Up all night with the IT Privacy and Security Weekly update for the week ending November 7th., 202311/7/2023 Episode 164 This week we let you know why you feel so great after staying up all night with us. For our second story, we move into one of the world’s most prestigious resorts only to get no sleep because of its leaks. Our third update covers the blackout of about 31% of the Australian mobile market. In at number four is the nightmare of just how easily a study found it to be to obtain Sensitive Personally Identifiable Information (SPII) on the US Military. - click on the pic to hear the podcast - At five news updates on Apple: malware, Macbreaks and Massive tracking devices. Then we move onto the screen actors guild staying very much awake on the point of not releasing the rights to an actors likeness in perpetuity. Finally we close out with a story that allows no shut eye: the intense appetite to string all camera feeds together that started in one town and has caught on like a rash. This week we’re chasing the sun with a collection of global stories that ensure there will always be sunshine on this update! Let’s go! US: Acute sleep loss increases dopamine release and rewires the brain, new study finds https://news.northwestern.edu/stories/2023/11/one-sleepless-night-can-rapidly-reverse-depression-for-several-days/ Northwestern University neurobiologists have discovered the brain mechanisms behind that "tired and wired" feeling after sleep deprivation. In a new study, researchers induced mild, acute sleep deprivation in mice and then examined their behaviors and brain activity. Not only did dopamine release increase during the acute sleep loss period, synaptic plasticity also was enhanced — literally rewiring the brain to maintain the bubbly mood for the next few days. This finding sheds light on the natural transition of mood states and may uncover new targets for fast-acting antidepressants. Acute sleep deprivation, even in healthy individuals, induces real changes in mood states. The study aimed to understand the brain's role in these effects, focusing on dopamine neurons and specific brain regions. The prefrontal cortex was identified as a clinically relevant area related to the antidepressant effect. While hyperactivity and heightened sexuality behaviors following sleep loss disappeared within hours, the antidepressant effect persisted for several days due to enhanced synaptic plasticity. Sleep deprivation's impact on the brain might be an evolutionary adaptation. It could be beneficial for an organism in situations requiring heightened alertness for a brief period, such as facing a predator. However, the researchers advise against intentionally losing sleep and emphasize the importance of getting a good night's rest for overall well-being. "This is an important reminder of how our casual activities, such as a sleepless night, can fundamentally alter the brain in as little as a few hours," says neurobiologist Yevgenia Kozorovitskiy, emphasizing the swift and powerful effects of acute sleep deprivation. So what's the upshot for you? We understand a general feeling of euphoria when you get the latest IT Privacy and Security weekly update. Now you can enhance the euphoria by staying up late to read it! SN: Singapore's uniquely shaped Marina Bay Sands Resort smashed by a data breach https://www.bleepingcomputer.com/news/security/marina-bay-sands-discloses-data-breach-impacting-665-000-customers/ The Marina Bay Sands (MBS) luxury resort and casino in Singapore has disclosed a data breach that impacts personal data of 665,000 customers. According to the statement, the security incident was discovered on October 20 and an unauthorized party was able to access information belonging to members of the MBS loyalty program. “Marina Bay Sands became aware of a data security incident on 20 October 2023 involving unauthorized third-party access on 19 and 20 October 2023 to some of our customers’ loyalty programme membership data,” reads the announcement. “Investigations have since determined that an unknown third party accessed customer data of about 665,000 non-casino rewards program members,” the company added. The type of information exposed in the data breach includes the following: Name Email address Mobile phone number Phone number Country of residence Membership number and tier So what's the upshot for you? This breach was just announced to the authorities today. This is the downside of resort life at the Marina Bay Sands. AU: Optus outage leaves millions of Australians without mobile and internet services https://www.abc.net.au/news/2023-11-08/optus-phone-internet-service-down-across-australia/103076700 During the night, the entire Optus mobile network went down and remains down. This is the second largest mobile network in Australia and it is the first time a network has gone down nationwide. It