Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybersecurity

U.S. Government: Update Chrome 80 Now, Multiple Security Concerns Confirmed

Forbes: “…Here’s what you need to know. CISA, a standalone federal agency under the U.S. Department of Homeland Security (DHS) oversight, is responsible for protecting “the Nation’s critical infrastructure from physical and cyber threats.” In an April 1 posting, CISA confirmed that Google Chrome Version 80.0.3987.162 “addresses vulnerabilities that an attacker could exploit to take control of an affected system,” be that Windows, Mac or Linux. It went on to state that it “encourages” users and administrators to apply the update. It’s not just CISA that is warning about the need to update Google Chrome. The Center for Internet Security (CIS) is a non-profit entity that works to safeguard both private and public organizations against cyber threats. In a multi-state information sharing and analysis center (MS-ISAC) advisory, it has also warned of multiple vulnerabilities in Google Chrome. The most severe of these could allow an attacker to achieve arbitrary code execution within the context of the browser. What does that actually mean? The answer is it depends upon the privileges that have been granted to the application. Still, in a worst-case scenario, the attacker would be able to view data, change data or delete data…” [I had to force the update on my Mac even though updates was enabled – best to be safe – and h/t Pete Weiss on the Mac catch!]

Zoom Meetings Aren’t End-to-End Encrypted, Despite Misleading Marketing

The Intercept: “Zoom, the video conferencing service whose use has spiked amid the Covid-19 pandemic, claims to implement end-to-end encryption, widely understood as the most private form of internet communication, protecting conversations from all outside parties. In fact, Zoom is using its own definition of the term, one that lets Zoom itself access unencrypted video… Continue Reading

Commentary – Maybe we shouldn’t use Zoom after all

FBI warns Zoom, teleconference meetings vulnerable to hijacking: “…The FBI has received multiple reports of conferences being disrupted by pornographic and/or hate images and threatening language,” the FBI cautioned. “As individuals continue the transition to online lessons and meetings, the FBI recommends exercising due diligence and caution in your cybersecurity efforts..to prevent against unwanted participants… Continue Reading

Pete Recommends – Weekly highlights on cyber security issues March 28, 2020

Via LLRX – Pete Recommends – Weekly highlights on cyber security issues March 28, 2020 – Privacy and security issues impact every aspect of our lives – home, work, travel, education, health and medical records – to name but a few. On a weekly basis Pete Weiss highlights articles and information that focus on the… Continue Reading

NIST Updates and Expands Its Flagship Catalog of Information System Safeguards

NIST: “After your organization forms a general plan for tackling its cybersecurity and privacy risk management issues, it needs particular state-of-the-art tools to make that plan a reality. Computer security and privacy experts at the National Institute of Standards and Technology (NIST) have the answer with an updated toolbox of safeguards for protecting an organization’s… Continue Reading

Pete Recommends Weekly highlights on cyber security issues March 8, 2020

Via LLRX – Pete Recommends Weekly highlights on cyber security issues March 8, 2020 – Privacy and security issues impact every aspect of our lives – home, work, travel, education, health and medical records – to name but a few. On a weekly basis Pete Weiss highlights articles and information that focus on the increasingly… Continue Reading

Firefox enables network privacy feature for users in US

CNET – “Mozilla has begun enabling a Firefox privacy feature for everyone in the US that should make it harder for ISPs or others to track you online. The technology, called DNS over HTTPS — DOH for short — protects a crucial internet addressing technology with encryption. Testing has been underway for months, but on… Continue Reading

How Google Is Stopping Malicious Office Docs From Targeting Gmail Users

PC Magazine: “At the RSA security conference today, Google offered a rare look into the kinds of malicious attachments hackers will send to Gmail users. It turns out Microsoft Office documents secretly rigged to download malware are in vogue. In recent weeks, about 56 percent of the malicious attachments detected and blocked by Gmail’s filters… Continue Reading

Artificial intelligence What Think Tanks are thinking

European Parliamentary Research Service Blog: “Artificial intelligence (AI) is usually understood as the ability for a machine to display human-like capabilities such as reasoning, learning, planning and creativity. The ‘Holy Grail’ for many governments and companies seeking to benefit from the digital revolution, the first to invent and apply true AI could achieve an enormous… Continue Reading

Pete Recommends – Weekly highlights on cyber security issues February 22, 2020

Via LLRX – Pete Recommends – Weekly highlights on cyber security issues February 22, 2020 – Privacy and security issues impact every aspect of our lives – home, work, travel, education, health and medical records – to name but a few. On a weekly basis Pete Weiss highlights articles and information that focus on the… Continue Reading

Oversight Subcommittee Seeks Information About Ring’s Agreements with Police, Local Governments

Washington, D.C. (Feb. 19, 2020)—”Today, Rep. Raja Krishnamoorthi, the Chairman of the Subcommittee on Economic and Consumer Policy, sent a letter to Amazon seeking information about its subsidiary Ring Inc.’s partnerships with city governments and local police departments, along with the company’s policies governing the data it collects. Ring sells internet-connected home surveillance equipment, such… Continue Reading