ftc - X-Industry - Red Sky Alliance2024-03-29T13:10:45Zhttps://redskyalliance.org/xindustry/feed/tag/ftcNew US Bill & AI Use Caseshttps://redskyalliance.org/xindustry/new-us-bill-ai-use-cases2023-10-03T16:05:00.000Z2023-10-03T16:05:00.000ZBill Schenkelberghttps://redskyalliance.org/members/BillSchenkelberg<div><p><a href="{{#staticFileLink}}12238277289,RESIZE_710x{{/staticFileLink}}"><img class="align-left" src="{{#staticFileLink}}12238277289,RESIZE_400x{{/staticFileLink}}" width="250" alt="12238277289?profile=RESIZE_400x" /></a>The US Democratic-backed AI Accountability Act of 2023 gives the US Federal Trade Commission (FTC) new authority and a new office to regulate how AI algorithms make critical decisions on housing, healthcare. Democrats in the House and Senate are teaming up on legislation to give the federal government new authority to regulate artificial intelligence in “high-impact” use scenarios.</p>
<p>See: <a href="https://redskyalliance.org/xindustry/regulation-v-innovation">https://redskyalliance.org/xindustry/regulation-v-innovation</a></p>
<p>The Algorithmic Accountability Act of 2023, introduced by Sens. Ron Wyden, D-OR, and Cory Booker, D-NJ, along with Rep. Yvette Clarke, D-NY, aims to create protections for individuals who are subject to algorithmic decision making in areas like housing, credit, education and more.</p>
<p>The legislation tasks the FTC to create regulations that provide companies operating these AI systems with concrete assessment instructions and procedures for ongoing evaluation. The bill is designed to be "a targeted response to problems already being created by AI and automated systems," according to a bill summary provided by lawmakers.<a href="#_ftn1">[1]</a></p>
<p>Under the bill, the FTC would publish annually an anonymized report to create an accessible repository of automated critical decision data for consumers and advocates to access. The bill authorizes the addition of 75 new staffers to the FTC to operate a new Bureau of Technology as a means of enforcing the legislation.</p>
<p>The bill’s sponsors emphasized the need for continuous prioritization of civil liberties in an increasingly automated world. “We know of too many real-world examples of AI systems that have flawed or biased algorithms: automated processes used in hospitals that understate the health needs of Black patients; recruiting and hiring tools that discriminate against women and minority candidates; facial recognition systems with higher error rates among people with darker skin; and more,” Booker said. “The Algorithmic Accountability Act would require that automated systems be assessed for biases, hold bad actors accountable, and ultimately help to create a safer AI future.”</p>
<p>See: <a href="https://redskyalliance.org/xindustry/govts-ai-regulations">https://redskyalliance.org/xindustry/govts-ai-regulations</a></p>
<p>Cosponsors so far include fellow Democrats in both chambers, including Sens. Martin Heinrich, D-NM, Gary Peters, D-MI, Tammy Baldwin, D-WI, and Elizabeth Warren, D-MA. On the House side, Reps. Ayanna Pressley, Pramila Jayapal, D-WA, Jared Huffman, D-CA, and Cori Bush, D-MO.</p>
<p>A spokesperson for Wyden said the lawmaker is continuing outreach across the aisle. “Sen. Wyden…absolutely believes this bill should appeal to Republicans as well as Democrats who are concerned about getting AI regulations right,” the spokesperson said.</p>
<p><em>This article is presented at no charge for educational and informational purposes only.</em></p>
<p>Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization and has reported extensively on AI technology. For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@redskyalliance.com </p>
<p>Weekly Cyber Intelligence Briefings:</p>
<ul>
<li>Reporting: <a href="https://www.redskyalliance.org/">https://www.redskyalliance.org/</a></li>
<li>Website: <a href="https://www.redskyalliance.com/">https://www.redskyalliance.com/</a></li>
<li>LinkedIn: <a href="https://www.linkedin.com/company/64265941%C2%A0">https://www.linkedin.com/company/64265941 </a></li>
</ul>
<p>Weekly Cyber Intelligence Briefings:</p>
<p>REDSHORTS - Weekly Cyber Intelligence Briefings</p>
<p><a href="https://attendee.gotowebinar.com/register/5993554863383553632">https://attendee.gotowebinar.com/register/5993554863383553632</a></p>
<p><a href="#_ftnref1">[1]</a> <a href="https://www.nextgov.com/artificial-intelligence/2023/09/new-bill-would-give-government-oversight-critical-ai-use-cases/390560/">https://www.nextgov.com/artificial-intelligence/2023/09/new-bill-would-give-government-oversight-critical-ai-use-cases/390560/</a></p></div>When AI is no longer your Friendhttps://redskyalliance.org/xindustry/when-ai-is-no-longer-your-friend2023-03-15T13:00:00.000Z2023-03-15T13:00:00.000ZJim McKeehttps://redskyalliance.org/members/JimMcKee<div><p><a href="{{#staticFileLink}}10997392868,RESIZE_400x{{/staticFileLink}}"><img class="align-left" src="{{#staticFileLink}}10997392868,RESIZE_400x{{/staticFileLink}}" alt="10997392868?profile=RESIZE_400x" width="250" /></a>Most of us have had or heard from a friend who has been the target of an email scammer pretending to be a friend in distress who needs money wired out of town or out of the country. Now scammers are using the telephone to inform you that your loved one is in distress. And the caller may sound “just like” your friend/relative. At that moment, your instinct would be to do anything to help them escape danger, including wiring money. My father was a victim of such a scam, but he called me first for advice. His “friend in trouble” was not in Scotland with a stolen wallet, passport, and a lump on his head; he was at his vacation home in Florida. A quick call to that residence and speaking with his friend foiled that scam.</p>
