InfoSec and Compliance – With 20 years of blogging experience, DISC InfoSec blog is dedicated to providing trusted insights and practical solutions for professionals and organizations navigating the evolving cybersecurity landscape. From cutting-edge threats to compliance strategies, this blog is your reliable resource for staying informed and secure. Dive into the content, connect with the community, and elevate your InfoSec expertise!
The role of CISO first emerged as organizations embraced digital revolutions and began relying on new data streams to help inform business decisions. As technology continued to advance and became more complex, so too did threat actors who saw new opportunities to disrupt businesses, by stealing or holding that data hostage for ransom.
As the years have gone by and cyberattacks have become more sophisticated, the role of the CISO has had to advance. The CISO has evolved from being the steward of data to also being a guardian for availability with the emergence of more destructive and disruptive attacks. The CISO also must be highly adaptable and serve as the connective tissue between security, privacy and ultimately, consumer trust.
Here’s how easily your phone number could be stolen, why a successful SIM swap scam is only the beginning of your problems, and how you can avoid becoming a victim of the attack
Just how easy is it to conduct a SIM swap attack and what can the attacker do once they have taken control of your phone number? In short, it’s worryingly easy and the criminals can do a lot once they have the keys to the kingdom.
We hear of SIM swapping – also known as SIM hijacking and SIM swap scams – all the time, and yet many people think it can’t ever happen to them. Indeed, people often tell me that they will never get hacked in any way and they actually even wonder why anyone would even target them. But the truth is that we are part of a huge numbers game for many malicious actors and they will continue to target the low-hanging fruit. So why don’t we just implement a few precautionary methods to reduce this risk?
I will come back to what you can do to mitigate the risks later, but first I want to tell you how I tested a SIM swap attack just so I could generate a talk and help people understand the risks. A real-life story is always better when helping people to be more cyber-aware. In fact, I ran a similar experiment last year when I showed how easy it is to hack anyone’s WhatsApp account by knowing their phone number. It was a very valuable lesson for the colleague-turned-victim.
I have known my friend – a let’s call him Paul – since school and we’ve been close friends ever since. I asked him recently if I could attempt to ethically hack him for the greater good and use anything that came from it in the name of cyber-awareness and helping protect people from future attacks. He was happy to oblige and even thought it would be fun to be part of an experiment.
Admittedly, this does lead to doomsday scenarios offered up by authors on the multitude of platforms sharing doomsday scenarios, with weak attribution included to suit their own narrative.
While commentary on the impact of such a scenario is generally to be welcomed, the focus of attribution remains. Recent events have introduced the world at large to ransomware variants previously only discussed within the information security industry. However, one has to question whether their inclusion is even remotely accurate.
As has been documented, we live in a world where anybody with access to a computer can be a player in the ransomware industry. Through ransomware-as-a-service (RaaS) there exists a business model that supports ‘partners’ to carry out attacks against victims, and to share the profits with the developers of the ransomware. In return for this arrangement, such partners or affiliates are offered a dashboard and a sizeable share of profits, in a relationship that appears to suit both parties based on the rise in use of such a model.
And herein lies the issue.
Recent ransomware attacks, using tools such as DarkSide, were indeed carried out by such partners. Celebrations over the retirement of certain ransomware variants appear to be premature, with GandCrab serving as an indication of what may actually occur. The group behind GandCrab, which was incredibly active and claimed to have made $2bn, announced its retirement in 2019.
While this announcement was greeted positively at the time, questions were raised about why the number of affiliates dropped sharply a few short months earlier. Fast forward a few months and the growth of Sodinokibi may have answered those questions, while confirming that rumours of senior partners’ retirement from the ransomware scene may have been greatly exaggerated.
However, and this is the critical component, it is the affiliates that break into organizations, and it is these same people that deploy ransomware within the environment, while all the time the ire remains solely fixated on the ransomware developer.
While the developer(s) should not escape the ferocity of anger placed upon them, it seems the affiliates continue their activities and can simply move to any number of other schemes should actions lead to the disruption of the ransomware group they have agreed to work with.
In our continued focus toward holding those accountable for the disruption they cause, closer attention must be paid to such mercenaries who are largely responsible for the exponential growth of such attacks. It is their involvement and capabilities that have allowed such attacks to adapt and become so much more crippling than ever before.
