AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 07/31/2023

Senate opens path for a cyber-focused military branch 

The possibility of a U.S. Cyber Force moved one step closer to reality on Thursday after the Senate approved its version of a massive defense policy bill. The $886 billion National Defense Authorization Act passed in a 86-11 vote. The Republican-led House narrowly passed its version of the legislation earlier this month, mostly along party lines. The two chambers will now go to conference to write a final compromise measure. The Record first reported last month that the Senate bill included an amendment by Sen. Kirsten Gillibrand (D-NY) that directs the Defense Department to tap the National Academy of Public Administration to conduct an assessment of establishing a seventh, cyber-specific military service. 


Blocking access to ChatGPT is a short term solution to mitigate risk 

For every 10,000 enterprise users, an enterprise organization is experiencing approximately 183 incidents of sensitive data being posted to ChatGPT per month, according to Netskope. Source code accounts for the largest share of sensitive data being exposed. Based on data from millions of enterprise users globally, researchers found that generative AI app usage is growing rapidly, up 22.5% over the past two months, amplifying the chances of users exposing sensitive data.  


Apple Developers Required to Justify Use of Some APIs in Latest Move to Boost Privacy 

In an effort to bolster user privacy, developers will need to justify their use of certain Apple APIs before their apps can be listed on the App Store, according to a new article on the Apple developer website spotted by 9to5MacThe Apple Developer website now lists some APIs as “Required Reason APIs,” meaning that developers have to clarify why they are using them in their privacy manifest. Some commonly used APIs, such as UserDefaults, which stores user preferences, now fall under the Required Reason category. 


FBI warns of broad AI threats facing tech companies and the public 

Executives, researchers and engineers at big tech companies and startups alike working on artificial intelligence face a growing threat from criminal and nation-state hackers looking to pilfer intellectual property or data that underlies powerful chatbots, the FBI warned on Friday. The growing risk coincides with increasing availability of AI tools and services to the general public in the form of products such as OpenAI’s ChatGPT, or Google’s Bard, for instance, as well as the increasing ease and ability for many companies to develop AI language models. 


Browser developers push back on Google’s “web DRM” WEI API 

Google’s plans to introduce the Web Environment Integrity (WEI) API on Chrome has been met with fierce backlash from internet software developers, drawing criticism for limiting user freedom and undermining the core principles of the open web. Employees from Vivaldi, Brave, and Firefox have taken a strong, opposing stance against Google’s proposed standard, and some have gone as far as to call it DRM (digital rights management) for websites. 


Instead of obtaining a warrant, the NSA would like to keep buying your data 

An effort by United States lawmakers to prevent government agencies from domestically tracking citizens without a search warrant is facing opposition internally from one of its largest intelligence services. Republican and Democratic aides familiar with ongoing defense-spending negotiations in Congress say officials at the National Security Agency (NSA) have approached lawmakers charged with its oversight about opposing an amendment that would prevent it from paying companies for location data instead of obtaining a warrant in court. 


Apple confirms bug stops Screen Time limits from sticking for kids 

If your kid has been mysteriously busting through the Screen Time limits you set on their Apple device, the Wall Street Journal might know why: the publication found that a bug has been preventing certain Screen Time limits set via the Family Sharing system from saving correctly for months. Apple was supposed to fix the issue back in May, but apparently the problem has persisted. Apple’s Family Sharing system allows parents to put usage limits on their kids’ devices, with one of the key controls being the ability to monitor and limit their usage of specific apps and the device as a whole through a feature called Screen Time.  


Related Posts