The Log4j code vulnerability has the media declaring the Internet in a state of crisis. Log4j is a Java-based logging framework developers use to track user activity within applications on the popular Apache web server. Security experts are rushing to patch the bug, which is being exploited to remotely assume control of vulnerable systems, stealing credentials, installing malware and launching other attacks that permeate consumer devices. Last week, the U.S. Cybersecurity and Infrastructure Security Agency issued a Log4j alert, as did Australia’s CERT emergency response team. Continue reading Major Security Vulnerability Triggers Worldwide Internet Crisis

Meta Platforms last week threw open the doors to its “Horizon Worlds” virtual reality, online video platform. The collaborative environment has been in private beta since 2019 and had required an invitation to join. Now adults in the U.S. and Canada can download the free “Horizon Worlds” app and experience CEO Mark Zuckerberg’s vision of the metaverse, as long as they have a Meta Quest 2 and a Facebook account. The playground lets users build things and virtually hang out with as many as 20 people in an environment that feels like being dropped into the OASIS of “Ready Player One.” Continue reading Meta Bumps ‘Horizon Worlds’ Out of Beta in U.S. and Canada

The Microsoft Digital Crimes Unit has seized 42 websites from China-based hacking group Nickel, in attempt to thwart the group’s intelligence-gathering operations. A Virginia federal court granted Microsoft’s request to take over the U.S.-based websites run by Nickel, also known as APT15. Microsoft had since 2016 been tracking the group’s activities, determining them “highly sophisticated,” with attacks designed to install malware that facilitated surveillance and data theft attacks. Nickel was used to attack organizations in the United States and 28 other countries around the world, DCU says. Continue reading Court Lets Microsoft DCU Seize 42 Chinese Hacker Websites

The U.S. government has announced its plans to work with other nations to put restrictions on the export of surveillance tools to authoritarian countries such as China. The Biden administration says it would gather allies and start an initiative to regulate the export of surveillance tools. The initiative is planned to be discussed during a virtual gathering, Summit for Democracy, on December 9-10. Representatives from more than 100 democratic nations will be participating. The primary objective of the summit is to crack down on authoritarian governments from using cyber tools to violate fundamental human rights. Continue reading U.S. to Limit Exporting Surveillance Tech to Certain Countries

The European Parliament and EU Member States have reached an agreement on the Data Governance Act, clearing the way for final approval on legislation. The Data Governance Act is a framework designed to encourage sharing under the General Data Protection Regulation (GDPR), consumer protection laws and competition rules. The goal is to develop common European data spaces in areas such as manufacturing, cultural heritage and health. The Data Governance Act is the first of two steps. The EU’s Data Act — which promotes data sharing among EU member states, businesses and government — will soon be formally proposed. Continue reading EU’s Data Governance Act Targets Growth of Digital Economy

In an effort to protect privacy and enhance security, Twitter has banned the sharing of private media without the parties’ consent. “Sharing personal media, such as images or videos, can potentially violate a person’s privacy, and may lead to emotional or physical harm,” Twitter said in a blog post that further elaborated: “The misuse of private media can affect everyone, but can have a disproportionate effect on women, activists, dissidents, and members of minority communities.” The move expands a previous ban Twitter had in place to protect personal information. Continue reading Twitter Bans Sharing People’s Private Media Without Consent

After Facebook promised in July that it would limit its algorithms that track online behavior of users under 18 as a step toward curtailing a method used by advertisers to target children and teenagers, the social giant is again being accused of collecting such data. Facebook was found harvesting data of young users through its ad delivery system, according to a report published by advocacy groups Fairplay, Global Action Plan and Reset Australia. The research suggests that Facebook is maintaining the ability to track younger users so that it can maximize engagement and increase advertising revenue. Continue reading Facebook Is Criticized for Continuing to Collect Data of Teens

Facebook whistleblower Frances Haugen’s meetings with European Union officials have accelerated the lawmakers’ plans to tamp down Big Tech. Officials are calling for quick action to strengthen and enact measures of a 2020 bill that would impose strict obligations on social media companies. As currently drafted the bill would require technology platforms to monitor and mitigate risks from illegal content or suffer stiff fines. Likening Europe to “a digital Wild West,” EU digital commissioner Thierry Breton said, “Speed is everything” and EU members must pass the new tech legislation in the first half of 2022. Continue reading FB Whistleblower Testimony Accelerates EU Regulatory Push