Adversaries could exploit newly discovered security weaknesses in Bluetooth Core and Mesh Profile Specifications to masquerade as legitimate devices and carry out man-in-the-middle (MitM) attacks.
“Devices supporting the Bluetooth Core and Mesh Specifications are vulnerable to impersonation attacks and AuthValue disclosure that could allow an attacker to impersonate a legitimate device during pairing,” the Carnegie Mellon CERT Coordination Center said in an advisory published Monday.
The two Bluetooth specifications define the standard that allows for many-to-many communication over the short-range wireless technology to facilitate data transfer between devices in an ad-hoc network.
The Bluetooth Impersonation AttackS, aka BIAS, enable a malicious actor to establish a secure connection with a victim, without having to know and authenticate the long-term key shared between the victims, thus effectively bypassing Bluetooth’s authentication mechanism.
“The BIAS attacks are the first uncovering issues related to Bluetooth’s secure connection establishment authentication procedures, adversarial role switches, and Secure Connections downgrades,” the researchers said. “The BIAS attacks are stealthy, as Bluetooth secure connection establishment does not require user interaction.”
“To confirm that the BIAS attacks are practical, we successfully conduct them against 31 Bluetooth devices (28 unique Bluetooth chips) from major hardware and software vendors, implementing all the major Bluetooth versions, including Apple, Qualcomm, Intel, Cypress, Broadcom, Samsung, and CSR.”
In addition, four separate flaws have been uncovered in Bluetooth Mesh Profile Specification versions 1.0 and 1.0.1. A summary of the flaws is as follows –
CVE-2020-26555 – Impersonation in Bluetooth legacy BR/EDR pin-pairing protocol (Core Specification 1.0B through 5.2)
CVE-2020-26558 – Impersonation in the Passkey entry protocol during Bluetooth LE and BR/EDR secure pairing (Core Specification 2.1 through 5.2)
N/A – Authentication of the Bluetooth LE legacy pairing protocol (Core Specification 4.0 through 5.2)
CVE-2020-26556 – Malleable commitment in Bluetooth Mesh Profile provisioning (Mesh profile 1.0 and 1.0.1)
CVE-2020-26557 – Predictable AuthValue in Bluetooth Mesh Profile provisioning (Mesh profile 1.0 and 1.0.1)
CVE-2020-26559 – Bluetooth Mesh Profile AuthValue leak (Mesh profile 1.0 and 1.0.1)
CVE-2020-26560 – Impersonation attack in Bluetooth Mesh Profile provisioning (Mesh profile 1.0 and 1.0.1)
“Our attacks work even when the victims are using Bluetooth’s strongest security modes, e.g., SSP and Secure Connections. Our attacks target the standardized Bluetooth authentication procedure, and are therefore effective against any standard compliant Bluetooth device,” the researchers said.
The Android Open Source Project (AOSP), Cisco, Cradlepoint, Intel, Microchip Technology, and Red Hat are among the identified vendors with products impacted by these security flaws. AOSP, Cisco, and Microchip Technology said they are currently working to mitigate the issues.
The Bluetooth Special Interest Group (SIG), the organization that oversees the development of Bluetooth standards, has also issued security notices for each of the six flaws. Bluetooth users are recommended to install the latest recommended updates from device and operating system manufacturers as and when they are available.
The lingering question of application code security follows, as stories of security breaches continue to pour, and remote teams across the world adopt low code for faster application delivery. Even as Gartner predicts that 65% of applications will be built using the low-code paradigm by 2024, it is important to understand the security implications that come with it and discuss how we can mitigate possible risks.
Most low code platforms enable non-technical users to build applications quickly and offer in-built security for various aspects of the application, such as APIs, data access, web front-ends, deployment, etc. Some go deeper with functionalities purpose-built for professional developers, with abilities to customize at a platform level. That said, no platform can claim to be the silver bullet when it comes to abstracting all security risks.
Business leaders should assess both internal and external risks that arise, and make sure there are certain guard rails enforced to secure low code-built applications. Let’s discuss some of these in detail.
The Enterprise Risk Management Program (ERMP) Guide provides program-level risk management guidance that directly supports your organization’s policies and standardizes the management of cybersecurity risk and also provides access to an editable Microsoft Word document template that can be utilized for baselining your organizations risk management practices. Unfortunately, most companies lack a coherent approach to managing risks across the enterprise:When you look at getting audit ready, your policies and standards only cover the “why?” and “what?” questions of an audit. This product addresses the “how” questions for how your company manages risk.
