Scott Ikeda

USDoD has a years-long history of data breaches, leaking the stolen information or offering it for sale on hacking forums. This has included some extremely damaging collections of information, the largest of which thus far has been the National Public Data breach.

Business and employment networking giant LinkedIn is being hit with a big GDPR fine for failure to obtain sufficiently informed consent for ad tracking, and for not having a valid basis for its processing of first party personal data for this purpose.

The noyb privacy complaint notes that Pinterest has invoked the "legitimate interest" exception to user consent for ad tracking, one of a small handful of such exceptions provided for by the GDPR. The problem for the company is that Meta has already tried this tack and failed.

The Biden White House continues to seek a balance between AI innovation and safe ethical use with a new national security memorandum that stresses the need to outcompete rivals, but also sets limits in the most potentially abusive areas.

What the new AI guidance boils down to is essentially the legal principle that it cannot be considered "reasonable" respect for or protection of privacy to enter personal information into an AI system, unless that AI has been expressly designed for this.

CRA has lost about $190 million in payments made to scammers since 2020, with the highlight item being a $40 million tax refunds scam in which the perpetrator simply logged into an account and requested the astounding sum of money using false T4A income reporting slips.

As early as late July, Delta CEO Ed Bastian was threatening CrowdStrike with a lawsuit to recoup some of its estimated $500 million in losses from flight disruptions. CrowdStrike has filed its own suit pointing to Delta's slow recovery from the IT outage.

Chinese hackers have attempted to interfere in US elections before. Anonymous official sources have spoken out claiming that this year's free-ranging espionage campaign is seeking phone data from senior officials and leading candidates regardless of party affiliation.

The campaign was conducted by malicious hackers who sold the stolen credentials off, with much of the info being put to use in spam and phishing campaigns. The attack simply made use of open-source tools to scan IP ranges for potentially vulnerable Git config files.

CISA and the “Five Eyes” national intelligence agencies have issued their annual advisory on the top exploited vulnerabilities for the prior year, and its findings bolster some other recent reports that a successful attack is becoming increasingly likely to be the result of a zero-day.