Archive for August, 2019

@jack Got Hacked: Twitter CEO's Tweets Hijacked

Twitter CEO Jack Dorsey’s Twitter account was, apparently, hijacked for roughly 20 minutes and used for a racist rant.
Source: DarkReading
@jack Got Hacked: Twitter CEO’s Tweets Hijacked

New Credential-Theft Attack Weaponizes DNS

The recently discovered campaign sends stolen data out of the network as part of a DNS query.
Source: DarkReading
New Credential-Theft Attack Weaponizes DNS

Municipal Government Calls For Facial Recognition Ban

Municipal Government Calls For Facial Recognition Ban

Brookline has become the third Massachusetts municipality to call for a ban on the use of facial recognition technology by a municipal government. 



The proposed ban, put forward in a warrant article by town meeting member Amy Hummel, is likely to be considered by town representatives in November.



statement in support of Hummel’s proposal was issued by the Massachusetts branch of the American Civil Liberties Union (ACLU), which recently launched the Press Pause on Face Surveillance campaign. An ACLU-backed bill currently before Massachusetts legislators proposes a statewide moratorium on the government’s use of facial recognition technology.



Kade Crockford, director of the Technology for Liberty Program at ACLU Massachusetts, said: “For too long, face surveillance technology has gone unregulated, posing a serious threat to our basic civil rights and civil liberties. In the absence of state or national action, municipal governments have taken the first steps towards sensible policy.”



Somerville was the first city in Massachusetts to come out against the technology. A proposal to ban its use in police investigations and municipal surveillance programs was passed by Somerville City Council in June by a vote of 11 to 0. 



Last month the city of Cambridge joined the party when Mayor Marc McGovern proposed a ban on the use of facial recognition technology in the city.  



These three New England cities aren’t alone in their rejection of this particular type of tech. In May this year San Francisco banned the use of facial recognition technology by the police and other agencies, while Oakland, California, City Council last month voted unanimously to ban the use of facial recognition by city departments, and Berkeley is considering following suit. 



bill to place a five-year moratorium on police using facial-recognition technology is currently under consideration in Michigan, and the tech has raised concerns at a national level too.



In July the U.S. House of Representative passed an amendment to the Intelligence Authorization Act for Fiscal Year 2020 that requires the director of national intelligence to report the U.S. government’s use of facial recognition technology, detailing its accuracy and efforts to protect and potential consequences for human and civil rights.



There is an argument to be made for the use of facial recognition technology by the government to secure airports and border installations, but it remains to be seen how the growing concerns over its impact on the freedom of the general public will play out in the U.S. at municipal and state level.


Source: Infosecurity
Municipal Government Calls For Facial Recognition Ban

Face-Off

Face-Off

Brookline has become the third Massachusetts municipality to call for a ban on the use of facial recognition technology by a municipal government. 



The proposed ban, put forward in a warrant article by town meeting member Amy Hummel, is likely to be considered by town representatives in November.



statement in support of Hummel’s proposal was issued by the Massachusetts branch of the American Civil Liberties Union (ACLU), which recently launched the Press Pause on Face Surveillance campaign. An ACLU-backed bill currently before Massachusetts legislators proposes a statewide moratorium on the government’s use of facial recognition technology.



Kade Crockford, director of the Technology for Liberty Program at ACLU Massachusetts, said: “For too long, face surveillance technology has gone unregulated, posing a serious threat to our basic civil rights and civil liberties. In the absence of state or national action, municipal governments have taken the first steps towards sensible policy.”



Somerville was the first city in Massachusetts to come out against the technology. A proposal to ban its use in police investigations and municipal surveillance programs was passed by Somerville City Council in June by a vote of 11 to 0. 



Last month the city of Cambridge joined the party when Mayor Marc McGovern proposed a ban on the use of facial recognition technology in the city.  



These three New England cities aren’t alone in their rejection of this particular type of tech. In May this year San Francisco banned the use of facial recognition technology by the police and other agencies, while Oakland, California, City Council last month voted unanimously to ban the use of facial recognition by city departments, and Berkeley is considering following suit. 



bill to place a five-year moratorium on police using facial-recognition technology is currently under consideration in Michigan, and the tech has raised concerns at a national level too.



In July the U.S. House of Representative passed an amendment to the Intelligence Authorization Act for Fiscal Year 2020 that requires the director of national intelligence to report the U.S. government’s use of facial recognition technology, detailing its accuracy and efforts to protect and potential consequences for human and civil rights.



There is an argument to be made for the use of facial recognition technology by the government to secure airports and border installations, but it remains to be seen how the growing concerns over its impact on the freedom of the general public will play out in the U.S. at municipal and state level.


Source: Infosecurity
Face-Off

CVE-2019-15842

The easy-pdf-restaurant-menu-upload plugin before 1.1.2 for WordPress has XSS.
Source: NIST
CVE-2019-15842

CVE-2019-15839

The sina-extension-for-elementor plugin before 2.2.1 for WordPress has local file inclusion.
Source: NIST
CVE-2019-15839

CVE-2019-15841

The facebook-for-woocommerce plugin before 1.9.15 for WordPress has CSRF via ajax_woo_infobanner_post_click, ajax_woo_infobanner_post_xout, or ajax_fb_toggle_visibility.
Source: NIST
CVE-2019-15841

CVE-2019-15840

The facebook-for-woocommerce plugin before 1.9.14 for WordPress has CSRF.
Source: NIST
CVE-2019-15840

CVE-2019-15836

The wp-ultimate-recipe plugin before 3.12.7 for WordPress has stored XSS.
Source: NIST
CVE-2019-15836

CVE-2019-15838

The custom-404-pro plugin before 3.2.8 for WordPress has reflected XSS, a different vulnerability than CVE-2019-14789.
Source: NIST
CVE-2019-15838