AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 11/22/2024

Now Online Safety Act is law, UK has ‘priorities’ – but still won’t explain ‘spy clause’

The UK government has set out plans detailing how it will use the new law it has created to control online platforms and social media – with one telling exception. The Draft Statement of Strategic Priorities for online safety places an emphasis on platform providers preventing online harms in the first place, and collaborating with regulator Ofcom on how the new law – the Online Safety Act – will be implemented. But it provides little detail about how it will use the more controversial aspects of the legislation. The set of priorities lists activities that might take place on online platforms. It expects platform providers “to take proactive steps to reduce the risks their services are used to carry out the most harmful illegal activity.”

 

Apple Pay, Cash App, and other digital wallets will be regulated more like banks now

Major digital payment providers will soon be subject to bank-like supervision from the US Consumer Financial Protection Bureau (CFPB). On Thursday, the CFPB issued a final rule that will regulate digital payment apps that process over 50 million transactions each year, covering services like Apple Pay, Google Wallet, PayPal, Cash App, and others. The new rule is meant to ensure digital payment providers adhere to the same laws as credit unions and large banks. It will give the CFPB the authority to oversee their compliance with federal laws surrounding privacy, fraud, and other rules through “proactive examinations.” This follows the CFPB’s initial proposal to regulate digital payment providers last year, which would’ve covered a wider swath of companies processing more than 5 million transactions a year.

 

Don’t install Bing Wallpaper until you check out everything it does under the hood

Back in August, we heard reports of Bing Wallpaper asking people to sideload a Bing extension onto Chrome. It definitely raised an eyebrow at the time, but little did we know that this would be the tip of the iceberg. After Microsoft released Bing Wallpaper for public use a few days ago, it turns out that it runs some pretty shady code that people using the app should definitely know about.

 

Ubuntu Linux has a worrying security flaw that may have gone unseen for a decade

A critical security vulnerability has been discovered in the Ubuntu Linux operating system that may have been lurking undetected for over 10 years. The flaw, which affects the operating system’s file system permissions, could potentially allow attackers to escalate their privileges and gain unauthorized access to sensitive data.

 

NIST Sets Up New Task Force on AI and National Security

The National Institute of Standards and Technology (NIST) has launched a task force to address the intersection of artificial intelligence and national security. This new initiative aims to develop policies and frameworks to ensure that AI technologies are used responsibly and effectively in safeguarding national interests, while mitigating associated risks.

 

A new ‘ultra-secure’ phone carrier says it can make you harder to track

A new cell phone carrier is launching with an interesting pitch: it says it will offer secure cell service that limits how much personal data users give up, as reported earlier by 404 Media. The service, called Cape, is geared toward “high-risk” individuals like politicians, journalists, activists, and others. Cape is a mobile virtual network operator (MVNO) that uses UScellular’s network. But since it runs its mobile own core, Cape says it can control the technology powering the mobile network and “implement protections over what data enters and leaves your phone.” When signing up for the service, Cape says it will ask users for the “minimum amount of personal information” and will store it “for as little time as possible.”

Related Posts