Interesting argument. If your hacker is a foreign government (or their unacknowledged criminal allies) are you immune from security negligence claims?

https://www.theregister.com/2021/08/04/solarwinds_lawsuit_shareholders_motion_dismiss/

SolarWinds urges US judge to toss out crap infosec sueball: We got pwned by actual Russia, give us a break

SolarWinds is urging a US federal judge to throw out a lawsuit brought against it by aggrieved shareholders who say they were misled about its security posture in advance of the infamous Russian attack on the business.

Insisting that it was "the victim of the most sophisticated cyberattack in history" in a court filing, SolarWinds described a lawsuit from some of its smaller shareholders as an attempt to "convert this sophisticated cyber-crime" into an unrelated securities fraud court case.

"The Court should dismiss the Complaint because it fails to satisfy the heightened standards for pleading a Section 10(b) claim imposed by the Private Securities Litigation Reform Act," it said [PDF].

A podcast (and transcript) for once and future crooks.

https://www.trendmicro.com/en_us/ciso/21/h/cybercrime-today-and-the-future.html

Cybercrime: Today and the Future

Trend Micro Research experts Erin Sindelar and Rik Ferguson use current trends and data to paint a picture of cybercrime in 2021 and shine a light on what it could look like in 2030.

You have to have a child abuse photo to locate copies of that photo. It’s easy to see what the next (AI driven?) step must be.

https://9to5mac.com/2021/08/05/report-apple-photos-casm-content-scanning/

Report: Apple to announce client-side photo hashing system to detect child abuse images in user’s photos libraries

Apple is reportedly set to announce new photo identification features that will use hashing algorithms to match the content of photos in user’s photo libraries with known child abuse materials, such as child pornography.

Apple’s system will happen on the client — on the user’s device — in the name of privacy, so the iPhone would download a set of fingerprints representing illegal content and then check each photo in the user’s camera roll against that list. Presumably, any matches would then be reported for human review.

Another unhackable tool gets hacked?

https://gizmodo.com/master-face-researchers-say-theyve-found-a-wildly-succ-1847420710/amp

'Master Face': Researchers Say They've Found a Wildly Successful Bypass for Face Recognition Tech

In addition to helping police arrest the wrong person or monitor how often you visit the Gap, facial recognition is increasingly used by companies as a routine security procedure: it’s a way to unlock your phone or log into social media, for example. This practice comes with an exchange of privacy for the promise of comfort and security but, according to a recent study, that promise is basically bullshit.

… “Our results imply that face-based authentication is extremely vulnerable, even if there is no information on the target identity,” researchers write in their study. “In order to provide a more secure solution for face recognition systems, anti-spoofing methods are usually applied. Our method might be combined with additional existing methods to bypass such defenses,” they add.

According to the study, the vulnerability being exploited here is the fact that facial recognition systems use broad sets of markers to identify specific individuals. By creating facial templates that match many of those markers, a sort of omni-face can be created that is capable of fooling a high percentage of security systems. In essence, the attack is successful because it generates “faces that are similar to a large portion of the population.”

Another anti-manipulation law. When everything is flagged, we’ll only find unchanged images suspicious.

https://www.makeuseof.com/what-is-norway-photo-retouching-law/

What Is Norway's New Photo Retouching Law?

Norway issued a new law on retouching photos to improve mental health. Here's everything you need to know about the latest regulations.

The internet is full of models exhibiting their flawless and unrealistic bodies, which can exacerbate body insecurities.

In an attempt to mitigate these unrealistic beauty standards, Norway has passed a law requiring influencers and advertisers to label their retouched photos. We're going to be taking a look at what that law is, and how it affects you.

The new law passed by the Norwegian government requires influencers sponsored for social media posts and brands to disclose any modification on their photos using a ministry-approved label. Essentially, you'll now be told any time an image has been edited.

At first glance, rather vanilla.

https://www.meritalk.com/articles/dhs-st-releases-strategic-plan-for-ai-ml/

DHS S&T Releases Strategic Plan for AI & ML

The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) released an artificial intelligence (AI) and machine learning (ML) strategic plan that will look to outline the DHS approach to using these emerging technologies.

The plan has three goals: to “drive next-generation AI/ML technologies” for use across DHS, facilitate the use of AI and ML in the DHS missions, and build up an AI and ML workforce that is interdisciplinary.