<p>Stop, think, and confirm before you do or commit to doing anything.<a href="#_ftn1">[1]</a></p>
<p>A recent report from The Washington Post featured an elderly couple, Ruth and Greg Card, who fell victim to an impersonation phone call scam. Ruth, 73, got a phone call from a person she thought was her grandson. He told her she was in jail, with no wallet or cell phone, and needed cash fast. As any other concerned grandparent would, Ruth and her husband, 75, rushed to the bank to get the money. It was only after going to the second bank that the bank manager warned them that they had seen a similar case before that ended up being a scam, and this one was likely a scam, too.</p>
<p>This scam is no longer an isolated incident. The report indicates that in 2022, impostor scams were the second most popular racket in America, with over 36,000 people falling victim to calls impersonating their friends and family. Of those scams, 5,100 of them happened over the phone, robbing over $11 million from people, according to FTC officials.</p>
<p>Generative AI has been in the media because of the increasing popularity of generative AI programs, such as OpenAI's ChatGPT and DALL-E. These programs have been mostly associated with their advanced capabilities that can increase user productivity. The same techniques used to train those helpful language models can be used to train more harmful programs, such as AI voice generators.</p>
<p>See: <a href="https://redskyalliance.org/xindustry/ai-voice-replication-may-place-you-on-the-couch">https://redskyalliance.org/xindustry/ai-voice-replication-may-place-you-on-the-couch</a></p>
<p>These programs analyze a person's voice for patterns that make up their unique sounds, such as pitch and accent, to recreate it. Many of these tools work within seconds, producing a sound virtually indistinguishable from the original source.</p>
<p>What can you do to prevent yourself from falling for the scam? The first step is being aware that this type of call is possible. See above: Stop, think, and confirm before doing anything.</p>
<p>If you get a call for help from one of your loved ones, remember that it could be a robot talking instead. To make sure it is actually a loved one, attempt to verify the source. I would hang up the phone immediately. If you are concerned, ask the caller a personal question that only your loved one would know the answer to. This can be as simple as asking them the name of your pet, family member, or other personal facts.</p>
<p>You can also check your loved one's location to see if it matches up with where they say they are. Today, it is common to share your location with friends and family, and in this scenario, it can come in extra handy</p>
<p>You can also try calling or texting your loved one from another phone to verify the caller's identity. You have your answer if your loved one picks up or texts back and does not know what you are talking about.</p>
<p> </p>
<p>Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments, or assistance, please get in touch with the office directly at 1-844-492-7225, or <a href="mailto:feedback@wapacklabs.com">feedback@wapacklabs.com</a> </p>
<p>Weekly Cyber Intelligence Briefings:</p>
<ul>
<li>Reporting: https://www. redskyalliance. org/ </li>
<li>Website: https://www. wapacklabs. com/ </li>
<li>LinkedIn: https://www. linkedin. com/company/64265941 </li>
</ul>
<p>Weekly Cyber Intelligence Briefings:</p>
<p>REDSHORTS - Weekly Cyber Intelligence Briefings</p>
<p><a href="https://attendee.gotowebinar.com/register/5504229295967742989">https://attendee.gotowebinar.com/register/5504229295967742989</a> </p>
<p> </p>
<p><a href="#_ftnref1">[1]</a> <a href="https://www.zdnet.com/article/scammers-are-using-ai-to-impersonate-your-loved-ones-heres-what-to-watch-for/">https://www.zdnet.com/article/scammers-are-using-ai-to-impersonate-your-loved-ones-heres-what-to-watch-for/</a></p></div>Weekly Cyber Intel Report - All Sector 07 01 2022https://redskyalliance.org/xindustry/weekly-cyber-intel-report-all-sector-07-01-20222022-07-01T15:33:27.000Z2022-07-01T15:33:27.000ZBill Schenkelberghttps://redskyalliance.org/members/BillSchenkelberg<div><h2><a href="{{#staticFileLink}}10614408283,RESIZE_584x{{/staticFileLink}}"><img class="align-left" src="{{#staticFileLink}}10614408283,RESIZE_400x{{/staticFileLink}}" width="250" alt="10614408283?profile=RESIZE_400x" /></a>Activity Summary - Week Ending on 1 July 2022:</h2>
<ul>
<li>Red Sky Alliance identified 40,622 connections from new IP’s checking in with our Sinkholes</li>
<li>MS hit 45 x – 2<sup>nd</sup> week</li>
<li>Analysts identified 1,801 new IP addresses participating in various Botnets</li>
<li>DeadLocker</li>
<li>Symbiote</li>
<li>Killnet</li>
<li>СПИСОК_посилань_на_інтерактивні_карти[.]docx</li>
<li>Apple, Google and theUS FTC</li>
<li>Guns and California Data Hacks</li>
</ul>
<p>Link to full report: <a href="{{#staticFileLink}}10614408486,original{{/staticFileLink}}">IR-22-182-001_weekly182.pdf</a></p></div>Twitter Woeshttps://redskyalliance.org/xindustry/twitter-woes2022-05-26T12:47:27.000Z2022-05-26T12:47:27.000ZBill Schenkelberghttps://redskyalliance.org/members/BillSchenkelberg<div><p><a href="{{#staticFileLink}}10529482293,original{{/staticFileLink}}"><img class="align-left" src="{{#staticFileLink}}10529482293,RESIZE_400x{{/staticFileLink}}" width="250" alt="10529482293?profile=RESIZE_400x" /></a>Seems Twitter is having many serious issues of late. A few months ago, Elon Musk started a whirlwind inside and outside the social media giant. Now regulators at the US Federal Trade Commission (FTC) issued regulatory action against Twitter. Twitter has agreed to pay $150 million for violating a 2011 administrative order with the FTC over how it used the email addresses and phone numbers of its users for targeted advertising, the agency announced with the US Department of Justice (DOJ) on May 25<sup>th</sup>.</p>
<p>In a 20-page complaint filed in the US District Court for the Northern District of California, the DOJ alleged that from May 2013 to September 2019, Twitter asked users for their contact information to make their accounts more secure. The social media company failed to tell users that it would also use the phone numbers and email addresses to help companies send targeted ads to them, the DOJ alleges.<a href="#_ftn1">[1]</a></p>
<p>The 2011 FTC order stated that Twitter “engaged in deceptive acts or practices” by misrepresenting how it handled user data, and that the company lacked reasonable safeguards to keep accounts and data secure. Additionally, the order barred Twitter from misrepresenting “the extent to which [it] maintains and protects the security, privacy, confidentiality, or integrity of any nonpublic consumer information.”</p>
<p>Twitter decided to settle the complaint by paying the fine and agreeing to a number of compliance measures, such as audits of its privacy program. “In reaching this settlement, we have paid a $150M USD penalty, and we have aligned with the agency on operational updates and program enhancements to ensure that people’s personal data remains secure and their privacy protected,” the company’s chief privacy officer, said in a statement. The complaint also alleged that Twitter’s behavior violated the EU-US Privacy Shield, which regulated the transfer of data between the US and Europe. “As the complaint notes, Twitter obtained data from users on the pretext of harnessing it for security purposes but then ended up also using the data to target users with ads,” the FTC Chair said in a statement. “This practice affected more than 140 million Twitter users, while boosting Twitter’s primary source of revenue.”</p>
<p>In 2020, Twitter told shareholders in a regulatory filing that it was aware of the FTC’s allegations and expected to take a potential $250 million hit to resolve the matter. The company stopped the contact information collection process in 2019, saying that using the data for advertising purposes was “unintentional.”</p>
<p>Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or <a href="mailto:feedback@wapacklabs.com">feedback@wapacklabs. com</a> </p>
<p>Weekly Cyber Intelligence Briefings:</p>
<ul>
<li>Reporting: <a href="https://www.redskyalliance.org/">https://www. redskyalliance. org/</a></li>
<li>Website: <a href="https://www.wapacklabs.com/">https://www. wapacklabs. com/</a></li>
<li>LinkedIn: <a href="https://www.linkedin.com/company/64265941">https://www. linkedin. com/company/64265941</a> </li>
</ul>
<p>Weekly Cyber Intelligence Briefings:</p>
<p>REDSHORTS - Weekly Cyber Intelligence Briefings</p>
<p><a href="https://attendee.gotowebinar.com/register/3702558539639477516">https://attendee. gotowebinar. com/register/3702558539639477516</a></p>
<p><a href="#_ftnref1">[1]</a> <a href="https://therecord.media/twitter-fined-150-million-by-ftc-for-alleged-privacy-violations/">https://therecord.media/twitter-fined-150-million-by-ftc-for-alleged-privacy-violations/</a></p></div>Buying an Auto Dealership; How’s its Cyber Health?https://redskyalliance.org/xindustry/buying-an-auto-dealership-how-s-its-cyber-health2022-04-19T14:37:02.000Z2022-04-19T14:37:02.000ZBill Schenkelberghttps://redskyalliance.org/members/BillSchenkelberg<div><p><a href="{{#staticFileLink}}10401200652,RESIZE_1200x{{/staticFileLink}}"><img class="align-left" src="{{#staticFileLink}}10401200652,RESIZE_400x{{/staticFileLink}}" width="250" alt="10401200652?profile=RESIZE_400x" /></a>Sound merger and acquisition often checks on a company’s cyber safeguarding and data transfer provisions said the President of investment banking and dealership advisory firm Presidio Group. Specifically, auto dealership purchase agreements many times include representations that the seller has complied with Gramm-Leach-Bliley and has taken reasonable steps to protect their computer systems and customers’ information, said a principal attorney and partner with Holland & Knight in Denver, CO who works on dealership transactions.<a href="#_ftn1">[1]</a> In the future, Safeguards Rule compliance likely will be added to the list of questions buyers ask about data security in their due diligence process. </p>
<p>Dealership buyers can start a risk assessment before a transaction closes by asking sellers to provide questionnaires they give cyber insurance providers, which generally mirror the US Federal Trade Commission’s z(FTC’s) requirements. </p>
<p>The Asbury Automotive Group Inc. in Georgia frequently looks for vulnerabilities in its own systems, as well as in systems for stores it plans to acquire, company leaders said last week. The publicly traded group rose one spot to No. 5 on Automotive News‘ most recent list of the top 150 dealership groups based in the US, sustained by its $3.2 billion purchase last year of Larry H. Miller Dealerships’ 61 new and used vehicle stores. “When you buy a single store, it needs a lot of work and structure on the IT side, especially on the security side,” the Asbury CEO said. “Most of the smaller groups have minimal security on their systems. They have it, but it’s minimal. Being a large company, we have layers of protection. So, in every acquisition we’ve done, even the big ones like [Larry H.] Miller and Park Place [Dealerships], we’ve had to add layers on top of their security, just to get ourselves comfortable. Certainly, Park Place had a more sophisticated one and so did the Millers. But being public, we enhanced it further.”</p>
<p>The CDK Global 2018 Dealership Cybersecurity Study found that 85% of IT staff say their dealership had experienced a cyber security incident within the previous two years. In 2021, the CDK Global 2021 State of Cybersecurity in the Dealership Report reflected that the average ransomware payout had increased seventeen-fold (17 x) in two years, up to $220,298 per incident. That’s an average, though, and the individual demand could range into the millions.<a href="#_ftn2">[2]</a> Dealerships have tightened their defenses since the 2018 report, but there continue to be areas that can be improved.</p>
<p>There is now a positive shift in the auto dealer mindset. The 2021 State of Cybersecurity in the Dealership Report also identifies a 16-day downtime due to ransomware attacks, essentially grinding a dealership’s operations to a halt for a half-month. It is no wonder that most SMBs can only last from three to seven days with their financial revenues shut off or scrambling to implement a stopgap.</p>
<p>It is critical to have the proper infrastructure in place to combat the effects of a cyberattack, including offline backups and monitoring software that help employees identify when an email or website isn’t secure. But there is more to dealership cybersecurity.</p>
<p>Dealers are in the car business, but that with current technology it is hardly the case anymore. Dealers are now in the customer service business primarily, and an increasing part of the business is software-related as cars become more connected. The CDK Global report says that “84% of consumers said they would not go back to buy another vehicle after their data had been compromised.” If dealerships are targeted, there is a serious likelihood that many customers will never return.</p>
<p>Cyber-attacks are increasing in frequency in the US, and they are emanating from new sources all the time. Protecting your dealership from the disruption and potentially costly payout or a ransomware attack could keep you in business while other less protected companies are put out of business. Red Sky Alliance has helped many companies with M&A threat and vulnerability assessments. </p>
<p>Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or <a href="mailto:feedback@wapacklabs.com">feedback@wapacklabs.com</a> </p>
<p>Weekly Cyber Intelligence Briefings:</p>
<ul>
<li>Reporting: <a href="https://www.redskyalliance.org/">https://www.redskyalliance.org/</a></li>
<li>Website: <a href="https://www.wapacklabs.com/">https://www.wapacklabs.com/</a></li>
<li>LinkedIn: <a href="https://www.linkedin.com/company/64265941">https://www.linkedin.com/company/64265941</a> </li>
</ul>
<p>Weekly Cyber Intelligence Briefings:</p>
<p>REDSHORTS - Weekly Cyber Intelligence Briefings:</p>
<p><a href="https://attendee.gotowebinar.com/register/5504229295967742989">https://attendee.gotowebinar.com/register/5504229295967742989</a></p>
<p><a href="#_ftnref1">[1]</a> <a href="https://usnewsmail.com/news/health/go-big-or-go-home-houston-wants-new-orleans-level-hurricane-protection-but-will-it-be-too-little-too-late/">https://usnewsmail.com/news/health/go-big-or-go-home-houston-wants-new-orleans-level-hurricane-protection-but-will-it-be-too-little-too-late/</a></p>
<p><a href="#_ftnref2">[2]</a> <a href="https://www.cbtnews.com/ransomware-attacks-are-on-the-rise-is-your-auto-dealership-secure/">https://www.cbtnews.com/ransomware-attacks-are-on-the-rise-is-your-auto-dealership-secure/</a></p></div>Scammers want to Shop with your Gift Cardshttps://redskyalliance.org/xindustry/scammers-want-to-shop-with-your-gift-cards2021-12-14T22:02:24.000Z2021-12-14T22:02:24.000ZJim McKeehttps://redskyalliance.org/members/JimMcKee<div><p><a href="{{#staticFileLink}}9909985854,original{{/staticFileLink}}"><img class="align-left" src="{{#staticFileLink}}9909985854,RESIZE_400x{{/staticFileLink}}" width="250" alt="9909985854?profile=RESIZE_400x" /></a>During the first nine months of 2021, 40,000 people reported losing over $148 million in gift cards to scammers. And we are only now entering the Christmas season. According to the Federal Trade Commission (FTC), these are staggering numbers that have increased each year for the past several years. Since 2018, gift cards have been the most frequently reported payment method for fraud. According to the FTC, most gift card scams start with a phone call from someone impersonating a branch of the government like the Social Security Administration or a business.</p>
<p>“The caller might threaten to freeze your bank account and tell you that you must buy gift cards to avoid arrest or to keep access to your money in your bank account. They will tell you to stay on the phone as you head to the store to buy gift cards to, they often claim, solve the “problem” they are calling about. They will also ask you to provide the numbers on the back of the card you buy. These are all signs of a gift card scam,” FTC said.</p>
<p>If you find yourself heading to the store to buy gift cards because someone on the phone told you so, stop. Please discuss this with family members, especially older people who are not as technical or up to date on criminal tactics. Nothing scares a senior citizen more than being told their retirement benefits may be at risk No matter who calls, texts, or emails you telling you to pay with a gift card, it is always a scammer. The government and legitimate businesses will never call you demanding payment with a gift card.</p>
