AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 6/24/2024

Australia alters CSAM detection rules after tech firms push back

These rules aim to tackle CSAM content online, but changes have been made after critics said there were no safeguards to keep encryption protected. Australia’s independent online safety regulator has amended upcoming online safety rules to keep encryption protected, after the original draft faced criticism from tech companies. The rules aim to make online services do more to tackle child sexual abuse material (CSAM) and pro-terror content on their platforms. The services these rules will apply to will include apps, websites, online storage services and some services that “deploy or distribute generative AI models”.

 

Cybersecurity firm Kaspersky denies it’s a hazard after the U.S. bans its software

The cybersecurity firm Kaspersky denied Friday that it is a security threat after the U.S. Commerce Department banned the use of its software in the United States. The Moscow-based company — whose CEO Eugene Kaspersky is Russian — said in a statement that the Commerce Department’s decision would not affect its ability to sell and promote its cyber security products and training in the U.S. Kaspersky said the government had based its decision on the “geopolitical climate and theoretical concerns” rather than independently verifying if there was a risk.

 

The DOJ has convicted five men for running a Netflix clone full of pirated TV shows

After years of pursuing a group of piracy advocates for illegally hosting and streaming thousands of stolen TV shows, the Department of Justice doled out a series of convictions. On Thursday, the Department of Justice announced that Kristopher Dallmann, Douglas Courson, Felipe Garcia, Jared Jaurequi, and Peter Huber — five men who were responsible for running Netflix knockoff Jetflicks — have been convicted on multiple counts of copyright infringement and money laundering by concealment that could ultimately lead to jail time. The five defendants (along with three other individuals) were first charged back in 2019 when the US government argued that their illegally operated streaming service had led to the loss of millions in revenue for companies including Netflix, Amazon Prime, and Hulu.

 

Coding error in forgotten API blamed for massive data breach

The data breach at Australian telco Optus, which saw over nine million customers’ personal information exposed, has been blamed on a coding error that broke API access controls, and was left in place for years. A Wednesday court filing [PDF] includes an account of the incident penned by Australia’s Communications and Media Authority (ACMA), which is using its regulatory powers to pursue Optus. The Authority alleges that Optus stored customer info and made it accessible to authenticated customers at www.optus.com.au and api.optus.com.au – described as the “Main” and “Target” domains. Retrieving that info required use of APIs that the filing describes as “Target APIs.”

 

Apple may delay AI features in the EU because of its big tech law

Apple says upcoming features like its Apple Intelligence generative AI tools, iPhone mirroring, and SharePlay screen sharing may not be available in the European Union this year, as reported previously by Bloomberg. Why? The Digital Markets Act (DMA), says Apple, citing the EU law that puts strict requirements on the “gatekeepers” that control massive online platforms to block anticompetitive behavior. Recently, rumors have indicated that Apple and Meta could soon face charges over DMA violations.

 

Related Posts