Friday, March 01, 2019

Noted for future (next year) US elections.
ENISA issues recommendations to protect EU Parliament elections against cyber-threats
… To combat foreign interference such as that witnessed in the US presidential elections in 2016, ENISA is providing guidelines to all election stakeholders.
… According to the document – Election Cybersecurity: Challenges and Opportunities – a democratic society needs a well-protected election lifecycle, from the maintenance of the electoral register and the public political campaigning process to the actual voting and the delivery of the results.




Interesting.
Is Digital Forensics Effectively Joining the Dots in Today’s Corporate Crime Scenes?
… Resolving complex corporate crimes requires tech-savvy sleuthing, and digital forensics does exactly that. It broadly covers identification, evaluation, examination, and peer review of computer or mobile device related artifacts. The coverage however continues to evolve with the emergence AI (Artificial Intelligence) and IoT (Internet of Things) enabled platforms, high security mobile devices, and other overarching trends in the technology world.
The insights presented in the article are based on a recent research study on Digital Forensics Market by Future Market Insights.




A culture that is not too concerned with accuracy (facts) will repeat this failure every time.
Facebook admits 18% of Research spyware users were teens, not <5 font="">
Facebook has changed its story after initially trying to downplay how it targeted teens with its Research program that a TechCrunch investigation revealed was paying them gift cards to monitor all their mobile app usage and browser traffic. “Less than 5 percent of the people who chose to participate in this market research program were teens” a Facebook spokesperson told TechCrunch and many other news outlets in a damage control effort 7 hours after we published our report on January 29th. At the time, Facebook claimed that it had removed its Research app from iOS. The next morning we learned that wasn’t true, as Apple had already forcibly blocked the Facebook Research app for violating its Enterprise Certificate program that supposed to reserved for companies distributing internal apps to employees.
… In the response from Facebook’s VP of US public policy Kevin Martin, the company admits that (emphasis ours) “At the time we ended the Facebook Research App on Apple’s iOS platform, less than 5 percent of the people sharing data with us through this program were teens. Analysis shows that number is about 18 percent when you look at the complete lifetime of the program, and also add people who had become inactive and uninstalled the app.”




Now that they have your attention…
Ireland's Data Protection Commission Reports Multiple GDPR Investigations on Tech Giants
Ireland's Data Protection Commission (DPC), headed by the Commissioner for Data Protection, Helen Dixon, has published its first annual report since the General Data Protection Regulation (GDPR) came into force in May 2018. It shows that Europeans are taking their new privacy rights very seriously. In the five months of 2018 pre-GDPR, the DPC received 1,249 privacy complaints. In the seven months post-GDPR, it received a further 2,864. The total of more than 4,000 complaints in 2018 is up from less than 1000 in 2015.
The section of the report (PDF) most relevant to Americans and American firms operating in Europe, however, is Section 7: Technology Multinationals Supervision.






Perhaps a good collection of bad examples?
Thailand passes internet security law decried as 'cyber martial law'
Thailand’s military-appointed parliament on Thursday passed a controversial cybersecurity law that gives sweeping powers to state cyber agencies, despite concerns from businesses and activists over judicial oversight and potential abuse of power.
The Cybersecurity Act, approved unanimously, is the latest in a wave of new laws in Asian countries that assert government control over the internet.
… The law allows the National Cybersecurity Committee (NCSC) to summon individuals for questioning and enter private property without court orders in case of actual or anticipated “serious cyber threats.”
An additional Cybersecurity Regulating Committee will have sweeping powers to access computer data and networks, make copies of information, and seize computers or any devices.
Court warrants are not required for those actions in “emergency cases,” and criminal penalties will be imposed for those who do not comply with orders.
… Legislators also unanimously passed the Personal Data Protection Act, intended to imitate the European Union’s General Data Protection Regulation (GDPR).




Update your toolkit.
Wireshark 3.0.0 Released
The Wireshark Foundation on Thursday announced the general availability of Wireshark 3.0.0, the newest release of the popular open-source packet analyzer.
The latest version fixes a handful of bugs and introduces roughly two dozen new features or significant updates to existing features.


No comments: