This
is not elite hackers, this is the “B” team that is simply
repeating hacks that organizations know about but haven’t bothered
to fix yet.
https://www.cpomagazine.com/cyber-security/chinese-hackers-able-to-directly-exploit-major-telcos-via-routers-and-networking-equipment-largely-using-published-vulnerabilities/
Chinese
Hackers Able to Directly Exploit Major Telcos via Routers and
Networking Equipment, Largely Using Published Vulnerabilities
The
Cybersecurity and Infrastructure Security Agency (CISA) has published
an alarming warning indicating that state-backed Chinese hackers have
deep penetration into “major” US telcos, and are getting in by
compromising an assortment of networking equipment and routers.
The
report declined to name specific impacted telcos, but did indicate
that this is not a case of zero-day exploits or even any sort of
advanced tradecraft; the
Chinese hackers appear to be using published exploits on various
types of equipment that have simply not been patched or remediated.
(Related)
You will pay for poor security one way or another...
https://www.cpomagazine.com/cyber-security/your-digital-forensics-and-incident-response-capabilities-or-lack-thereof-may-be-weighing-on-your-cyber-insurance-premiums/
Your
Digital Forensics and Incident Response Capabilities — Or Lack
Thereof — May Be Weighing on Your Cyber Insurance Premiums
… Enterprises
have never been more at risk of suffering cyber attacks and when they
do, the damages have never been higher. According to cyber insurance
provider Coalition, claims
have skyrocketed for
enterprises in multiple sectors, including IT at 46 percent,
materials at 99 percent and industrials at 263 percent. The average
ransom demand made to its policyholders, meanwhile, increased by
almost 170 percent to $1.2 million in the first half of 2021.
With
their policyholders under great threat, cyber insurers are at equal
risk of having to provide them with significant payouts to cover
damages linked to cyber incidents. They’ve mitigated this risk by
raising the price of cover. In the U.S., cyber insurers raised their
pricing by 130 percent in the fourth quarter of 2021 alone, according
to insurance provider Marsh. They’ve also demanded that their
policyholders do more on cybersecurity to even qualify for coverage.
For enterprises looking to increase their cyber resilience to qualify
for coverage or to lower their premiums, the answer may lie in
digital forensics and incident response.
With access to
the Internet, anyone can be a spy.
https://www.newsweek.com/ukraine-artificial-intelligence-catch-people-sabotaging-war-effort-1716251
Ukraine
Using Artificial Intelligence to Catch People Sabotaging War Effort
… Yenin
said that sabotage groups can vary in profile and number because they
can be created to carry out different tasks. Closer to the start of
Russia's invasion, for example, Ukraine pinpointed five to 10 people
who were tasked with committing "terrorist acts" and
sabotage, including in the center of the capital, Kyiv.
Since then,
most of the saboteurs have focused on tasks like trying to share the
location of armed groups and recording the effectiveness of shelling
via missiles or artillery, the report said.
(Related)
Think of it as a wholesale wiretap…
https://www.wired.com/story/ukraine-russia-internet-takeover/
Russia
Is Taking Over Ukraine’s Internet
In
occupied Ukraine, people’s internet is being routed to Russia—and
subjected to its powerful censorship and surveillance machine.
Implications
for security. Tools for disinformation. Imagine an industry that
manufactures “evidence” on demand!
https://www.theverge.com/2022/6/15/23169012/voicemod-morgan-freeman-ai-voice-astronauts-pilots
Voicemod
uses AI to transform your voice into Morgan Freeman, astronauts, and
more
Voicemod,
a popular real-time voice changer, is starting to use artificial
intelligence to transform your voice into Morgan Freeman and other
characters. A new
Voicemod AI Voices beta is
launching today, offering up eight options to transform your voice
into fantasy characters, pilots, astronauts, and the actor Morgan
Freeman.
Voicemod
has been transforming voices for years thanks to classic sound design
techniques, but these new voice effects combine AI, too. The
“Morgan” voice, as Voicemod calls it, is particularly impressive,
allowing you to pretend to be the famous movie star or simply a
polished voice actor.
(Related)
Anyone with sufficient voice recordings can have a bot that sounds
just like them.
https://www.gawker.com/politics/an-exclusive-interview-with-ruth-bader-ginsburgs-chat-bot
AN
EXCLUSIVE INTERVIEW WITH RUTH BADER GINSBURG’S CHAT BOT
(Related)
https://www.bespacific.com/deepfakes-on-trial-a-call-to-expand-the-trial-judges-gatekeeping-role-2/
Deepfakes
on Trial: a Call to Expand the Trial Judge’s Gatekeeping Role to
Protect Legal Proceedings from Technological Fakery
Delfino,
Rebecca, Deepfakes on Trial: a Call to Expand the Trial Judge’s
Gatekeeping Role to Protect Legal Proceedings from Technological
Fakery (February 10, 2022). Loyola Law School, Los Angeles Legal
Studies Research Paper No. 2022-02, Available at SSRN:
https://ssrn.com/abstract=4032094
or
http://dx.doi.org/10.2139/ssrn.4032094
“Picture
this: You are arrested and accused of a serious crime, like
carjacking, assault with a deadly weapon, or child abuse. The only
evidence against you is a cellphone video showing the act of
violence. To the naked eye, the perpetrator on the video is you.
