Clearview AI promises to cancel accounts that aren't law enforcement or government entities

Clearview AI is reportedly set to cancel client accounts that are not associated with law enforcement or other government entities, as scrutiny grows over abuses of the facial recognition AI app. Read the rest

State-backed hackers are attacking coronavirus responders, U.S. and UK officials warn in joint statement

Britain and the United States said on Tuesday in a joint warning that government-backed hackers are attacking healthcare and research institutions with the goal of stealing valuable information about the response to the novel coronavirus pandemic. Read the rest

The AmazonBasics Folding Bike Lock can be easily picked in three seconds

This is the AmazonBasics Folding Bike Lock. It's $28. Don't buy it.

"Because this can be opened so quickly with low-skill attacks, it should go without saying that I see this as a product to avoid," says the LockPickingLawyer. Read the rest

Hacker Bribed and Phished to Access Some Roblox Accounts

A hacker is accused of bribing an employee of the game Roblox and gaining access that allowed the hacker to see user account info, reset passwords, and grant virtual in-game currency, by way of the back end customer support panel of the massively popular online video game. Read the rest

Damien Patton, CEO of tech surveillance company Banjo, once helped KKK shoot up a synagogue: Report

“We believe that the Blacks and the Jews are taking over America, and it’s our job to take America back for the White race,” Patton testified at trial, describing his beliefs while carrying out the crime — beliefs he said he no longer held.

Banjo CEO Damien Patton has admitted to being a Neo-Nazi skinhead in his youth. But until today, the extent of his activity had not yet been reported, in part because of multiple spellings of his name used over the years. Read the rest

Watch: #FightCovid19 robot enforces Singapore social distance rules with 360º spy-cam

VIDEO: RTÉ News.

Singapore's Public Utilities Board is deploying a robot to encourage people wandering the outdoor parks of the densely populated Asian metropolis to social distance, and "stay safe, stay home". Read the rest

Businesses and stores are adding AI to security cameras for social distancing and mask-wearing compliance

📷 Pepper Construction is using Startup SmartVid.io to analyze worksite images for Oracle Industries Innovation Lab in Deerfield, Illinois.

Existing security cameras at retail stores and workplaces are being equipped with articifial intelligence to enforce measures intendded to slow the spread of the novel coronavirus, Reuters reports, based on interviews with 16 different machine vision software firms and a number of businesses that are now their clients. Read the rest

Financial Times journalist Mark Di Stefano accused of accessing private Zoom meetings, then publishing the information

Mark Di Stefano of the Financial Times is accused by The Independent of accessing private Zoom meetings held by The Independent and The Evening Standard as journalists were learning how coronavirus restrictions would affect them. Read the rest

Facebook accuses Israel's NSO Group of exploiting U.S. servers to infect 100s of devices via WhatsApp

Israeli spy-tech firm used WhatsApp accounts to hack, Facebook claims

State-sponsored hackers are using COVID-19 as cover for espionage, report from Google's Threat Analysis Group shows

More than 12 government-backed hacker groups are exploiting the COVID-19 pandemic as cover for digital reconnaissance and espionage, a new report by Google's Threat Analysis Group finds. Read the rest

For sale on the dark web: +500,000 Zoom accounts, some at less than a penny each

'The purchased accounts include a victim's email address, password, personal meeting URL, and their HostKey'

Apple and Google are working on coronavirus contact-tracing technology for iOS and Android

Google and Apple are working on a joint effort to introduce opt-in Bluetooth-based COVID-19 contact tracing APIs in mid-May for iOS and Android. Read the rest

More reporting links Clearview AI to Trump-aligned racists, neo-Nazis, and alt-right trolls

“Big Brother, it turned out, was wearing a MAGA cap”

Zoom shares crash as security + privacy concerns grow

The video conferencing app Zoom has become suddenly ubiquitous over the past few weeks, as the coronavirus shutdown closes schools, businesses, and keeps us all indoors. Shares of Zoom dropped 9% on Monday, adding to their sharp declines in recent days, as security and privacy vulnerabilities are reported. There is also new competition from other established video conferencing apps, who have access to more capital than Zoom. Skype, owned by Microsoft, is but one. Read the rest

Zoom transmits your info through China, and uses non-standard encryption, researchers say

“Researchers conclude that Zoom uses non-industry-standard cryptographic techniques with identifiable weaknesses and is not suitable for sensitive communications.”

Zoom patches Windows vulnerability that let attackers steal your Windows login from dodgy chat links

The suddenly popular videoconferencing app Zoom has issued a patch for a vulnerability in its Windows client that allowed attackers to steal the user's Windows login credentials from malicious chat links.

“Zoom issued a fix for this and other bugs, promising better transparency going forward,” reports Mark Hachman at PCWorld:

An unpatched vulnerability within Zoom allows an attacker to drop a malicious link into a chat window and use it to steal a Windows password, according to reports.

A hacker could use an attack called a UNC path injection to expose credentials, according to an attack posted on Twitter and subsequently followed up with an additional video. According to The Hacker News, that's because Windows exposes a user's login name and password to a remote server when attempting to connect to it and download a file.

----

Update: After this story and others went live April 1, Zoom CEO Eric Yuan addressed Zoom security and other issues in a blog post.

Read the rest

Zoom: Thousands of calls found via web search, thanks to default file naming scheme after users saved them in unprotected spaces like open AWS S3 buckets

Everyone is using Zoom for everything from pandemic family gatherings to A.A. meetings to therapy sessions to teaching college classes, but the app has newly revealed and very concerning security vulnerabilities.

The contents of thousands of video calls made on the app Zoom were exposed on the open web, and easily available via common web search tools.

The Washington Post reports that many of the videos, which callers assumed were private, include personally identifiable information and deeply intimate conversations, recorded in people’s homes. Read the rest

More posts