You cut off the second part of that sentence. The scam isn’t doing the work from a different location, the scam is that they’re using the money to fund North Korea. This isn’t “Kim gets a job online” it’s “Kim is a state actor that is a security risk at any moment and meanwhile causing KnowBe4 to send money to a sanctioned country.”
The register providing contrast to the AWS infrastructure build out:
The Register is aware of government agencies building on-prem private clouds – sometimes on open source platforms – so they can scour code to soothe their security worries.
That’s just a local data center, guys. Like how everything was done before “the cloud” became a buzzword.
Citing an internal investigation, the Chinese ByteDance-owned app said its systems correctly identified the breach, but the ads were approved due to “human error” by a moderator.
This makes it so much worse. If it were “our algorithms didn’t catch it” that’d be one thing, but “our algorithms caught it but we ran them anyway” reeks of malice.
There’s a great Veritasium video recently about this exact thing: https://youtu.be/d6iQrh2TK98
It’s a human thing, though. This is just more evidence of LLM’s problem with garbage in, garbage out: it’s human biases being present in a system that people want to claim doesn’t have them.
Yeah, it just replaces the cert files and reload/restarts nginx for me. I don’t want it anywhere near my config files.
Microsoft has been trying to be more proactive about this: they changed all their documentation to say Entra ID instead of Azure Active Directory…before actually changing Azure AD to be called Entra ID…
Part 1
Part 2