The ERMP provides clear, concise documentation that provides a “paint by numbers” approach to how your organization manages risk.The ERMP addresses fundamental needs when it comes to what is expected in cybersecurity risk management, how risk is defined, who can accept risk, how risk is calculated by defining potential impact and likelihood, necessary steps to reduce risk.Just as Human Resources publishes an “employee handbook” to let employees know what is expected for employees from an HR perspective, the ERMP does this from a cybersecurity risk management perspective.Regardless if your cybersecurity program aligns with NIST, ISO, or another framework, the Enterprise Risk Management Program (ERMP) is designed to address the strategic, operational and tactical components of IT security risk management for any organization.
Policies & standards are absolutely necessary to an organization, but they fail to describe HOW risk is actually managed. The ERMP provides this middle ground between high-level policies and the actual procedures of how risk is managed on a day-to-day basis by those individual contributors who execute risk-based controls.
Most management systems, compliance, and certification projects require documented policies, procedures, and work instructions. GDPR compliance is no exception. Documentation of policies and processes are vital to achieve compliance.
ITG GDPR Documentation Toolkit gives you a complete set of easily customizable GDPR-compliant documentation templates to help you demonstrate your compliance with the GDPR’s requirements quickly, easily, and affordably.
“Having recently kicked off a GDPR project with a large international organisation I was tasked with creating their Privacy Compliance Framework. The GDPR toolkit provided by IT Governance proved to be invaluable providing the project with a well organised framework of template documents covering all elements of the PIMS framework. It covers areas such as Subject Access Request Procedure, Retention of Records Procedure and Data Protection Impact Assessment Procedure helping you to put in practice policies and procedures to enable the effective management of personal information on individuals. For anyone seeking some support with their GDPR plans the toolkit is well work consideration.”
Microsoft Patch Tuesday for May 2021 security updates addressed 55 vulnerabilities in Microsoft including a critical HTTP Protocol Stack Remote Code Execution vulnerability tracked as CVE-2021-31166. The flaw could be exploited by an unauthenticated attacker by sending a specially crafted packet to a targeted server utilizing the HTTP Protocol Stack (http.sys) to process packets.
This stack is used by the Windows built-in IIS server, which means that it could be easily exploited if the server is enabled. The flaw is wormable and affects different versions of Windows 10, Windows Server 2004 and Windows Server 20H2.
The security researcher Axel Souchet has published over the weekend a proof-of-concept exploit code for the wormable flaw that impacted Windows IIS.
The PoC exploit code allows to crash an unpatched Windows system running an IIS server, it does not implement worming capabilities. Anyway, attackers could start triggering the vulnerability in the wild, the PoC code could be improved to be actively exploited.
Now, the security researcher Jim DeVries reported that the issue also impacts Windows 10 and Server devices running the Windows Remote Management (WinRM) service. a component of the Windows Hardware Management feature set which also makes use of the vulnerable HTTP.sys.
Windows Remote Management (WinRM) is the Microsoft implementation of WS-Management Protocol, a standard Simple Object Access Protocol (SOAP)-based, firewall-friendly protocol that allows hardware and operating systems, from different vendors, to interoperate.
The WinRM service is enabled by default on Windows servers running versions 2004 or 20H2 for this reason it only poses a serious risk to corporate environments, DeVries explained to BleepingComputer.
I finally found time to answer my own question. WinRM *IS* vulnerable. This really expands the number of vulnerable systems, although no one would intentionally put that service on the internet.
This month, the New York state attorney general issued a report on a scheme by “U.S. Companies and Partisans [to] Hack Democracy.” This wasn’t another attempt by Republicans to make it harder for Black people and urban residents to vote. It was a concerted attack on another core element of US democracy – the ability of citizens to express their voice to their political representatives. And it was carried out by generating millions of fake comments and fake emails purporting to come from real citizens.
This attack was detected because it was relatively crude. But artificial intelligence technologies are making it possible to generate genuine-seeming comments at scale, drowning out the voices of real citizens in a tidal wave of fake ones.
