Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybercrime

U.S. Government: Update Chrome 80 Now, Multiple Security Concerns Confirmed

Forbes: “…Here’s what you need to know. CISA, a standalone federal agency under the U.S. Department of Homeland Security (DHS) oversight, is responsible for protecting “the Nation’s critical infrastructure from physical and cyber threats.” In an April 1 posting, CISA confirmed that Google Chrome Version 80.0.3987.162 “addresses vulnerabilities that an attacker could exploit to take control of an affected system,” be that Windows, Mac or Linux. It went on to state that it “encourages” users and administrators to apply the update. It’s not just CISA that is warning about the need to update Google Chrome. The Center for Internet Security (CIS) is a non-profit entity that works to safeguard both private and public organizations against cyber threats. In a multi-state information sharing and analysis center (MS-ISAC) advisory, it has also warned of multiple vulnerabilities in Google Chrome. The most severe of these could allow an attacker to achieve arbitrary code execution within the context of the browser. What does that actually mean? The answer is it depends upon the privileges that have been granted to the application. Still, in a worst-case scenario, the attacker would be able to view data, change data or delete data…” [I had to force the update on my Mac even though updates was enabled – best to be safe – and h/t Pete Weiss on the Mac catch!]

Zoom Meetings Aren’t End-to-End Encrypted, Despite Misleading Marketing

The Intercept: “Zoom, the video conferencing service whose use has spiked amid the Covid-19 pandemic, claims to implement end-to-end encryption, widely understood as the most private form of internet communication, protecting conversations from all outside parties. In fact, Zoom is using its own definition of the term, one that lets Zoom itself access unencrypted video… Continue Reading

Commentary – Maybe we shouldn’t use Zoom after all

FBI warns Zoom, teleconference meetings vulnerable to hijacking: “…The FBI has received multiple reports of conferences being disrupted by pornographic and/or hate images and threatening language,” the FBI cautioned. “As individuals continue the transition to online lessons and meetings, the FBI recommends exercising due diligence and caution in your cybersecurity efforts..to prevent against unwanted participants… Continue Reading

Pete Recommends – Weekly highlights on cyber security issues March 28, 2020

Via LLRX – Pete Recommends – Weekly highlights on cyber security issues March 28, 2020 – Privacy and security issues impact every aspect of our lives – home, work, travel, education, health and medical records – to name but a few. On a weekly basis Pete Weiss highlights articles and information that focus on the… Continue Reading

NIST Updates and Expands Its Flagship Catalog of Information System Safeguards

NIST: “After your organization forms a general plan for tackling its cybersecurity and privacy risk management issues, it needs particular state-of-the-art tools to make that plan a reality. Computer security and privacy experts at the National Institute of Standards and Technology (NIST) have the answer with an updated toolbox of safeguards for protecting an organization’s… Continue Reading

Pete Recommends Weekly highlights on cyber security issues March 8, 2020

Via LLRX – Pete Recommends Weekly highlights on cyber security issues March 8, 2020 – Privacy and security issues impact every aspect of our lives – home, work, travel, education, health and medical records – to name but a few. On a weekly basis Pete Weiss highlights articles and information that focus on the increasingly… Continue Reading

Too good to be true? Beware of fake online jobs

Fortune: “The posting on a big, reputable job board seemed perfect: An opening at a well-known company you’ve always admired, with generous pay and benefits and the option of working from home. Of course you submit a resume and after an interview or two by phone or video—usually with, say, the HR director and one… Continue Reading

Firefox enables network privacy feature for users in US

CNET – “Mozilla has begun enabling a Firefox privacy feature for everyone in the US that should make it harder for ISPs or others to track you online. The technology, called DNS over HTTPS — DOH for short — protects a crucial internet addressing technology with encryption. Testing has been underway for months, but on… Continue Reading

How Google Is Stopping Malicious Office Docs From Targeting Gmail Users

PC Magazine: “At the RSA security conference today, Google offered a rare look into the kinds of malicious attachments hackers will send to Gmail users. It turns out Microsoft Office documents secretly rigged to download malware are in vogue. In recent weeks, about 56 percent of the malicious attachments detected and blocked by Gmail’s filters… Continue Reading

Pete Recommends – Weekly highlights on cyber security issues February 22, 2020

Via LLRX – Pete Recommends – Weekly highlights on cyber security issues February 22, 2020 – Privacy and security issues impact every aspect of our lives – home, work, travel, education, health and medical records – to name but a few. On a weekly basis Pete Weiss highlights articles and information that focus on the… Continue Reading

Carnegie Mellon built ‘opt-out’ system for nearby tracking devices

engadget: “It’s getting easier to control what your smart home devices share, but what about the connected devices beyond your home? Researchers at Carnegie Mellon’s CyLab think they can give you more control. They’ve developed an infrastructure and matching mobile app (for Android and iOS) that not only informs you about the data nearby Internet… Continue Reading