Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label US Goverment. Show all posts
User Privacy
China Data Breach Forbes Phishing and Spam TikTok US Goverment User Privacy

ByteDance Employees Seized User Data Of Two Journalists

The Chinese company ByteDance, which owns  TikTok, disclosed on Thursday that some of its workers had illegally collected the data of American TikTok users, which included two journalists.

According to an email from ByteDance general counsel Erich Andersen, employees of the company had access to the data as part of a failed investigation into information leaks earlier this year. The employees had access to two reporters' IP addresses and other information via their TikTok accounts, as well as the data of a limited number of individuals connected to the journalist. The company stated that they were searching for connections between two journalists—a former BuzzFeed reporter and a Financial Times reporter—and  ByteDance, however, they were unable to find any breaches.

The inquiry, which was initiated in response to a Forbes story, emphasizes the privacy and security dangers associated with TikTok that have been brought up by American lawmakers, state governors, and administrations for more than two years, and supports some of the information in that study. More than a dozen states have prohibited TikTok from being used on government-issued devices, and the business has been in extensive discussions with the administration about security and privacy policies that would prevent ByteDance and the Chinese government from possibly gaining access to user data in the United States.

Two employees in China and two in the US of ByteDance who were associated with the incident were sacked. Company representatives announced that they were taking extra precautions to safeguard user data. In an effort to identify the source of leaks, ByteDance traced several Forbes journalists, including those who had previously worked for BuzzFeed, according to a Forbes investigation. 

In an effort to completely remove user data from China, TikTok has taken efforts to disassociate itself from ByteDance and is currently in talks with the US government. The fate of those talks is still up in the air.





Read more »
US Goverment
API Bug Chinese Actors Data Breach Data Privacy Laws FBI Tik Tok US Goverment

FBI: Tik Tok privacy issues


Christopher Wray, the director of the FBI, expressed its concern over the potential that the Chinese government might alter TikTok's recommendation algorithms, which can be utilised for conventional espionage activities.

The short clip social network is under federal attention recently, largely because of worries about data privacy, especially when it comes to youngsters, and because of the ongoing tension between the United States and China. In 2020, the Trump government made an unsuccessful effort to eliminate TikTok from app stores. Additionally, there have been legislative hearings on user data in both 2021 and this year.

While Wray acknowledged that there are numerous countries that pose cyberthreats to the United States, "China's rapid hacking operation is the largest, and they have gained more of Americans' personal and business data than any other country combined," Wray said.

He claimed that TikTok APIs may be used by China to manage the software on consumer devices, opening the door for the Chinese government to basically breach the appliances of Americans.

Rep. John Katko, D-NY, the ranking member of the committee and a persistent advocate of cybersecurity issues in Congress, claims that Chinese cyber operations pose a threat to the economic and national security of all Americans. He updated the members that ransomware assaults caused companies $1.2 billion in losses last year.

Using HUMINT operations, China has gained access to the US military and government and gathered important information about US intelligence operations. Due to the development of these abilities, China was able to intercept communications, gather sensitive information, and gather a variety of data regarding US military and diplomatic activities.





Read more »
User Privacy
Cyber Security Face recognition Facial Recognition US Goverment User Privacy

 Facial Recognition Technology is Transforming in Texas

The Facial Recognition Act, a measure that places stringent restrictions on law enforcement's use of facial recognition surveillance, was introduced on September 28. 

The proposed legislation would establish a set of regulations that effectively address both the risks associated with facial recognition technology's failures, such as algorithmic bias and erroneous arrests and those associated with its successes, such as the possibility of widespread surveillance and abuse.

Errors in facial recognition might have drastic effects. Some of the various cases were the rejection of a woman's application for unemployment benefits in Texas, which made it impossible for her to pay her rent, and the arrest of a Black man by police in New Jersey, which could have limited the guy's options for housing and work.

