without a patch management system to deploy timely fixes, these vulnerabilities become open invitations for attackers.

If you don't want to see your organization on the internet hacker news the next day then DO have a robust vulnerability AND patch management system.

https://bit.ly/42utKMl

"Data from the Shadowserver Foundation shows 48,457 Fortinet boxes are still publicly exposed and haven't had the patch for CVE-2024-55591 applied, despite stark warnings issued over the past seven days."

"Fortinet offered some relief, however, stating that if the usual security best practices have been followed since then, the risk of compromise is small. Devices purchased after December 2022 are all also unaffected."

UN Aviation Agency ICAO Confirms Recruitment Database Security Breach

Hackers target a broad spectrum of organizations for their attacks, from telecom companies to hospitals. Their victim was United Nations this time.

Approximately, 42,000 records were stolen from the database of the United Nations' International Civil Aviation Organization (ICAO).

https://bit.ly/3PBiOVx

"The United Nations' International Civil Aviation Organization (ICAO) has confirmed that a threat actor has stolen approximately 42,000 records after hacking into its recruitment database."

"According to Natohub's claims, the allegedly stolen documents contain names, dates of birth, addresses, phone numbers, email addresses, and education and employment information.

Another threat actor said the leaked archive contains 2GB of files with information on 57,240 unique emails."

"'The compromised data includes recruitment-related information that applicants entered into our system, such as names, email addresses, dates of birth, and employment history. The affected data does not include financial information, passwords, passport details, or any documents uploaded by applicants,' ICAO said."

"Threat actors also hacked UN networks in Vienna and Geneva in July 2019 using a Sharepoint exploit, gaining access to staff records, health insurance, and commercial contract data."

Apple to Pay Siri Users in Settlement Over Accidental Siri Privacy Violations

A: Does your mobile phone company listen to your private conversations?

B: Yes

A: Does your mobile phone company save your private conversations?

B: For sure.

A: Does your mobile phone company sell your private conversations to 3rd parties?

B: No doubt on that.

You think that I exaggerated it a little? Absolutely not. These are no allegations but the unfortunate truth on today's world. Most of us had the following conversation for sure at least once:

"I was talking about [cats] and [my phone/my app/my search engine] showed me [cat] products in its advertisements." (Which is exactly true.)

Apple recently agreed to pay $95 million to resolve a lawsuit. The lawsuit claimed that Apple's Siri assistant, which is activated by voice, SECRETLY RECORDED and SHARED users' private conversations.

After these things were discovered, Apple said they were sorry for not meeting their own high(?) standards. They also said they will delete any recordings that accidentally started Siri. (Oh, thank you for that.)

https://bit.ly/3WaISua

"Apple has agreed to pay $95 million to settle a proposed class action lawsuit that accused the iPhone maker of invading users' privacy using its voice-activated Siri assistant."

"The lawsuit was brought against Apple following a 2019 report from The Guardian that disclosed that third-party contractors were listening in on private conversations of its users issuing voice commands to Siri as part of its efforts to improve the quality of its product."

"Following the revelations, Apple apologized for not "fully living up to our high ideals" and subsequently introduced an opt-in to help Siri improve by learning from the audio samples of their requests. It also said it will remove any recording that's determined to be an inadvertent trigger of Siri."

"Google, which has also faced accusations with its voice assistant back in 2019, is battling a similar lawsuit in the U.S. District Court."