AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 7/15/2020

MIT creates a soft-fingered robotic gripper than could eventually tie knots and sew stitches

MIT’s Computer Science and Artificial Intelligence Lab (CSAIL) has shared the results of a new project in which it built a two-fingered robotic gripper, which has soft pads for dedicated and fine manipulation of objects like cables, sheets and more. The robot’s design is based on how humans use their fingers to do things like untangle wires and tie knots. To do this, the CSAIL research team equipped their robotic gripper with fingertips that are not only made out of a soft material, but that also have embedded sensors which help it continually detect the position of a cable between the grippers to better control holding and manipulating them while performing simple tasks like detangling.


Amid Security Fears, Wells Fargo Tells Employees To Remove TikTok From Phones

TikTok, the popular video-making app, is owned by China’s Bytedance, and it has come under scrutiny from U.S. government officials. Secretary of State Mike Pompeo recently said Americans who downloaded the app risked their private information falling into “the hands of the Chinese Communist Party.” Wells Fargo’s statement on Friday (July 10) said the measure was taken because entertainment apps like TikTok don’t need to be present on employees’ work devices. “We have identified a small number of Wells Fargo employees with corporate-owned devices who had installed the TikTok application on their device,” the statement said, according to The Wall Street Journal. “Due to concerns about TikTok’s privacy and security controls and practices, and because corporate-owned devices should be used for company business only, we have directed those employees to remove the app from their devices.”


US threatens to restrict WeChat following TikTok backlash

Amid intense scrutiny over TikTok  as a potential national security risk in the U.S., WeChat,  the essential tool for Chinese people’s day-to-day life, is also taking heat from Washington. White House trade advisor Peter Navarro told Fox Business on Sunday that “[TikTok] and WeChat are the biggest forms of censorship on the Chinese mainland, and so expect strong action on that.” Navarro alleged that “all of the data that goes into those mobile apps that kids have so much fun with and seem so convenient, it goes right to servers in China, right to the Chinese military, the Chinese communist party, and the agencies which want to steal our intellectual property.”


CFAA will harm security researchers, EFF tells SCOTUS

The Electronic Frontier Foundation (EFF) urged the U.S. Supreme Court to rein in the scope of the Computer Fraud and Abuse Act (CFAA) by holding that accessing computers in ways that violate terms of service (TOS) does not violate the law. It’s the first time the High Court will consider if the CFAA – which outlaws accessing computers “without authorization” or “exceeding authorized access” – violates the TOS companies impose to control the use of their websites, apps, and computer systems. In a brief filed on behalf of 18 leading computer security researchers, the Center for Democracy & Technology, and the cybersecurity companies Bugcrowd, Rapid7, SCYTHE and Tenable, EFF told the court that despite its intended purpose to increase security, the CFAA has been wrongly interpreted to encompass common security research techniques like reverse engineering.


Google Chrome update limits cookie tracking and blocks annoying notifications

Google’s Chrome 84 is now available for all desktop users after a delay in releases due to the coronavirus pandemic. The version resumes the SameSite cookie changes Google started implementing with Chrome 80. If you’ll recall, the tech giant had to roll the feature back a couple of months after it was first introduced in an effort to ensure that it doesn’t cause online services and portals to stop working in the midst of coronavirus—related lockdowns. The changes require developers to set their cookies’ SameSite attribute or Google will automatically switch their setting to a more secure option, which is something that can potentially break websites. Now that enough time has passed, Google has likely decided that it was time to enforce the SameSite attribute changes to prevent security issues caused by cookie vulnerabilities.


Tech hits the brakes on office reopenings

Tech was the first industry to send its workers home when COVID-19 first hit the U.S., and it has been among the most cautious in bringing workers back. Even still, many companies are realizing that their reopening plans from as recently as a few weeks ago are now too optimistic. Crafting reopening plans gave tech firms a chance to bolster their leadership and model the beginnings of a path back to normalcy for other office workers. Their decision to pause those plans is the latest sign that normalcy is likely to remain elusive in the U.S. Many tech companies had already announced plans to allow most workers to telecommute through the end of the year (and in some cases indefinitely). Quietly, though, companies had been drawing up playbooks for portions of their workforces to return to the office sooner.In many cases, though, those plans are now on hold.

Related Posts