This can’t be right, can it?
https://threatpost.com/podcast-67-percent-orgs-ransomware/175339/
Podcast: 67% of Orgs Have Been Hit by Ransomware at Least Once
A recent report found that two-thirds, or 67 percent, of surveyed organizations have suffered a ransomware attack, about half have been hit multiple times, and 16 percent have been hit three or more times.
According to Fortinet’s Global State of Ransomware Report 2021 (PDF ), released last week, most organizations report that ransomware is their top most concerning cyber-threat. That’s particularly true for respondents in Latin America, Asia-Pacific and Europe-Middle East-Africa, who report that they’re more likely to be victims than their peers in the U.S. or Canada.
Overkill? No need to consult a judge or anyone in the target country?
https://www.databreaches.net/australia-to-tackle-ransomware-data-breaches-by-deleting-stolen-files/
Australia to tackle ransomware data breaches by deleting stolen files
Bill Toulas reports:
Australia’s Minister for Home Affairs has announced the “Australian Government’s Ransomware Action Plan,” which is a set of new measures the country will adopt in an attempt to tackle the rising threat.
[…]
To further strengthen the ability to conduct investigations and disrupt ransomware attacks, the government is looking to establish new powers through the Surveillance Legislation Amendment Act 2021.
Under this new legislation, the Australian Federal Police (AFP) and Australian Criminal Intelligence Commission (ACIC) will have the power to delete or remove data linked to suspected criminal activity, permitting access to devices and networks and even allowing the take over of online accounts for investigation purposes.
Read more on BleepingComputer.
So if this is in collaboration with other countries, is Australia claiming the right to take down data on servers in the U.S. or to seize devices of American journalists who may have data dumps or stolen data that they analyze for reporting purposes? Where do these new powers end?
The latest ‘shoot the messenger’ reaction.
Missouri Governor Vows to Prosecute St. Louis Post-Dispatch for Reporting Security Vulnerability
On Wednesday, the St. Louis Post-Dispatch ran a story about how its staff discovered and reported a security vulnerability in a Missouri state education website that exposed the Social Security numbers of 100,000 elementary and secondary teachers. In a press conference this morning, Missouri Gov. Mike Parson (R) said fixing the flaw could cost the state $50 million, and vowed his administration would seek to prosecute and investigate the “hackers” and anyone who aided the publication in its “attempt to embarrass the state and sell headlines for their news outlet.”
The Post-Dispatch says it discovered the vulnerability in a web application that allowed the public to search teacher certifications and credentials, and that more than 100,000 SSNs were available. The Missouri state Department of Elementary and Secondary Education (DESE) reportedly removed the affected pages from its website Tuesday after being notified of the problem by the publication (before the story on the flaw was published).
The newspaper said it found that teachers’ Social Security numbers were contained in the HTML source code of the pages involved. In other words, the information was available to anyone with a web browser who happened to also examine the site’s public code using Developer Tools or simply right-clicking on the page and viewing the source code.
Finally, a court that realizes that technology is not perfect!
Court Says Google Translate Isn’t Reliable Enough To Determine Consent For A Search
TechDirt: “The quickest way to a warrantless search is obtaining consent. But consent obtained by officers isn’t always consent, no matter how it’s portrayed in police reports and court testimony. Courts have sometimes pointed this out, stripping away ill-gotten search gains when consent turned out to be [extremely air quotation marks] “consent.” Such is the case in this court decision, brought to our attention by FourthAmendment.com. Language barriers are a thing, and it falls on officers of the law to ensure that those they’re speaking with understand clearly what they’re saying, especially when it comes to actions directly involving their rights. It all starts with a stop. A pretextual one at that, as you can see by the narrative recounted by the court…”
Shouldn’t we be able to ask Google for anything related to a crime?
https://www.bespacific.com/government-secretly-orders-google-to-identify/
Government Secretly Orders Google To Identify Anyone Who Searched A Sexual Assault Victim’s Name, Address And Telephone Number
Forbes: “The U.S. government is secretly ordering Google to provide data on anyone typing in certain search terms, an accidentally unsealed court document shows. There are fears such “keyword warrants” threaten to implicate innocent Web users in serious crimes and are more common than previously thought… It’s a rare example of a so-called keyword warrant and, with the number of search terms included, the broadest on record. Before this latest case, only two keyword warrants had been made public. One revealed in 2020 asked for anyone who had searched for the address of an arson victim who was a witness in the government’s racketeering case against singer R Kelly. Another, detailed in 2017, revealed that a Minnesota judge signed off on a warrant asking Google to provide information on anyone who searched a fraud victim’s name from within the city of Edina, where the crime took place. While Google deals with thousands of such orders every year, the keyword warrant is one of the more contentious. In many cases, the government will already have a specific Google account that they want information on and have proof it’s linked to a crime. But search term orders are effectively fishing expeditions, hoping to ensnare possible suspects whose identities the government does not know. It’s not dissimilar to so-called geofence warrants, where investigators ask Google to provide information on anyone within the location of a crime scene at a given time…”
The next outrage?
https://www.slashgear.com/facebook-ego4d-tracking-your-when-how-what-and-who-14695225/
Facebook Ego4D tracking your When, How, What, and Who
… The aim of the researchers working with Facebook AI in this research is to develop artificial intelligence that “understands the world from this point of view”* so that they’re able to “unlock a new era of immersive experiences.” They’re looking specifically at how augmented reality (AR) glasses and virtual reality (VR) headsets will “become as useful in everyday life as smartphones.”
… Researchers listed five “benchmark challenges” for this project that effectively show what they’re tracking. To be clear: Facebook isn’t tracking this data through real live devices for this project – not yet. This is all being tracked via first-person perspective videos Facebook AI attained for this project:
• Episodic memory: What happened when?
• Forecasting: What am I likely to do next?
• Hand and object manipulation: What am I doing?
• Audio-visual diarization: Who said what when?
• Social interaction: Who is interacting with whom?
… To learn more about this project, take a peek at the research paper Ego4D: Around the World in 3,000 Hours of Egocentric Video as published by arXiv.
Scary or reassuring?
AI and maths to play bigger role in global diplomacy, says expert
… Michael Ambühl, a professor of negotiation and conflict management and former chief Swiss-EU negotiator, said recent advances in AI and machine learning mean that these technologies now have a meaningful part to play in international diplomacy, including at the Cop26 summit starting later this month and in post-Brexit deals on trade and immigration.
… The use of AI in international negotiations is at an early stage, he said, citing the use of machine learning to assess the integrity of data and detect fake news to ensure the diplomatic process has reliable foundations. In the future, these technologies could be used to identify patterns in economic data underpinning free trade deals and help standardise some aspects of negotiations.
The Lab for Science in Diplomacy, a collaboration between ETH Zürich where Ambühl is based and the University of Geneva, will also focus on “negotiation engineering”, where existing mathematical techniques such as game theory are used either to help frame a discussion, or to play out different scenarios before engaging in talks.
No comments:
Post a Comment