As political scientists like Paul Pierson have pointed out, what happens between elections is important to democracy. Politicians shape policies and they make laws. And citizens can approve or condemn what politicians are doing, through contacting their representatives or commenting on proposed rules.
Democracy and Fake News: Information Manipulation and Post-Truth Politics – the analysis of post-truth politics.
The volume sheds light on some topical questions connected to fake news, thereby contributing to a fuller understanding of its impact on democracy. In the Introduction, the editors offer some orientating definitions of post-truth politics, building a theoretical framework where various different aspects of fake news can be understood. The book is then divided into three parts: Part I helps to contextualize the phenomena investigated, offering definitions and discussing key concepts as well as aspects linked to the manipulation of information systems, especially considering its reverberation on democracy. Part II considers the phenomena of disinformation, fake news, and post-truth politics in the context of Russia, which emerges as a laboratory where the phases of creation and diffusion of fake news can be broken down and analyzed; consequently, Part II also reflects on the ways to counteract disinformation and fake news. Part III moves from case studies in Western and Central Europe to reflect on the methodological difficulty of investigating disinformation, as well as tackling the very delicate question of detection, combat, and prevention of fake news.
Air India disclosed a data breach after personal information belonging to roughly 4.5 million of its customers was leaked two months following the hack of Passenger Service System provider SITA in February 2021.
“This is to inform that SITA PSS our data processor of the passenger service system (which is responsible for storing and processing of personal information of the passengers) had recently been subjected to a cybersecurity attack leading to personal data leak of certain passengers,” Air India said in a breach notification sent over the weekend.
“This incident affected around 4,500,000 data subjects in the world.”
The airline added that the breach impacted the data of passengers registered between August 2011 and February 2021.
Nevertheless, after investigating the security incident, it was found that no credit card information or password data was accessed during the breach.
However, Air India urges its passengers to change their credentials to block potential breach attempts and ensure their data security.
“The breach involved personal data registered between 26th August 2011 and 3rd February 2021, with details that included name, date of birth, contact information, passport information, ticket information, Star Alliance, and Air India frequent flyer data (but no passwords data were affected) as well as credit cards data,” Air India added [PDF].
“However, in respect of this last type of data, CVV/CVC numbers are not held by our data processor.”
The protection of our customers’ personal data is of highest importance to us and we deeply regret the inconvenience caused and appreciate the continued support and trust of our passengers. — Air India
Data breach impacts Star Alliance members
Almost a dozen more air carriers besides Air India informed passengers that some of their data was accessed during a breach of SITA’s Passenger Service System (PSS), which handles transactions from ticket reservations to boarding.
SITA also confirmed the incident saying that it reached out to affected PSS customers and all related organizations in early March.
At the time, a SITA spokesperson told BleepingComputer that the breach impacts data of passengers from multiple airlines, including:
Lufthansa – combined with its subsidiaries, it is the second-largest airline in Europe in terms of passengers carried; Star Alliance member and Miles & More partner
Air New Zealand – flag carrier airline of New Zealand
Singapore Airlines – flag carrier airline of Singapore
Finnair – flag carrier and largest airline of Finland
Some of these air carriers (including Air India) are part of the Star Alliance, a global airline network with 26 members, including Lufthansa, the largest in Europe.
Star Alliance told BleepingComputer that its members also share customer details relevant to awarding traveling benefits.
The information is limited to membership names, frequent flyer program membership numbers, and program tier status.
As many as 4.5 million Air India customers were affected in the data breach
The airlines assured its passengers that there was no evidence of any “misuse” of the datahttps://t.co/ixRCDFTbtt
Harden the human firewall against the most current threats
Social Engineering: The Science of Human Hacking reveals the craftier side of the hacker’s repertoire―why hack into something when you could just ask for access? Undetectable by firewalls and antivirus software, social engineering relies on human fault to gain access to sensitive spaces; in this book, renowned expert Christopher Hadnagy explains the most commonly-used techniques that fool even the most robust security personnel, and shows you how these techniques have been used in the past. The way that we make decisions as humans affects everything from our emotions to our security. Hackers, since the beginning of time, have figured out ways to exploit that decision making process and get you to take an action not in your best interest. This new Second Edition has been updated with the most current methods used by sharing stories, examples, and scientific study behind how those decisions are exploited.
