Supreme Court rules in Google’s favor on Java API case

The US Supreme Court ruled 6-2 in favor of Google in its copyright dispute with Oracle over 12,000 lines of code from the Java API used in Android, originally written by Sun Microsystems, which Oracle acquired in 2010. The decision reversed a decision by the U.S. Court of Appeals for the Federal Circuit. Oracle had asked for $9 billion in damages. In the majority opinion, Justice Stephen Breyer wrote the use of the code was protected under the copyright doctrine of fair use. 

(CNBC)

Firmware malware on the rise

According to Microsoft’s March 2021 Security Signals report, over 80% of enterprises were victims of at least one firmware attack in the past two years. The survey had responses from 1,000 companies from China, Germany, Japan, the U.K. and the U.S., who reported the majority of security investments were going to security updates, vulnerability scanning and advanced threat protection solutions. The report notes that NIST’s  National Vulnerability Database has seen a five-fold increase in firmware attacks in the last four years. The report found that only 36% of businesses invest in hardware-based memory encryption, 46% are investing in hardware-based kernel protections,while 21% of decision-makers said they were not able to monitor firmware at all. 

(Security Affairs)

APTs exploiting vulnerabilities in FortiOS

CISA and the FBI issued a joint advisory that over the past month, threat actors have been seen exploiting three vulnerabilities in Fortinet FortiOS. Currently this seems limited to scanning of devices on ports three ports for a FortiOS SSL VPN web portal flaw, but the advisory warns this could escalate to more sophisticated DDoS or SQL injection attacks, or serve to “gain access to networks across multiple critical infrastructure sectors to gain access to key networks as pre-positioning for follow-on data exfiltration or data encryption attacks.” Patches for the exploits are now available and the advisory recommends applying them immediately, as well as disabling any unused ports. 

(Security Week)

Audit of AI algorithm finds no AI

The security and analytics company Banjo won a $20 million contract with the state of Utah to implement its Live Time technology, marketed as able to detect active shooter incidents, child abduction cases, and traffic accidents from video footage or social media activity. This contract was put on hold to audit Banjo’s Live Time for algorithmic bias, in light of the discovery that the company’s CEO Damien Patton pled guilty to involvement in a 1990 shooting attack on a synagogue in Tennessee by a white supremicist group. From the report: “Banjo expressly represented to the Commission that Banjo does not use techniques that meet the industry definition of artificial Intelligence.” While the company had an agreement with Twitter to access its API data, it did not integrate that into Live Time, with examples touted by Banjo not validated by any external review. 

(Venture Beat)

Thanks to our episode sponsor, Sotero

In yesterday’s Cybersecurity Headlines episode, we told you about an exciting encryption technology from a company called Sotero. They offer data security solutions that encrypt data while the data is in use and in motion. For those of you whose businesses have been held back by the risks of sharing data or storing data in the cloud, you’ll want to check them out at Soterosoft.com.

University of California caught up in Accellion attack

The university issued a warning to students that a ransomware group may have obtained and published their personal data as part of a larger exploit on an Accellion file sharing appliance. The school will notify specific members of the UC community if it discovers their information is being exposed as a result. In an email to staff and students, the university said the breach impacted roughly 300 universities, government institutions and private companies. The University of Maryland, University of Colorado and the University of Miami have also been potentially impacted by the breach. Accellion announced last month that it had closed all known vulnerabilities and that no new ones had been discovered. 

(Security Week)

Russia extends slowdown of Twitter’s service

Russia’s state communications regulator Roskomnadzor announced its slowdown of Twitter, which began in March for failure to delete illegal content, will be extended through May 15th. At the time the initial slowdown was announced, the regular said it would look into blocking Twitter in the country if the platform did not take action on illegal content. The regulator held talks with Twitter on April 1st, reaching an agreement to give the platform more time to delete content deemed illegal, and acknowledged Twitter was removing content quicker overall. 

(Reuters)

Microsoft Defender comes to Arm

The company announced that Defender for Endpoints on Windows 10 on Arm is now in general availability. Microsoft said with the continued growth of hybrid workplaces expected to accelerate in the coming years, it’s more important than ever to extend Defender’s capabilities across all the endpoints organizations need to secure.

(Microsoft)

Justice Thomas posits that online platforms could be common carriers

The US Supreme Court vacated a lower court ruling that said blocking followers by President Trump on Twitter violated the first amendment, ruling the case be dismissed as moot now that he is out of office. While not ruling on the merits of the case, Justice Clarence Thomas wrote in a concurring opinion that digital platforms are “sufficiently akin” to common carriers like telephone companies, laying “information infrastructure that can be controlled in much the same way.” While private companies aren’t subject to the First Amendment, common carriers are unique in that they do not have a “right to exclude” from their infrastructure. 

(Protocol)