<p>You might even get an email from a scammer impersonating your boss, asking, for example, to pay for the upcoming office party with gift cards and promising to pay you back later. This is an example of the business email compromise (BEC), which, according to the FBI, caused $1.8 billion worth of damage in the US last year. Scammers are not only after your money. They might also try to get access to the company’s sensitive data.</p>
<p>Gift card scams are widespread, and you might easily get bilked if a gift card looks like an excellent last-minute holiday present for your loved ones. There is a high demand for slightly cheaper gift cards, and many consumers buy them from shady channels. Typically, those gift cards have been previously used and can be empty.</p>
<p>Top targets for scammers include gift cards from Target, Google Play, Apple, eBay and Walmart.</p>
<p>Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization and offers proactive solutions to protect your networks. Cyber intelligence is a needed key for your overall cyber security. For questions, comments, or assistance, please contact the office directly at 1-844-492-7225, or <a href="mailto:feedback@wapacklabs.com">feedback@wapacklabs.com</a> </p>
<p> </p>
<p>Weekly Cyber Intelligence Briefings:</p>
<ul>
<li>Reporting: <a href="https://www.redskyalliance.org/">https://www.redskyalliance.org/</a></li>
<li>Website: <a href="https://www.wapacklabs.com/">https://www.wapacklabs.com/</a></li>
<li>LinkedIn: <a href="https://www.linkedin.com/company/64265941">https://www.linkedin.com/company/64265941</a> </li>
</ul>
<p>Weekly Cyber Intelligence Briefings:</p>
<p>REDSHORTS - Weekly Cyber Intelligence Briefings</p>
<p><a href="https://attendee.gotowebinar.com/register/3702558539639477516">https://attendee.gotowebinar.com/register/3702558539639477516</a></p></div>Facebook Woeshttps://redskyalliance.org/xindustry/facebook-woes2021-10-06T14:20:01.000Z2021-10-06T14:20:01.000ZBill Schenkelberghttps://redskyalliance.org/members/BillSchenkelberg<div><p><a href="{{#staticFileLink}}9651443878,RESIZE_584x{{/staticFileLink}}"><img class="align-left" src="{{#staticFileLink}}9651443878,RESIZE_400x{{/staticFileLink}}" alt="9651443878?profile=RESIZE_400x" width="250" /></a>Facebook has been having its share of problems. From a global outage to a Whistleblower gone public with claims that Instagram causes youth-based psychological issues, the social media giant is now on the defensive. US Congress is currently taking another, yet closer, look at oversight of social media platforms. </p>
<p>Facebook and its Instagram and WhatsApp platforms are finally back in operation after a worldwide outage hit the services and the businesses and people who rely on its platforms. Facebook reported late on 4 October that, “the root cause of this outage was a faulty configuration change” and that there is, “no evidence that user data was compromised as a result” of the outage. The company apologized and said it is working to understand more about the cause, which began around 11:40 am EST.<a href="#_ftn1">[1]</a> </p>
<p>To compound Facebook’s woes, a Facebook whistleblower who was a past product manager, provided The Wall Street Journal (WSJ) with internal documents that exposed the company’s awareness of harms caused by its products and decisions. This lead to the Whistleblower going public on CBS’s “60 Minutes.” This a day prior on 3 October and then testified with a US Senate subcommittee on 5 October. A coincidence? </p>
<p>The worldwide outage did not exactly bolster Facebook’s argument that its size and influence provide important benefits for the World. London-based internet monitoring firm Netblocks noted that the company’s 2019 plans to integrate the technology behind its platforms raised concerns about the risks of such a move. While such centralization, “gives the company a unified view of users’ internet usage habits,” Netblocks said, it also makes the services vulnerable to single points of failure.</p>
<p>“This is epic,” said the director of internet analysis for Kentik Inc, a network monitoring and intelligence company. The last major internet outage, which knocked many of the world’s top websites offline in June, lasted less than an hour. The stricken content-delivery company in that case, Fastly, blamed a software bug triggered by a customer who changed a setting. For hours, Facebook’s only public comment was a tweet in which it acknowledged that “some people are having trouble accessing (the) Facebook app” and said it was working on restoring access. Regarding the internal failures, Instagram head Adam Mosseri tweeted that it feels like a “snow day.” Facebook’s outgoing chief technology officer, later tweeted “sincere apologies.”</p>
<p>In the 4 October statement, Facebook blamed changes on routers that coordinate network traffic between data centers. The company said the changes interrupted the communication, which had “a cascading effect on the way our data centers communicate, bringing our services to a halt.” There was no evidence as of 4 October that malicious activity was involved. Cloudflare, tweeted that “nothing we’re seeing related to the Facebook services outage suggests it was an attack.” Facebook did not respond to messages for comment about the attack or the possibility of malicious activity.</p>
<p>The outage impact was far worse for multitudes of Facebook’s nearly 3 billion users, showing just how much the world has come to rely on it and its properties, to run businesses, connect with online communities, log on to multiple other websites and even order food. It also showed that despite the presence of Twitter, Telegram, Signal, TikTok, Snapchat and a bevy of other platforms, nothing can easily replace the social network that over the past 17 years has effectively evolved into critical infrastructure. The outage came the same day Facebook asked a federal judge that a revised antitrust complaint against it by the Federal Trade Commission (FTC) be dismissed because it faces vigorous competition from other services.</p>
<p>Now back to the Whistleblower and that Facebook and other social media platforms create a hazard to cultures, especially children. For the past three years Facebook has been conducting internal research into how Instagram, which the company bought in 2012, affects its users. The results repeatedly show that Instagram is harmful to a sizable percentage of its users, with teenage girls being particularly negatively impacted by the app. A line in the company’s own reports reads: “We make body image issues worse for one in three teen girls.” In the wake of that research’s publication as part of the WSJ’s recent series the Facebook Files, an executive from the social network was hauled in front of Congress. The company has also started to backtrack, releasing documents, putting Instagram Kids on pause, and trying to get ahead of congressional anger. CEO Mark Zuckerberg has testified numerous times to the US Congress and Senate, along with other social media platform chiefs. But while the findings are clear, Instagram negatively affects teens’ (especially teen girls’) mental health, Facebook’s current public response to the reporting has been less than convincing, with Zuckerberg calling the research “inconclusive.”<a href="#_ftn2">[2]</a></p>
<p>"At the heart of these accusations is this idea that we prioritize profit over safety and well-being. That's just not true," Zuckerberg wrote on Facebook, adding that the platform cares "deeply about issues like safety, well-being and mental health." After all this time, does anyone believe Zuckerberg? The Whistleblower testified that, "The company's leadership knows how to make Facebook and Instagram safer but won't make the necessary changes because they have put their astronomical profits before people. Congressional action is needed. They won't solve this crisis without your help.”<a href="#_ftn3">[3]</a></p>
<p>So where is this all headed to? Social media is now considered by many as critical infrastructure. Facebook has over 3 billion international users. Their platform can influence a multitude of individuals throughout the entire globe. Governments must seriously consider regulation on the power of social media, when morals and ethics are allegedly disregarded. Is this a slippery slope? Time will tell. </p>
<p>Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization that offers cyber threat services that include RedXray and Cyber Threat Analysis Center (CTAC) to aid organizations for cyber threat hunting, notifications, and analysis. Service descriptions can be found at <a>https://www.wapacklabs.com. </a> For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@wapacklabs.com</p>
<p>Weekly Cyber Intelligence Briefings:</p>
<ul>
<li>Reporting: <a href="https://www.redskyalliance.org/">https://www.redskyalliance.org/</a></li>
<li>Website: <a href="https://www.wapacklabs.com/">https://www.wapacklabs.com/</a></li>
<li>LinkedIn: <a href="https://www.linkedin.com/company/64265941">https://www.linkedin.com/company/64265941</a></li>
</ul>
<p>Weekly Cyber Intelligence Briefings:</p>
<p>REDSHORTS - Weekly Cyber Intelligence Briefings</p>
<p><a href="https://attendee.gotowebinar.com/register/3702558539639477516">https://attendee.gotowebinar.com/register/3702558539639477516</a></p>
<p><a href="#_ftnref1">[1]</a> <a href="https://apnews.com/article/facebook-whatsapp-instagram-outage-8b9d3862ed957029e545182a595fdce1">https://apnews.com/article/facebook-whatsapp-instagram-outage-8b9d3862ed957029e545182a595fdce1</a></p>
<p><a href="#_ftnref2">[2]</a> <a href="https://www.nytimes.com/2021/10/05/technology/teenage-girls-instagram.html">https://www.nytimes.com/2021/10/05/technology/teenage-girls-instagram.html</a></p>
<p><a href="#_ftnref3">[3]</a> <a href="https://www.business-standard.com/article/companies/zuckerberg-denies-facebook-puts-profit-over-users-safety-121100600604_1.html">https://www.business-standard.com/article/companies/zuckerberg-denies-facebook-puts-profit-over-users-safety-121100600604_1.html</a></p></div>Is Romeo sending You emails?https://redskyalliance.org/xindustry/is-romeo-sending-you-emails2021-09-21T15:58:33.000Z2021-09-21T15:58:33.000ZJim McKeehttps://redskyalliance.org/members/JimMcKee<div><p><a href="{{#staticFileLink}}9593302272,RESIZE_400x{{/staticFileLink}}"><img class="align-left" src="{{#staticFileLink}}9593302272,RESIZE_400x{{/staticFileLink}}" width="250" alt="9593302272?profile=RESIZE_400x" /></a>“Oh Romeo, Romeo wherefore art thou Romeo?” The FBI is warning the public that a massive spike of online romance scams this year caused many Americans to lose more than $113 million since the start of 2021. The scammers behind this type of online fraud trend (also known as confidence fraud) which can lead to significant financial losses and devastating emotional scars use fake online identities to gain potential victims' trust on dating or social media platforms.</p>
<p>After the victims are lured in, the cybercrooks take advantage of the illusion of a romantic relationship they project to manipulate the targets into sending money or financial info that later can be used for other types of fraud schemes, including investment scams.</p>