Networks and systems can be hacked, but they can also be protected; when the “system” in question is a human being, there is no software to fall back on, no hardware upgrade, no code that can lock information down indefinitely. Human nature and emotion is the secret weapon of the malicious social engineering, and this book shows you how to recognize, predict, and prevent this type of manipulation by taking you inside the social engineer’s bag of tricks.
Examine the most common social engineering tricks used to gain access
Discover which popular techniques generally don’t work in the real world
Examine how our understanding of the science behind emotions and decisions can be used by social engineers
Learn how social engineering factors into some of the biggest recent headlines
Learn how to use these skills as a professional social engineer and secure your company
Adopt effective counter-measures to keep hackers at bay
By working from the social engineer’s playbook, you gain the advantage of foresight that can help you protect yourself and others from even their best efforts. Social Engineering gives you the inside information you need to mount an unshakeable defense.
The WEF singled out five global cybersecurity challenges:
1. Increasing sophistication of cyberattacks and cyber adversaries 2. Widening cybersecurity skills gap 3. Lack of intelligence and operational information sharing 4. Keeping up with regulatory changes and uncertainty 5. Underinvestment and lack of business buy-in
Below, expert insights into these five challenges, as well as paths forward for the medical device industry.
A Pass the Hash (PTH) attack is a technique whereby an attacker captures a password hash as opposed to the password itself (characters) thereby gaining access (authentication) to the networked systems. This technique is used to steal credentials and enable lateral movement within a network. In a Windows environment, the challenge-response model used by NTLM security is abused to enable a malicious user to authenticate as a valid domain user without knowing their password. Now that Kerberos has replaced NTLM as the preferred authentication method for Windows domains, NTLM is still enabled in many Windows domains for compatibility reasons. And so, pass the hash attacks remain an effective tool in the hands of attackers. It is worth noting that there are other attacks associated with Keberos such as Pass the ticket and Kerberos-brute force attack etc. I will be discussing this in my next guide. Below are some articles relating to this topic: NT LAN Manager: How to prevent NTLM credentials from being sent to remote servers, Active Directory Authentication methods:How do Kerberos and NTLM work, and How to configure a service account for Kerberos delegation.
Last month, my wife was contacted by a phisher, mascaraing as someone from social security. This threat actor made an attempt to obtain her social security number using the threat of fraud investigation to verify her social security number. Because of my background in security, I was able to act quickly to prevent her from compliance and educated her on the phish attack. For many people, this ends in far less positive outcomes because there is not enough education and prevention out there. The majority of organizations will never request or disclose personal identifiable information (PII) and will only communicate via secure encrypted email or over traditional mail services. They will request an in person visit. For more information on securing your private information, visit: How to protect your personal information Caller ID is less reliable due to caller ID spoofing. This in part can be avoided by maintaining an address book in conjunction with a good call blocking service.
The majority of telecom providers offer programmable call blocking services, most of these operate with a programmable blacklist/whitelist. There are also third-party options on the device App Store. This function acts in many ways similar to malware detection and prevention. These features are also available as an add-on for a landline that blocks on a hardware level at the home or business demarcation point. This is slowly phasing out as more and more people are migrating to VoIP solutions or cellular based services. For more information on Caller ID spoofing, visit: howtogeek Dont trust caller id More information on call blocking at FCC Call blocking More information on call blocking for landlines at FCC Do not call listOpinion The best approach to handling telemarketers is a zero-trust approach, sellers you wish to do business with should be in your address book for ease of verification. Automated calling can potentially be used to gather recorded voice prompts as a potential persistent attack to gather voice commands to use on voice prompt services. These calls may also be used to verify the contact number is active and accepting calls. If you can avoid not answering a call or push it to voicemail, do it. Make sure you monitor your voicemail in the event a trusted contact is contacting you from a different contact source. Stay safe out there! ~Neumiller
Vishing attacks spoof Amazon to try to steal your credit card information
Prior to COVID-19, many companies had engineering applicants take coding skills assessments in person. On-premises testing allowed employers to control the environment and observe the applicant’s process. Now, employers are providing these assessments (and getting observations) remotely, and applicants (almost exclusively at the junior level) are gaming the platforms.