But you are innocent. The video is a “deepfake” – an
audiovisual recording created using readily available Artificial
Intelligence technology that allows anyone with a smartphone to
believably map one person’s movements and words onto another
person’s face. How will
you prove the video is deepfake in court? And, who—the judge or
the jury–gets to decide if it’s fake? The law does
not provide clear answers. But this much is certain–deepfake
evidence is an emerging threat to our justice system’s
truth-seeking function. Deepfakes will invade court proceedings from
several directions—parties may fabricate evidence to win a civil
action, governmental actors may rely on deepfakes to secure criminal
convictions, or lawyers may purposely exploit juror bias and
skepticism about what is real. Currently, no evidentiary procedure
explicitly governs the presentation of deepfake evidence in court.
The existing legal
standards governing the authentication of evidence are inadequate
because the rules were developed before the advent of deepfake
technology. As a result, they do not solve the urgent problems
of–how to show a video is fake and how to show it isn’t.
In addition, although in the last several years, legal scholarship
and the popular news media have addressed certain facets of
deepfakes, there has been no commentary on the procedural aspects of
deepfake evidence in court. Absent from the discussion is who gets
to decide whether a deepfake is authentic. This article addresses
the matters that prior academic scholarship about deepfakes obscures.
It is the first to propose a new rule of evidence reflecting a
unique reallocation of the fact-determining responsibilities between
the jury and the judge, treating the question of deepfake
authenticity as one for the court to decide as part of an expanded
gatekeeping function under the rules of evidence. Confronting
deepfakes evidence in legal proceedings demands that courts and
lawyers use imagination and creativity to navigate pitfalls of proof
and manage a jury’s doubts and distrust about what is real. Your
freedom may depend on how we meet these challenges.”
(Related)
Perhaps a start?
https://www.cnet.com/news/politics/eu-strengthens-disinformation-rules-to-target-deepfakes-bots-fake-accounts/
EU
Strengthens Disinformation Rules to Target Deepfakes, Bots, Fake
Accounts
An
overhauled set of rules designed to stem the flow of disinformation
were released Thursday by the European Commission. The EU's
strengthened Code
of Practice on Disinformation will
hold signatories to the code, which include tech giants Meta, Google,
TikTok and Twitter, liable for failing to take action by fining them
up to 6% of their global revenue.
How Colorado
does facial recognition.
https://www.pogowasright.org/colorado-law-restricts-use-of-facial-recognition-technology-by-government-agencies/
Colorado
Law Restricts Use of Facial Recognition Technology by Government
Agencies
Linn
Foster Freedman of Robinson + Cole writes:
Ramping up the state’s continued focus
on data privacy, on June 8, 2022, Colorado Governor Jared Polis
signed legislation aimed at limiting the use of facial recognition
technology by government agencies and state institutions of higher
education.
The
new law, SB
113,
requires an agency, defined as “an agency of the state government
or of a local government; or a state institution of higher
education,” that intends to “develop, procure, use or continue to
use facial recognition service” to provide notice of intent to use
those services with its “reporting authority” prior to using the
technology.
The notice must provide details
of the vendor to be used, the capabilities and limitations on the use
of the facial recognition technology, the type of data collected by
the technology, how data will be collected and processed, the purpose
of the use, and the benefits of the proposed use of the technology.
Read
more at Data
Privacy + Cybersecurity Insider.
Anyone
can easily obtain the tools.
https://www.bespacific.com/genetic-paparazzi-are-right-around-the-corner-and-courts-arent-ready-to-confront-the-legal-quagmire-of-dna-theft/
Genetic
paparazzi are right around the corner, and courts aren’t ready to
confront the legal quagmire of DNA theft
Via
LLRX
–
Genetic
paparazzi are right around the corner, and courts aren’t ready to
confront the legal quagmire of DNA theft –
Liza
Vertinsky and
Yaniv
Heled,
are law professors who study how emerging technologies like genetic
sequencing are regulated. They believe that growing public interest
in genetics has increased the likelihood that genetic paparazzi with
DNA collection kits may soon become as ubiquitous as ones with
cameras. While courts have for the most part managed to evade
dealing with the complexities of surreptitious DNA collection and
testing of public figures, they won’t be able to avoid dealing with
it for much longer. And when they do, they are going to run squarely
into the limitations of existing legal frameworks when it comes to
genetics.
Tools
& Techniques
https://www.freetech4teachers.com/2022/06/a-new-way-to-find-registration-free.html
A
New Way to Find Registration-free Tools
No-Signup
Tools is
a new site that features exactly what its name implies, web tools
that you can use for free without having to sign-up for an account.
You can browse through No-Signup Tools alphabetically, by ranking, or
by category. Browsing the categories is probably the best way to use
No-Signup Tools.
The
No-Signup
Tools categories
of interest to readers of this blog will probably be teaching,
writing, and productivity. It was in those categories that I found
helpful tools like Math
Homework Generator, Egg
Timer,
and saw an old favorite called Hemingway
App.
Web
tools that don't require registration or other personal information
... can be great for those of us who just don't want to give our
email addresses to yet another website.
No-Signup
Tools is good, but it isn't specific to education. For a similar
resource that was specifically created with teachers and students in
mind, take a look at Nathan
Hall's list of No Registration Needed Tools.
