Our website may use cookies to improve and personalize your experience and to display advertisements (if any). Our website may also include cookies from third parties like Google Adsense or Google Analytics. By using the website, you consent to the use of cookies. We’ve updated our Privacy Policy. Please click on the button to check our Privacy Policy.

AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 02/26/2021

The NYPD Sent a Creepy Robotic Dog Into a Bronx Apartment Building

The largest police department in the country deployed its new K-9 companion into a Bronx apartment building while responding to a home invasion early Tuesday morning. But this particular K-9 wasn’t as cute, cuddly or even furry like its mammalian colleagues. Instead, this good boy features four metal and rubber legs, a face only perhaps only a Cylon could love, and all the grace of a murderous time-traveling cyborg. Meet “Digidog,” the New York City Police Department’s first robotic “dog.” The department’s new canine toy comes courtesy of Boston Dynamics, the folks who brought you all of those cool (albeit slightly concerning) videos of robots opening doors and doing backflips. Digidog can navigate up stairs, run up to three-and-a-half miles per hour and even talk. Soon, it will be able to open doors on its own. “The device, which is currently in the test phase, is a robot that weighs 70lbs and is able to use artificial intelligence to navigate its environment,” NYPD spokesperson Sergeant Jessica McRorie told VICE News in an email.

 

This browser extension shows what the Internet would look like without Big Tech

The Economic Security Project is trying to make a point about big tech monopolies by releasing a browser plugin that will block any sites that reach out to IP addresses owned by Google, Facebook, Microsoft, or Amazon. The extension is called Big Tech Detective, and after using the internet with it for a day (or, more accurately, trying and failing to use), I’d say it drives home the point that it’s almost impossible to avoid these companies on the modern web, even if you try. Currently, the app has to be side-loaded onto Chrome, and the Economic Security Project expects that will remain the case. It’s also available to side-load onto Firefox. By default, it just keeps track of how many requests are sent, and to which companies. If you configure the extension to actually block websites, you’ll see a big red popup if the website you’re visiting sends a request to any of the four. That popup will also include a list of all the requests so you can get an idea of what’s being asked for.

 

Twitter introduces Super Follows, lets people charge users to read their tweets

Just by reading the title, Twitter users might think it’s an April Fool’s day prank, but it’s not. The social network giant has just announced a major new feature that will allow its users to charge for tweets: Super Follows. Just like Pateron, Super Follows will allow content creators, journalists, leakers, or anyone on Twitter to charge a monthly subscription to their followers for providing exclusive content. According to The Verge, it will cost Twitter users $4.99 to become “super followers.” That being said, it will be interesting to see how media outlets will react if their journalists will put some of their work-related tweets behind paywalls and, thus gaining extra revenue. Anyway, the paid subscription service Super Follows is not the only new thing revealed by Twitter during its Analyst event today. A new feature called Communities has been revealed too, and while this does seem like Twitter’s take on Facebook’s Groups, there aren’t too many details available at the moment.

 

TikTok Agrees to Pay $92 Million to Settle Class-Action Lawsuit Alleging Privacy Violations

TikTok and its parent company, China’s ByteDance, have agreed to a settlement resolving a federal class-action lawsuit claiming the short-form video app wrongfully collected users’ biometric data and shared it with third parties. Under the terms of the settlement, TikTok will pay $92 million toward a fund for users who claim their personally identifiable information was improperly used by the app. The agreement also requires that TikTok establish a new privacy-compliance training program and take other steps to protect its users’ privacy going forward. If the settlement is approved by the court, affected TikTok users will receive information about how to receive a share of the funds. The multidistrict litigation consolidated 21 cases filed against TikTok, its predecessor Musical.ly, and its affiliates.

 

NSA Issues Guidance on Zero Trust Security Model

The National Security Agency published a cybersecurity product, “Embracing a Zero Trust Security Model,” on Thursday. This product shows how deploying Zero Trust security principles can better position cybersecurity professionals to secure enterprise networks and sensitive data. To provide NSA’s customers with a foundational understanding of Zero Trust, this product discusses its benefits along with potential challenges, and makes recommendations for implementing Zero Trust within their networks. The Zero Trust model eliminates trust in any one element, node, or service by assuming that a breach is inevitable or has already occurred. The data-centric security model constantly limits access while also looking for anomalous or malicious activity. Adopting the Zero Trust mindset and leveraging Zero Trust principles will enable systems administrators to control how users, processes, and devices engage with data. These principles can prevent the abuse of compromised user credentials, remote exploitation, or insider threats, and even mitigate effects of supply chain malicious activity.

Related Posts