The two most common strategies are plagiarism and identity misrepresentation. In the former, applicants copy and paste code found on sites like Github or they are lifting code from prior assessments administered by the same employer that have been published and/or sold online. (Companies that have only a few variations of a coding challenge will find, with a quick Google search, that prior test-takers have either posted it online or are offering the answers privately. They’ll even sprinkle in some minor differentiations so that it’s harder to catch.) Identity misrepresentation means asking or paying someone else to log in to the test platform and solve the test (or part of it) for the applicant.
Globally, the rate for plagiarism in 2020 was 5.6%, and suspicious connectivity patterns – indicative of session handover to someone else other than the applicant – appear in 6.48% of sessions. We are seeing a slight growth in the percent of sessions with suspicious behaviors, and this growth is visible in both global and financial markets in particular.
Some industries will have higher rates of cheating than others; for example, organizations in the government, education, and non-profit sectors can see up to double the global average for red-flag behavior. The general shortage of HR professionals with deep technical knowledge make practically all employers vulnerable to inefficiencies and the perils of under-qualified tech candidates making it too far into the recruitment funnel. Higher rates of cheating mean that IT professionals need smarter tools to avoid mis-hires.
Addressing this problem needs to be a priority for employers looking to hire remotely on a larger scale or as a permanent practice, because the short- and long-term consequences are always more costly than whatever investments they put into preventative safeguards.
Hiring a person who cheated in the recruitment process is a recipe for disaster, both for the employer and the employee. Job seekers will typically cheat because they lack the qualifications to pass the recruitment process or, sometimes, just lack the confidence that they can succeed. In either case, if the recruitment leads to employment, the nascent working relationship is botched from day one. The lack of qualifications surfaces sooner or later, frequently damaging schedules, reliability, and security of software products and services, not to mention driving business costs up and reputation down.
More alarmingly, common sense and academic research suggest (Peterson et al., 2011; Schneider & Goffin, 2012), says that the lack of integrity has a potential to reoccur on the job, quite possibly leading to security breaches immensely more dangerous than software bugs. Last but not least, it is plainly emotionally difficult for many individuals to grow a healthy relationship towards the employer and the workplace when the relationship started with dishonesty.
AXA’s branches in Thailand, Malaysia, Philippines and Hong Kong have been hit by a ransomware attack, with hackers claiming they have accessed more than 3-terabytes of sensitive data.
Included in that trove of data, according to the hackers, are customer medical reports – which is also said to expose their sexual health problems – as well as identification documents, bank account statements, payment records, contracts and details of individual claims.
In addition to the ransomware attack, AXA has also been hit by a series of distributed denial of service (DDos) attacks on its global websites that made the insurance giant’s website completely inaccessible for a number of hours.
A ransomware group by the name of Avaddon has taken responsibility for the ransomware attacks launched against AXA, just days after the company announced it would stop underwriting policies that included payouts in the event of a ransomware attack.
The group told AXA that the insurance giant has around 10 days to get in contact and meet their demands, otherwise risking the publication of massive amounts of sensitive information on their customers.
AXA has responded to the claims, telling Bleeping Computer that there is “no evidence” to suggest that data beyond one of its Thai operations was accessed.
“Asia Assistance was recently the victim of a targeted ransomware attack which impacted its IT operations in Thailand, Malaysia, Hong Kong and the Philippines.”
The insurer continued to explain that “a dedicated taskforce with external forensic experts is investigating the incident. Regulators and business partners have been informed.”
“As a result, certain data processed by Inter Partners Assistance (IPA) in Thailand has been accessed. At present, there is no evidence that any further data was accessed beyond IPA in Thailand.
“AXA takes data privacy very seriously and if IPA’s investigations confirm that sensitive data of any individuals have been affected, the necessary steps will be taken to notify and support all corporate clients and individuals impacted,” the company spokesperson said.
AXA is yet to address any specific demands of the hacking group Avaddon.
In the modern cloud-based application era, securing hardware is often neglected, so the volume of unmanaged devices noted above is not surprising. Endpoint management is hard, it’s boring, it’s time-consuming — but it’s nevertheless extremely important to a robust security strategy.
Why? Bad actors know that machines aren’t getting configured and maintained at the rate at which they should. This makes them ripe for exploitation. One of the easiest ways to attack corporate networks is through a machine that is not configured correctly or that hasn’t downloaded a patch to shore up a certain vulnerability.