The $1.2 trillion infrastructure bill that made it to President Biden’s desk Friday for upgrades to the nation’s roads, bridges, pipes and ports also includes $65 billion to “ensure every American has access to reliable high-speed Internet.” Building high-speed networks in unserved areas and making broadband affordable for low-income families are priorities for an administration in pursuit of digital equity. The White House estimates 30 million U.S. households don’t have access to reliable Internet, a problem heightened by the need to learn and work at home during the COVID-19 pandemic.  Continue reading Federal Infrastructure Plan Includes $65 Billion for Broadband

Tech sales during the 2021 October through December holiday season will reach $142.5 billion, according to the Consumer Technology Association, which says the projection represents “a very slight 0.5 percent increase from 2020.” A record 191.3 million U.S. adults plan to purchase technology as a holiday gift, the CTA says, adding that its 28th Annual Consumer Technology Holiday Purchase Patterns report “could have important implications” for fourth quarter TV advertising. The study found that 83 percent of U.S. adults “are unaffected by or more likely to purchase tech due to the pandemic.” Continue reading CTA Forecast: Holiday Tech Spending to Reach $142.5 Billion

Facebook parent Meta has announced it is shutting down the social network’s facial recognition technology program, deleting more than a billion individual face templates. Even users who have opted in will no longer be automatically recognized in photos and videos, according to the company. Meta vice president of artificial intelligence Jerome Pesenti emphasized the technology’s helpfulness in auto-generated image descriptions for the blind and visually impaired, conceding it was necessary to weigh “the positive use cases for facial recognition against growing societal concerns, especially as regulators have yet to provide clear rules.” Continue reading Meta Halts Face Recognition Opt-In, Continues Development

Google says that by the end of 2021 it will automatically enroll about 150 million Google users and 2 million YouTubers in the company’s two-step verification program. Users will be required to not only enter a log-in password, but also to enter a code sent via text or app or security key. Google declined to say how many of its users had voluntarily enabled the extra security step prior to Alphabet’s new mandate. The move comes as a result of what many describe as consumer apathy in the face of heightened digital dangers. Google, Twitter, Facebook and Instagram have all urged users to adopt two-step verification with lackluster results. Continue reading Google Looks to Improve Security with 2SV Auto-Enrollment

The U.S. Treasury Department has issued guidelines specifying how to ensure virtual currency transactions comply with the government’s sanctions policies, a move by the Biden administration to thwart ransomware attacks, money laundering and other abuses. The new rules emphasize using geolocation tools that block IP addresses from sanctioned countries, ongoing monitoring of sanctioned entities and individuals and periodic review of transactions involving blacklisted virtual currency addresses. Treasury’s Financial Crimes Enforcement Network has had virtual currency rules in place since at least 2011, but this update gives the directives new teeth. Continue reading Treasury Issues Crypto Guidance for Sanctions Compliance

Sundar Pichai, CEO of Google and its parent Alphabet, is urging the U.S. government to step up innovation and more actively police cyberthreats. In a year beset with security breaches attributed to Russian and Chinese hackers, Pichai says it’s time to draft a Geneva Convention for technology, outlining international legal standards, safeguards and behavioral norms for the connected age. Pichai also made an appeal for state-sponsored innovation in the face of competition from China, where the Communist Party under President Xi Jinping has outlined plans to advance artificial intelligence and develop a proprietary semiconductor sector. Continue reading Alphabet CEO Calls for Government Action in Tech Innovation

Payments flagged by U.S. banks as suspected ransomware in 2021 are on pace to nearly double those of 2020, according to reports filed with the Treasury Department. Almost $600 million in potential ransomware payments have been filed with the federal government from January through June, which is more than 40 percent more than the tally for full-year 2020. Reflecting the fact that governments worldwide describe cybercrime as a critical national security threat, the first International Cybersecurity Challenge is scheduled for Greece in June 2022, where 25 Americans aged 18 to 26 are set to compete. Continue reading U.S. Advances Cybersecurity Steps as Ransomware Doubles