TechLetters #121 - Cyberwar in Ukraine. 0day exploits to smartphones via apps. AI-automation coming to address cybersecurity industry. Cookie blocking standardisation. VULKAN cyberwar services.
Security
0day exploited by a smartphone app. “Android apps digitally signed by China’s third-biggest e-commerce company exploited a zero-day vulnerability that allowed them to surreptitiously take control of millions of end-user devices to steal personal data and install malicious apps.”
Microsoft will AI-automate cybersecurity industry. With ChatGPT, that could process lots of data and find needle in the incident haystack. How many people can really be replaced with ChatGPT? Can it also, almost completely, automate the tasks of data protection officers?
Web security proposal to standardise cross-browser cookie blocking. Here. Say farewell to unsanctioned cookie-based tracking, the days to its complete demise are counted. That will be a major win for security and privacy.
Russian organization VULKAN is training Russian government hackers (GRU, FSB) in cyberwarfare. And is taking action as part of the Russian cyberwar in Ukraine. Disinformation, propaganda, but also interest in hard hacking of targets like infrastructure. Cyber warfare/operations and information warfare/operations group/contractors. "the projects represent only some pieces of a variety of capabilities". Among plans the blockade of rail systems or derailment of trains.
Governments against the use of unsanctioned spyware. Countries issued a statement against the government uses of commercial spyware “when inconsistent with respect for universal human rights, the rule of law, and civil rights and civil liberties".
Privacy
Italian data protection authority banned the use of ChatGPT. No legal basis for "mass collection and storage of personal data to train the" GPT algorithm. OpenAI processes data inaccurately. Is that it? Threaten with HUGE GDPR fine.
uBlock Origin changes. What does the yellow badge or '!' uBlock Origin (uBO) ad/script blocker mean. Yellow icon: uBO is loading all filter lists, not properly filtering yet. With '!': browser network requests were not processed by uBO. Just wait and it will be normal after some short while.
Technology Policy
US Congress is considering a bill that would let the government block IT resources. IT, systems, hardware, software, games, web sites, applications, quantum computing, biological computing, etc. In general, of course following some assessment process. If applies to "foreign adversary".
Other
The progress in generative graphics (by AI) is huge. Yes it is.
W3C Web Neural Network API will help turning our web browsers & websites in parts of AI-assisted infrastructures? Use cases consider risky uses like like emotion detection. Allows on-device computing but may also leak some data or form fingerprints. Ethical magic wand is here.
In case you feel it's worth it to forward this content further:
If you’d like to share: