The Deepfakes thing is already starting to have an impact, and it didn't even involve actual Deepfake (GAN ML) technology. A video was spread of Nancy Pelosi speaking very slowly and seeming to stumble over her words, which made her look quite bad. The video was virally shared throughout social media on the right. Problem is, it was intentionally slowed down to make her look old/stupid/crazy. What this shows us is that it's not the machine learning that makes Deepfakes dangerous; it's the willingness of a massive percentage of the US population to believe total garbage without an ounce of scrutiny. It doesn't matter if Deepfakes can be shown to be fake because people are matching evidence to their emotions, not the other way around. The vulnerability is our ignorance and cynicism, not a spoofing technology. And as I wrote about a couple of years ago, this will be used as a weapon against us. More Essay
A real estate insurance website for First American Financial Corp was vulnerable to a simple IDOR (where you change the account number in the URL to get another account), and it evidently resulted in the exposure of hundreds of millions of insurance records that included extremely sensitive information. IDOR is still one of the most common and dangerous vulns a web app can have, and for companies like this they can be devastating. More
The US Military is trying to learn how popular movements form and evolve, and to do so they're studying 350 billion social media messages. But it's a Bloomberg article, so maybe they're actually studying bullfrogs for clues about hypertension. More
Moody's has downgraded Equifax's rating in some significant part due to its 2017 cyber breach. This is noteworthy because until now, breaches have largely been spackled over in terms of the major financial perspective and at the 6-24 month timescale. This is a positive indication that companies could actually start taking cybersecurity more seriously, and not just at the CISO and IT level, but from the boardroom down. More
Advisories: TP-Link Routers
Become a Member: https://danielmiessler.com/upgrade
See omnystudio.com/listener for privacy information.
The Deepfakes thing is already starting to have an impact, and it didn't even involve actual Deepfake (GAN ML) technology. A video was spread of Nancy Pelosi speaking very slowly and seeming to stumble over her words, which made her look quite bad. The video was virally shared throughout social media on the right. Problem is, it was intentionally slowed down to make her look old/stupid/crazy. What this shows us is that it's not the machine learning that makes Deepfakes dangerous; it's the willingness of a massive percentage of the US population to believe total garbage without an ounce of scrutiny. It doesn't matter if Deepfakes can be shown to be fake because people are matching evidence to their emotions, not the other way around. The vulnerability is our ignorance and cynicism, not a spoofing technology. And as I wrote about a couple of years ago, this will be used as a weapon against us. More Essay
A real estate insurance website for First American Financial Corp was vulnerable to a simple IDOR (where you change the account number in the URL to get another account), and it evidently resulted in the exposure of hundreds of millions of insurance records that included extremely sensitive information. IDOR is still one of the most common and dangerous vulns a web app can have, and for companies like this they can be devastating. More
The US Military is trying to learn how popular movements form and evolve, and to do so they're studying 350 billion social media messages. But it's a Bloomberg article, so maybe they're actually studying bullfrogs for clues about hypertension. More
Moody's has downgraded Equifax's rating in some significant part due to its 2017 cyber breach. This is noteworthy because until now, breaches have largely been spackled over in terms of the major financial perspective and at the 6-24 month timescale. This is a positive indication that companies could actually start taking cybersecurity more seriously, and not just at the CISO and IT level, but from the boardroom down. More
Advisories: TP-Link Routers
Become a Member: https://danielmiessler.com/upgrade
See omnystudio.com/listener for privacy information.
Nyd den ubegrænsede adgang til tusindvis af spændende e- og lydbøger - helt gratis
Dansk
Danmark