AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 09/16/2022

Proton and DuckDuckGo want Congress to approve tech antitrust reform ‘as soon as possible’

More than a dozen smaller tech companies, including Proton and DuckDuckGo are urging lawmakers to pass comprehensive antitrust legislation “as soon as possible.” For them, passing the bill would kill two birds with one stone, allowing lawmakers to address anti-competitive conduct and privacy failures in one go.  In a letter to top congressional leaders on Tuesday, executives from a dozen smaller tech companies called on lawmakers to pass the American Innovation and Choice Online Act, or AICO, a sweeping competition bill that would restrict dominant platforms like Google and Amazon from favoring their own services over those of their competitors. The bill would also provide new funding for antitrust regulators at the Justice Department and Federal Trade Commission to enforce the rules.

 

Organisations are scaling back their open source software due to security fears

Growing security fears around open source software are causing organisations to reduce their usage, the latest research from data science platform provider Anaconda has found. The firm’s annual 2022 State of Data Science report dives into the widespread trends, opportunities, and perceived barriers facing the data science, machine learning (ML), and artificial intelligence (AI) industries. The study surveyed 3,493 academics, industry professionals, and students, from across 133 countries between April 25, 2022, and May 14, 2022. It revealed that open source security continues to be a dominant concern in the wake of incidents such as the Log4j breach and the rise of protestware over the last year.

 

Nearly half of employees admit to risky online behavior to avoid login hassles

A new study from 1Password has detailed a number of “dangerous” habits that many workers have adopted, putting their companies at risk. The password manager company’s survey was designed to expose a term that the company calls “login fatigue”, which is reported to take a toll on productivity, security, and mental health. Of the 2,000 North American participants that took part, 44% claimed that logging in and out of apps at work either has a negative effect on their mood or their productivity. In response to this, 43% of the respondents admitted to “dangerous online behaviors”, including sharing login details and offloading or abandoning tasks to avoid the relentless task of managing online accounts.

 

Uber investigating ‘cybersecurity incident’ after report of breach

Uber Technologies Inc (UBER.N) said on Thursday it was investigating a cybersecurity incident, after a report that its network was breached and the company had to shut several internal communications and engineering systems. A hacker compromised an employee’s workplace messaging app Slack and used it to send a message to Uber employees announcing that the company had suffered a data breach, according to a New York Times report on Thursday that cited an Uber spokesperson. It appeared that the hacker was later able to gain access to other internal systems, posting an explicit photo on an internal information page for employees, the report added.

 

Senate confirms first-ever cyber ambassador

The Senate on Thursday unanimously confirmed Nathaniel Fick to head the State Department’s new cyber bureau. Fick will be the bureau’s first-ever ambassador-at-large following its launch in April. The bureau was established to deal with international issues related to cyber and emerging technologies. It has three policy units: international cyberspace security, digital freedom, and international information and communications policy. “Today, with the confirmation of Cape Elizabeth’s Nate Fick, the United States has taken a historic, long overdue step to address our rapidly-changing cyber environment,” said Sen. Angus King (I-Maine) in a statement.

Related Posts