<p>"The FBI warns of a rising trend in which scammers are defrauding victims via online romance scams, persuading individuals to send money to allegedly invest or trade cryptocurrency," the federal law enforcement agency said in a PSA published recently in its Internet Crime Complaint Center (IC3) site. "From January 1, 2021 — July 31, 2021, the FBI Internet Crime Complaint Center (IC3) received over 1,800 complaints, related to online romance scams, resulting in losses of approximately $133,400,000."<a href="#_ftn1">[1]</a></p>
<p>The FBI also provided tips on protecting yourself from romance scams:</p>
<ul>
<li>Never send money, trade, or invest per the advice of someone you have solely met online.</li>
<li>Do not disclose your current financial status to unknown and untrusted individuals.</li>
<li>Do not provide your banking information, Social Security Number, copies of your identification or passport, or any other sensitive information to anyone online or to a site you do not know is legitimate.</li>
<li>If an online investment or trading site is promoting unbelievable profits, it is most likely that—unbelievable.</li>
<li>Be cautious of individuals who claim to have exclusive investment opportunities and urge you to act fast.</li>
</ul>
<p>The 2019 and 2020 Internet Crime Reports published by FBI’s Internet Crime Complaint Center (IC3) show that romance scams have tens of thousands of Americans to lose more than $1 billion ($475M in 2019 and over $600M in 2020).</p>
<p>The FBI also warned romance scam victims that they are facing the risk of being recruited as money mules and persuaded to transfer money illegally on scammers' behalf. To further illustrate the scale of this ongoing problem, the US Department of Justice's website lists hundreds of cases where fraudsters were indicted or found guilty of running large-scale romance scam fraud schemes targeting US citizens.</p>
<p>If you have fallen victim to such a scam, you should immediately stop communicating with the scammer and file a complaint with the IC3 at <a href="http://www.ic3.gov">www.ic3.gov</a>.</p>
<p>You should also reach out to your financial institution to see if it is still possible to stop or revert any financial transactions you might have made after the scammer contacted you.</p>
<p>The FBI and the FTC have also warned earlier this month of an increase in sextortion scams targeting the general public and focusing on LGBTQ+ community members who use dating apps and sites.</p>
<p>“T'is but thy name that is my enemy.” </p>
<p>Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments, or assistance, please contact the office directly at 1-844-492-7225, or feedback@wapacklabs.com</p>
<p>Weekly Cyber Intelligence Briefings:</p>
<ul>
<li>Reporting: <a href="https://www.redskyalliance.org/">https://www.redskyalliance.org/</a></li>
<li>Website: <a href="https://www.wapacklabs.com/">https://www.wapacklabs.com/</a></li>
<li>LinkedIn: <a href="https://www.linkedin.com/company/64265941">https://www.linkedin.com/company/64265941</a></li>
</ul>
<p>Weekly Cyber Intelligence Briefings:</p>
<p>REDSHORTS - Weekly Cyber Intelligence Briefings</p>
<p><a href="https://attendee.gotowebinar.com/register/3702558539639477516">https://attendee.gotowebinar.com/register/3702558539639477516</a></p>
<p> </p>
<p><a href="#_ftnref1">[1]</a> <a href="https://www.bleepingcomputer.com/news/security/fbi-113-million-lost-to-online-romance-scams-this-year/?&web_view=true">https://www.bleepingcomputer.com/news/security/fbi-113-million-lost-to-online-romance-scams-this-year/?&web_view=true</a></p></div>Federal Privacy Bill Reintroduced in US Congress, Againhttps://redskyalliance.org/xindustry/federal-privacy-bill-reintroduced-in-us-congress-again2021-03-29T12:53:45.000Z2021-03-29T12:53:45.000ZBill Schenkelberghttps://redskyalliance.org/members/BillSchenkelberg<div><p><a href="{{#staticFileLink}}8728826652,RESIZE_584x{{/staticFileLink}}"><img class="align-left" src="{{#staticFileLink}}8728826652,RESIZE_400x{{/staticFileLink}}" width="250" alt="8728826652?profile=RESIZE_400x" /></a>A US Congressional Representative from the State of Washington recently reintroduced a bill that would create a nation-wide data privacy standard, to be enforced by the Federal Trade Commission (FTC), that in its latest version is intended to gather bipartisan support by addressing specific Republican concerns. The Information Transparency and Personal Data Control Act, if passed, would replace a patchwork of current state laws and provide an influx of $350 million to the FTC’s budget to enforce these proposed regulations.</p>
<p>"The new DelBene bill marks an interesting start for the relaunch of the effort to advance federal privacy law," says the International Association of Privacy Professionals (IAPP). "Specifically, while coming from the Democrats' side of the aisle, the bill is largely preemptive of state privacy laws and would not allow a private right of action." These two issues have been a lightning rod for Republicans in the past and hindered any attempt to bridge the gap between the two sides in the US Congress this year. "So, it's worth noting that Democrats supporting this bill are making a significant stride to meet Republicans' demands," reports the IAPP.</p>
<p>This current bill is designed to protect a wide swath of personal information by requiring businesses to obtain consumer consent prior to sharing their data, and companies would also be required to write their privacy policies in easy-to-understand language. "With states understandably advancing their own legislation in the absence of federal policy, Congress needs to prioritize creating a strong national standard to protect all Americans," says the US Representative.<a href="#_ftn1">[1]</a></p>