Endpoint management: Scaling for a new world
VPNs have been under significant strain throughout the pandemic, and bandwidth is at a premium. This is part of the reason we’re seeing such rapid migration to the cloud. While there are numerous benefits to this move, it still doesn’t protect actual endpoints. To do this, regardless of environment, you need to find an endpoint management solution that can scale rapidly and not affect network performance.
This requires a novel approach to drive continuous compliance and configuration management across the enterprise. Of note, the latest peer-to-peer solutions can check the configuration of local or remote endpoints, diagnose problems, and/or remediate any issues found. Because of the nature of peer-to-peer, these solutions can conduct routine and advanced endpoint management at massive scale, addressing hundreds of thousands of endpoints without bandwidth throttling or hindering network performance.
Workers don’t even realize their systems are being updated. Being able to protect endpoints at scale without degrading the user experience or getting in the way of business processes is a game-changer in the remote world. It means that you can institute or return to a regular endpoint management schedule.
This isn’t the first time we’ve heard of a SNAFU like this, where virtual wires got crossed inside a video surveillance company’s own back end, causing customers not only to lose track of their own video cameras but also to gain access to someone else’s.
In one case, three years ago, a user of a cloud video service offered by a UK company called Swann received a video notification that showed surveillance footage from the kitchen…
…just not the kitchen in the user’s own house.
Amusingly, if that is the right word, the victim in this incident just happened to be a BBC staffer, relaxing at the weekend, who was gifted an ideal story to write up in the upcoming week.
In that incident, the camera vendor blamed human error, with two cameras accidentally set up with a “unique identifier” that wasn’t unique at all, leaving the system unable to decide which camera belonged to which account.
Alhough the vendor dismissed it as a “one off”, the BBC tracked down an even more amusing (though no less worrying) occurrence of the same problem in which a user received a surveillance video of a property that looked like a pub.
With a few days of search engine wrangling, that user managed to identify the pub online, only to find out that it was, by fluke, just 5 miles away.
So he went there and took a picture of himself in the beer garden, via the pub landlord’s webcam, but using his own online account:
Great to meet the manager @newtownlinford and share our concerns that @swannsecurity remote access CCTV system is giving us images from his cameras in place of our own. Bizarre to be able to take a selfie using someone else's CCTV camera pic.twitter.com/fTgmAVoPle
![Don't Hire a Software Developer Until You Read this Book: The software survival guide for tech startups & entrepreneurs (from idea, to build, to product launch and everything in between.) by [K.N. Kukoyi]](https://m.media-amazon.com/images/I/51a9ala-KuL.jpg)
May 24 2021
AIs and Fake Comments
This month, the New York state attorney general issued a report on a scheme by “U.S. Companies and Partisans [to] Hack Democracy.” This wasn’t another attempt by Republicans to make it harder for Black people and urban residents to vote. It was a concerted attack on another core element of US democracy – the ability of citizens to express their voice to their political representatives. And it was carried out by generating millions of fake comments and fake emails purporting to come from real citizens.
This attack was detected because it was relatively crude. But artificial intelligence technologies are making it possible to generate genuine-seeming comments at scale, drowning out the voices of real citizens in a tidal wave of fake ones.
As political scientists like Paul Pierson have pointed out, what happens between elections is important to democracy. Politicians shape policies and they make laws. And citizens can approve or condemn what politicians are doing, through contacting their representatives or commenting on proposed rules.
Democracy and Fake News: Information Manipulation and Post-Truth Politics – the analysis of post-truth politics.
The volume sheds light on some topical questions connected to fake news, thereby contributing to a fuller understanding of its impact on democracy. In the Introduction, the editors offer some orientating definitions of post-truth politics, building a theoretical framework where various different aspects of fake news can be understood. The book is then divided into three parts: Part I helps to contextualize the phenomena investigated, offering definitions and discussing key concepts as well as aspects linked to the manipulation of information systems, especially considering its reverberation on democracy. Part II considers the phenomena of disinformation, fake news, and post-truth politics in the context of Russia, which emerges as a laboratory where the phases of creation and diffusion of fake news can be broken down and analyzed; consequently, Part II also reflects on the ways to counteract disinformation and fake news. Part III moves from case studies in Western and Central Europe to reflect on the methodological difficulty of investigating disinformation, as well as tackling the very delicate question of detection, combat, and prevention of fake news.
Tags: AIs and Fake Comments, Information Manipulation
Comments (0)