After reporting the last The week that the “brute” video of Jeffrey Epstein’s prison published by the FBI was probably changed by certain means (although there was no evidence that the images were misleadedly manipulated), Wired reported on Tuesday that the analysis of the metadata of the video shows about 2 minutes and 53 seconds.
The United States Department of Internal Security faces controversy over the DNA samples taken from around 133,000 migrant children and adolescents that the ministry added to a criminal database. Meanwhile, researcher Jeremiah Fowler published the results this week that more than 2 GB of extremely sensitive adoption data – including information on organic parents, children and adoptive parents – were exposed and accessible to the public on the Internet open.
Roblox’s new confidence connections feature includes age check that uses AI to scan adolescent video selfies and determine if they can have access to an unwavered conversation with people they know. And as deep video capabilities mature – including AI tools that can even handle live video sequences – “Nudify” platforms attract millions of users and generate millions of dollars in revenue using American companies technology.
And there is more. Each week, we bring together the news of security and confidentiality that we have not covered in depth ourselves. Click on the titles to read full stories. And stay safe there.
The piracy group sponsored by the Chinese state known as Salt Typhoon already shocked the United States once with the revelation last year that it had deeply penetrated American telecommunications systems, even targeting text messages and telephone conversations of citizens, including candidates from Donald Trump and JD Vance in real time. It now seems that the group’s espionage included the US military, and it spent a large part of last year within the US National Guard network in at least one state. NBC News reported this week on a DHS memo, obtained by non -profit ownership of the transparency of the national security of the people, which warned that the Chinese pirate group had violated this network of the National Guard at the level of the state from March to December of last year. He did not identify what state had been targeted. According to the memo, the access of Salt Typhoon “has probably provided Beijing data that could facilitate the hacking of the National States National Guard units, and perhaps many of their cybersecurity partners at the level of the State”.
The Trump administration develops a new digital system designed to grant access to immigration and the almost real customs application to the sensitive data from taxpayers, including their domestic addresses. The internal plans, revealed by Propublica on Tuesday, show that the system is designed to automate and accelerate the exchange of “on demand” data, by bypassing the traditional guarantees of the IRS which normally require the examination on a case -by -case basis and the legal justification. The system represents a major change in the way in which IRS data is accessible, and it is already raising concerns among the experts in civil liberties who claim that the process can violate the laws on confidentiality and further accelerate the ICE capacity to obtain tax data for deportation.
A zero-day vulnerability which allows the brakes of a trains to be triggered by malicious pirates is a disturbing notion. A vulnerability of more than 7,300 days which leaves the trains exposed to this brake hack is a shocking level of negligence for a critical American infrastructure. Last week, the cybersecurity and infrastructure safety agency published a notice of authentication last week in a protocol that allows a device at the head of a train (hot) to send a braking signal to another device at the end of a train (EOT) for coordinated braking in long trains such as freight trains. This meant that hackers could send their own non -authenticated orders to disrupt trains, close the rail networks or even cause derailment, one of the researchers credited in the opinion told Securityweek. The problem is all the more blatant by the fact that the researchers discovered that the vulnerability had been reported for the first time in 2005 but was never taken seriously or fixed. Tens of thousands of hot and vulnerable eot devices should be replaced in a process that will start next year.
Pirates who wish to build a botnet of internet devices of malware can browse these devices for vulnerabilities – which is enough abundant – and exploit them remotely. Or better still, they can infect them before they even be shipped. Google announced this week that it would file a complaint against the administrators of the so-called Botnet Badbox 2.0, which included 10 million Android televisions which were somehow infected with malware before being sold to consumers. Botnet operators, which Google describes as Chinese cybercriminals, then sold access to these devices to be used as proxy machines or for false advertising views in a large scheme of rattling fraud. Badbox 2.0 “is already the largest known botnet of televisions connected to the Internet, and it develops every day. He injured millions of victims in the United States and worldwide and threatens much more, “said Google’s complaint.