<p>This is the fourth time DelBene has attempted to have this legislation enacted. The bill currently has no Republican co-sponsors. If passed, the bill would require the FTC to hire 500 additional employees who would focus on privacy and data security issues, 50 of whom must have technical expertise in the area. Exactly what this would entail, however, is not further defined. The bill also calls for the FTC to receive $350 million to implement the plan. "This will place the FTC at the forefront of the global regulatory effort to implement data protection laws and develop privacy policies," the IAPP says.</p>
<p>The sensitive information covered by the bill includes financial, health, genetic, biometric and geolocation data; sexual orientation; citizenship and immigration status; Social Security number and religious belief. It would also offer extra protection to the data of children under 13 years old. If passed, the bill calls for creating a balanced, high-standard digital privacy framework that complements global standards and a strong national standard to combat anti-consumer practices. It also requires the federal government to provide guidance on the proper collection, processing, disclosure, transmission and storage of sensitive data and ensure enforcement authorities have the resources needed to protect consumers. Businesses would be required to submit to a privacy audit every two years conducted by an independent third-party. If adopted, the Information Transparency and Personal Data Control Act would also supplant any similar state legislation currently in use, the bill states.</p>
<p>Unlike the California Consumer Privacy Act and the EU's General Data Protection Regulation, DelBene's bill does not include a fine structure or a breakdown of the type and size of businesses affected. The CCPA, which went into full effect in January 2020, calls for a maximum penalty of $7,500 and is reserved only for intentional violations of the CCPA. Unintentional violations remain subject to a preset $2,500 maximum fine. GDPR, which went into effect May 2018, empowers EU regulators to levy fines of up to 4% of an organization's annual global revenue or 20 million euro ($22.2 million) whichever is greater if they violate Europeans' privacy rights. Under the CCPA and GDPR, individuals also have the right to take civil action against a company, a point that is lacking in the DelBene bill. This proposed bill does, however, give the FTC and all state attorneys general enforcement powers. Once a violation has been brought before the FTC, the offending business has 30 days to rectify the problem before any enforcement action is undertaken.</p>
<p>A state may also bring an action in a case on behalf of a state or its residents after submitting written notification to the FTC, according to a draft of the bill.</p>
<p>Specific Action Items. The bill has six primary requirements:</p>
<ul>
<li><u>Plain English</u>: Requires companies to provide their privacy policies in plain English.</li>
<li><u>Opt-in</u>: Allows users to opt-in before companies can use their most sensitive private information in ways they might not expect.</li>
<li><u>Disclosure</u>: Increases transparency by requiring companies to disclose if and with whom they will share the consumer's personal information and the purpose of sharing the information.</li>
<li><u>Preemption</u>: Creates a unified national standard and avoids a patchwork of different privacy standards by preempting conflicting state laws.</li>
<li><u>Enforcement</u>: Gives the FTC strong rulemaking authority to keep up with evolving digital trends and the ability to fine bad actors on the first offense. It also empowers state attorneys general to pursue violations if the FTC chooses not to act.</li>
<li><u>Audits</u>: Establishes strong "privacy hygiene" by requiring companies to submit privacy audits every two years from a neutral third party.</li>
</ul>
<p>In the absence of federal regulations, privacy legislation is in motion this year in Minnesota, New York, Washington and Oklahoma. If the other bills are passed, this would bring the number of states with their own privacy standards to eight, as California, Nevada and Maine have previously adopted such standards, and Virginia passed its Consumer Data Protection Act on 2 March. Most bills being considered at the state level are modeled on the recently instituted California Privacy Rights Act and Washington state's privacy.</p>
<p>Red Sky Alliance has been has analyzing and documenting these type of cyber threats for 9 years and maintains a resource library of malware and cyber actor reports available at <a href="https://redskyalliance.org">https://redskyalliance.org</a> at no charge. Many past tactics are often dusted off and reused in current malicious campaigns – like REvil.</p>
<p>Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the lab directly at 1-844-492-7225, or feedback@wapacklabs.com </p>
<p><strong>Weekly Cyber Intelligence Briefings</strong>:</p>
<ul>
<li>Reporting: <a href="https://www.redskyalliance.org/">https://www.redskyalliance.org/</a></li>
<li>Website: <a href="https://www.wapacklabs.com/">https://www.wapacklabs.com/</a></li>
<li>LinkedIn: <a href="https://www.linkedin.com/company/64265941%C2%A0">https://www.linkedin.com/company/64265941 </a></li>
</ul>
<p><strong>Weekly Cyber Intelligence Briefings</strong>:</p>
<p>REDSHORTS - Weekly Cyber Intelligence Briefings</p>
<p><a href="https://attendee.gotowebinar.com/register/3702558539639477516">https://attendee.gotowebinar.com/register/3702558539639477516</a></p>
<p><a href="#_ftnref1">[1]</a> <a href="https://www.bankinfosecurity.com/federal-privacy-bill-reintroduced-in-congress-a-16178">https://www.bankinfosecurity.com/federal-privacy-bill-reintroduced-in-congress-a-16178</a></p></div>