is affecting the trains in Melbourne and any business across Australia that uses the Optus service for phones or data. "Optus is aware of an issue that may be impacting some of our mobile and internet customers," the company wrote in a statement. "We are currently working to identify the cause and apologize for any inconvenience. In case of an emergency customers can still call triple zero." Authorities are checking whether the outage is the result of a cyberattack. Currently over 10 million customers and 400,000 businesses are affected by the outage Train services in Melbourne went down briefly and further delays are expected So what's the upshot for you? If this turns out to be a cyber attack, it would be huge news as it's hit so many businesses and transport links in addition to private individuals. Currently officials are saying it's not, so we'll see what detail the updates provide US: Now US Military Members' Personal Data is Being Sold By Online Brokers https://techpolicy.sanford.duke.edu/wp-content/uploads/sites/4/2023/11/Sherman-et-al-2023-Data-Brokers-and-the-Sale-of-Data-on-US-Military-Personnel.pdf Sensitive, highly detailed personal data for thousands of active-duty and veteran U.S. military members can be purchased for as little as one cent per name through data broker websites, according to a new study published on Monday by Duke University researchers. The data about military personnel purchased as part of the study included full names, physical and email addresses, health and financial information and details about their ethnicity, religious practices and political affiliation. In some cases, the information also included whether the person owned or rented a home, was married or had children. The children's ages and sexes were accessible, too. The researchers bought data on up to around 45,000 military personnel for between $0.12 to $0.32 per record. They also bought data belonging to 5,000 friends and family members of military personnel. Larger data purchases of over 1.5 million service members were available for as little as $0.01 per record from at least one broker the researchers contacted. So what's the upshot for you? The researchers called on Congress to pass a comprehensive privacy law and for regulatory agencies like the Federal Trade Commission to develop rules to govern military personnel data purchases. - click on the pic to hear the podcast - KP: New MacOS Malware, Bugfixes and that slideshow about Android https://www.securityweek.com/new-macos-malware-linked-to-north-korean-hackers/ https://www.bloomberg.com/news/articles/2023-11-07/apple-delays-work-on-ios-18-macos-15-watchos-11-due-to-problems-with-bugs https://www.theverge.com/2023/11/2/23943245/android-is-a-massive-tracking-device Security researchers at Jamf have discovered new MacOS malware named ObjCShellz, that allows attackers to remotely control macOS devices, but it's highly effective. Despite its simplicity, Jamf believes ObjCShellz is linked to the North Korean BlueNoroff APT group, particularly due to the hardcoded ip address of the command and control server. Consider blocking communication with the associated 104.168.214[.]151 IP address in case the ObjCShellz server gets lit back up In a rare move, Apple hit pause on development of next year's software updates for the iPhone, iPad, Mac and other devices so that it could root out glitches in the code. When looking at new operating systems due for release next year, the software engineering management team found too many "escapes" -- an industry term for bugs missed during internal testing. So the division took the unusual step of halting all new feature development for one week to work on fixing the bugs. Coming out of the ongoing Google antitrust trial, an internal Apple presentation has surfaced (via The Verge) in which the company called Android a "massive tracking device." The slides, made in January 2013, dove into how Apple's competitors (Google, Facebook, Amazon, and Microsoft primarily) handled privacy matters and user data. So what's the upshot for you? All mobile devices do a whole lot of tracking, whether it's Android or iOS. US: SAG-AFTRA Won't Budge As Studios Push To Own Actors' Likenesses In Perpetuity https://www.hollywoodreporter.com/business/business-news/sag-aftra-ai-protections-for-high-earning-members-sticking-point-1235638247/ Though negotiators from both the Screen Actors Guild (SAG-AFTRA) and the Alliance of Motion Picture and Television Producers (AMPTP) met this past weekend in hopes of bringing Hollywood's ongoing labor strike to an end, contract talks have reportedly stalled once again due to the desire of studios to own performers' digitally scanned likenesses in perpetuity. Previously, the AMPTP insisted that its most recent proposed contract was its "best and final" offer. But according to The Hollywood Reporter, SAG-AFTRA