A heads up! Privacy Foundation Seminar – October 28th – 10:00 AM to 1:00 PM
Legal Ethical and Privacy Issues in AI Contracting.
I must discuss this with my Computer Security students. Their career path is getting riskier. What happens when a DA asks for information on a breach that didn’t happen?
Guilty verdict in the Uber breach case makes personal liability real for CISOs
The conviction of Uber's former CSO could change the roles of top security leaders and raises the level of personal risk in the wake of a breach.
Yesterday, a federal jury handed down a guilty verdict to Joe Sullivan, the former CSO on charges of “obstruction of the proceedings of the Federal Trade Commission and misprision of felony in connection with the attempted cover-up of a 2016 hack at Uber” according to a notice published by the Department of Justice (DOJ).
(Related)
https://www.databreaches.net/covering-up-cyber-breaches/
Covering Up Cyber Breaches
I was researching something and stumbled across a post in r/sysadmin on Reddit that begins:
I wanted to make this post for a few months now because I know we all have horror stories on this topic. It seems the only way to stop this is to make sure more IT admins are aware of their reporting requirements in regulated industry or nonregulated areas make sure they a transparent procedure for notifying customers.
It seems companies and tech vendors are being attacked with increased sophistication and they are covering up or downplaying security breaches with hippo sized lies with increased frequency. Its an open secret amongst IT admins and security professionals but definitely one of the ugliest things we have to deal with. I am currently in the midst of a very nasty Hospital provider client separation because they have been trying to avoid reporting a HIPAA breach with numerous excuses that had no merit.
Read more of the post and the replies to it on Reddit.
Would this be an acceptable time to point out that HHS was sent a formal whistleblower complaint in 2018 about a coverup that occurred in 2016 and they still have not closed the complaint with any enforcement action? How can they not impose a severe monetary penalty on a medical practice that knew it was hacked, saw evidence that the hacker had exfiltrated patient data, and told the police that they were the victims of a hack and extortion attempt — but never told the patients? The only reason the patients were ever told anything — years later — was because the hacker told DataBreaches the story of the hack and provided this site with all of the patients’ information!
The Reddit post shows that the problem of coverups is well-known and continuing. Well, why shouldn’t it continue if HHS never takes stern action when it is aware of a coverup?
Where do we draw the line? Someone will cross it sometime, probably sooner rather than later. Would NATO be obligated to respond in kind?
https://www.databreaches.net/albania-weighed-invoking-natos-article-5-over-iranian-cyberattack/
Albania weighed invoking NATO’s Article 5 over Iranian cyberattack
Maggie Miller reports:
Albania was hit by cyberattacks earlier this year so debilitating that the government considered invoking a NATO declaration that could have pulled all member states into confrontation with Iran, Prime Minister Edi Rama said.
It would have been the first time a NATO member state used a cyberattack to invoke Article Five — which treats an attack against one member as an “attack against them all,” requiring collective defense.
Read more at Politico.
Make the time
https://aleteia.org/2022/10/07/are-we-all-in-danger-from-ai/
Are we all in danger from AI?
… Understanding AI, and especially delving into anthropological questions related to this ongoing transformation, is the goal of “Masterclass Homo Roboticus for Global Leaders,” a free international online event to be held on October 21, 2022 (10am – 1pm EST, 2pm – 5pm GMT) at the initiative of the Vatican Dicastery for Culture and Education (formerly the Pontifical Council for Culture) and the CTN Foundation.
Among the keynote speakers will be Jesuit astronomer and director of the Vatican Observatory, Brother Guy Consolmagno, who recorded a video in preparation for the event in which he answers the question, “Should we be afraid of AI?”
Another distortion of reality. Should we assume everything is fake until proven real? How do we prove “real?”
Mindboggling AI Program Allows You to ‘Fly’ Into a Landscape Photograph
In a new paper entitled InfiniteNature-Zero, the researchers take a landscape photo and then use AI to “fly” into it like a bird, with clever software generating a fake landscape thanks to machine learning.
Tools & Techniques. (The RSS guide is worth the read!)
https://www.bespacific.com/5-of-the-best-solutions-for-monitoring-website-changes/
5 of the Best Solutions for Monitoring Website Changes
maketecheasier: “One of the quickest ways to check a website for new updates is to add the site to your favorite RSS reader and let the tool notify you of any new content. However, an RSS reader can only check for updates within the confines of RSS-formatted code. This limitation means RSS readers won’t work on any static webpages or dynamic websites without RSS components. Fortunately, you can use third-party tools to monitor website changes and receive notifications for any new changes. A website monitor can be an automated solution to regularly checking a product listing for price changes. If you are monitoring an Amazon product, you can use these extensions instead, but thanks to website monitors, you won’t have to wait for a developer to make an extension for a specific online marketplace just for price tracking. Website monitors may also eliminate the need for subscribing to email newsletters. For instance, if you want to figure out whether an updated version of a software or game is out, you can set the monitor to track changes in the version number of the change log…”
See also Via LLRX – What is RSS and How to Use it Effectively – This guide by Pete Weiss – expert listserv manager, communication device integrator, and newswire publisher/editor – and author of Pete Recommends – Weekly highlights on cybersecurity issues – provides researchers with an overview of why you should use RSS, along with step by step examples of how to implement this application which should be part of your knowledge gathering and current awareness toolkit.
Learn to delegate!
https://dilbert.com/strip/2022-10-06
Tools & Techniques.
https://www.makeuseof.com/best-3d-scanning-apps-iphone/
The 5 Best 3D Scanning Apps for iPhone
3D scanners capture a 3D object or scene, and then the scanned information is converted into a digital model. Most 3D scanning applications make use of a smartphone or tablet camera to capture 3D data. The camera takes multiple pictures of an object from different angles, and the app processes them to create a 3D model.
Many such 3D scanning apps are available for the iPhone, but not all are created equal. Here we’ll take a look at five of the best.
No comments:
Post a Comment