Citizens had not been shielded from pointless facial identification by the laws of the new state. In Texas, businesses are not allowed to gather your biometric data without your permission, but if you refuse, you have no other options. Citizens are obligated to grant the apartment manager's request for approval. 

Researchers have already expended too much time and money to turn around now. In the majority of the U.S., there are even fewer limitations on the use of biometric data. Without regulation, businesses sell biometric information to advertisers and governments. Then, it can be used by state, federal, and private entities to silence our speech, pursue our preferences, and prevent us from exercising our fundamental rights.

To gather evidence against renters, at least one city even installed facial recognition-capable cameras outside a public housing complex. Facial recognition is growing increasingly widespread despite its flaws and potentially harmful effects. A facial recognition solution was introduced by Equifax, which targets leasing offices.

In order to determine if a customer would pay for their purchases, Socure and other companies market a service that combines facial recognition technology with computer code. A facial recognition technology marketed by ODIN is said to be able to recognize people who are homeless and give the police personal information about them. 

Such information includes any existing arrest warrants, which frequently just serve to criminalize poverty and make it harder to acquire housing, as well as claims of prior behavior, which could put armed cops on edge and make effective outreach more difficult. There is no reason why such characteristics are required for that work, notwithstanding ODIN's assertions that its system can remotely check people into shelters using biometric identification and location tracking. Facial recognition doesn't function as intended, and authors can't rely on it to make crucial judgments regarding housing, credit, or law enforcement.

Since the foundation of America, a lot has happened. Urbanization has brought us closer together, and technology has linked everyone on a scale that was previously unimaginable.

Read more »
US Goverment
Bounty Program Cyber Security North Korea North Korean Hackers US Goverment

US State Department Offers $10 Million for Information on North Korean Hackers

 

The US government has disclosed it is offering up to $10m as a reward for information on people linked with North Korean state-sponsored hacking groups. 

The US State Department revealed Tuesday it is interested in information on hackers that are part of groups including Lazarus Group, Guardians of Peace, Kimsuky, and APT38 amongst others. 

“If you have information on any individuals associated with North Korean government-linked malicious cyber groups (such as Andariel, APT38, Bluenoroff, Guardians of Peace, Kimsuky, or Lazarus Group) and who are involved in targeting US critical infrastructure in violation of the Computer Fraud and Abuse Act, you may be eligible for a reward,” read a notice posted to Twitter. 

The North Korean hacking group is the only one to be called out by name on the Rewards for Justice site, which otherwise explains the purpose of the program is to generate useful information “that protects Americans and furthers US national security.” It says rewards are also offered for information on “the financial mechanisms of individuals engaged in certain activities to support the North Korean regime.” 

The amount is double the bounty the government offered in March 2022 for information on DPRK-backed hackers targeting crypto exchanges and financial institutions worldwide to support the Kim Jong-un regime's illegal operations. 

Lazarus, for example, has been blamed for various high-profile cyberattacks, including the world’s biggest ever crypto-heist when $618m was stolen from Vietnamese developer Sky Mavis and its Ronin Network. In 2020, the hackers exfiltrated $281m from Singapore-headquartered cryptocurrency exchange KuCoin. 

The North Korean hackers have also infiltrated mobile phones of well-known personalities, including particular South Korean legislators, to obtain their private data, claimed Mun Chong Hyun, head of the EST security response center (ESRC). He said hackers target organizations on North Korea's websites or build counterfeit Facebook accounts for those functioning in the North Korean industry on an ongoing basis. 

Last year, the US Department of Justice unsealed a federal incitement of several suspected members of the infamous Lazarus Group (APT38), said to be linked to military intelligence agency the Reconnaissance General Bureau (RGB). However, North Korea is a notoriously secretive and globally isolated state, making traditional intelligence-gathering efforts challenging. 

In 2019, the U.S. Treasury Department banned three North Korean hacking groups (Lazarus Group, Bluenoroff, and Andariel) for funneling financial assets they stole in cyberattacks to the North Korean government.
Read more »
Subscribe to: Posts (Atom)