refused and walked away from the negotiations over the AMPTP's insistence on pushing for new rules regarding the use of people's likenesses that would ultimately leave actors in the lurch. Per The Hollywood Reporter, the AMPTP's newest contract would allow studios to secure the digitally scanned likenesses of all Schedule F performers -- members of the guild making more than the minimum $32,000 / episode rate for series or more than $60,000 for feature films. The AMPTP has been trying to get SAG-AFTRA on board with the idea of studios paying actors for their likenesses since the strike began earlier this year. Because this most recent proposal would allow studios to use digital scans of dead actors without the consent of their estates or the guild, however, SAG-AFTRA has refused and expressed its desire for changes that would require the studios to pay actors each time their faces are used and receive consent from those actors before doing so. On Monday evening, SAG-AFTRA posted a short message to X (formerly Twitter) stating, "There are several essential items on which we still do not have an agreement, including AI." So what's the upshot for you? In this case we agree with the Screen Actors guild US: AI Cameras Took Over One Small American Town. Now They're Everywhere https://www.404media.co/fusus-ai-cameras-took-over-town-america/ Spread across four computer monitors arranged in a grid, a blue and green interface shows the location of more than 50 different surveillance cameras. Ordinarily, these cameras and others like them might be disparate, their feeds only available to their respective owners: a business, a government building, a resident and their doorbell camera. But the screens, overlooking a pair of long conference tables, bring them all together at once, allowing law enforcement to tap into cameras owned by different entities around the entire town all at once. This is a demonstration of Fusus, an AI-powered system that is rapidly springing up across small town America and major cities alike. Fusus’ product not only funnels live feeds from usually siloed cameras into one central location, but also adds the ability to scan for people wearing certain clothes, carrying a particular bag, or look for a certain vehicle. Whether it’s a drone, a traffic camera, a private cell phone video, or a building security camera, FUSUS can extract the live video feed and send it to our Intelligence Center and officers in the field,” one memorandum from Elizabeth City, North Carolina, reads. That hardware, called SmartCORE, adds artificial intelligence to ordinary surveillance cameras and then allows them to detect different objects, vehicles, clothing, and “people.” The exact context or object being identified is unclear, but one screenshot included in a Fusus brochure shows a timeline interface with a camera feed and an attached “confidence” rating of 51.46%. The system can also integrate with gunfire detection systems and other internet-of-things sensors, another document reads. So what's the upshot for you? Fusus has networked more than 33,000 cameras across 2,400 U.S. locations. It’s spreading like a rash. - click on the pic to hear the podcast - So to recap: This week we let you know why you feel so great after staying up all night with us. Although we wouldn’t recommend it more than once a week, we let you know exactly why you feel so great. We moved onto the late breaking The Marina Bay Sands (MBS) luxury resort and casino in Singapore story and the data breach that will impact 665,000 of its customers. For our third update we covered the Optus blackout of about 31% of the Australian mobile market and the impact that’s having on public transport, businesses and individual phone and Internet users. Next, we covered a study that found it trivial to obtain sensitive personally identifiable information (SPII) on the US Military for just pennies. At five we had some Apple updates on malware, a week long break to review buggy code and a slide show from 10 years ago where they called Android phones, tablets and dongles “Massive tracking devices”. Then we applauded the screen actors guild for standing their ground and not releasing the rights to an actors likeness in perpetuity to hungry production companies. Finally we closed with a story that highlighted a hitherto relatively unknown company Fusus and their almost scary success in unifying thousands of disparate online cameras to pull all that coverage into a master database. And our quote of the week - "You know you’re in love when you can’t fall asleep because reality is finally better than your dreams." – Dr. Seuss That's it for this week. Stay safe, stay secure, try and get some shut eye and we'll see you in se7en!
Sarah B.
11/8/2023 01:27:50 pm
This is a really great range of stories. Something for everyone it would seem~
Reply
Leave a Reply. |