Trump’s tweets to lose protected status post-presidency

US President Donald J. Trump isn’t like the rest of us, and he doesn’t play by the same rules, Twitter has acknowledged. Whereas you or I could have been banned for some of the content Trump has disseminated, his executive status has kept him up and tweeting. Well, Twitter’s hands-off approach, which has consisted of warning labels to put context around misinformation and disinformation, is coming to an end, Twitter head Jack Dorsey told Congress on Tuesday. Dorsey said that once Trump has vacated the office, it will be a whole ‘nuther ballgame. “If an account suddenly is not a world leader anymore, that particular policy goes away,” Dorsey said.

(TechCrunch)

macOS Big Sur lets apps slip past security safety nets

A new feature in macOS Big Sur allows many of its own apps to bypass firewalls and VPNs, potentially allowing malware to do the same thing. In the recent beta release, Apple placed 56 of its own apps, including FaceTime and Apple Maps, on an exclusion list, allowing them to bypass firewalls and certain VPNs without users’ knowledge. A Twitter user named Maxwell first spotted the problem last month, and now developers are crying foul. According to Jamf security researcher Patrick Wardle, malware could exploit the issue to bypass a firewall and to exfiltrate sensitive data to a remote server using a simple Python script that piggybacks the traffic onto an Apple exempted app. As of Wednesday afternoon, Apple hadn’t yet commented on the issue.

(Hacker News)

Deepfake bot used to abuse women runs wild on Telegram

A bot that has automated the creation of deepfakes is still active on the Telegram messaging app, a year after researchers warned the messaging app that the AI bot was being used to abuse women. The bot relies on a version of the DeepNude AI tool to automatically remove clothes from photos of women—including underage girls—and to thereby generate nude images that users share on the encrypted messaging platform. The bot was discovered by security researchers at Sensity who claim that their warnings have been ignored. According to Wired’s Matt Burgess, this is the first time that nonconsensual porn—which the bot renders easy to make—has been seen at large scale and used to target members of the public.

(Wired)

Cryptographer asks Google to please publish secret DKIM keys

Well-known cryptographer and John Hopkins University professor Matthew Green has called on Google to publicly rotate and publish its secret Domain Keys Identified Mail (DKIM) keys. He calls DKIM “a harmless little spam protocol that has somehow become a monster”—as in, a powerful tool in the hands of thieves who steal and leak emails. The protocol dates back to the days of ARPANET, when nobody suspected that lying would become a common practice for cybercrooks. The idea back then was that when an email said it came from your friend Alice, you assumed that it really did. Why would anybody lie? Green says publishing the keys would be a simple step that would bolster the security of the entire Internet, would cost the company basically nothing, and would snatch that powerful tool back out of the hands of thieves.

(Cryptography Engineering)

Thanks to our sponsor, Dtex

Endpoint DLP tools that rely on intrusive, resource intensive content inspection rules do nothing but slow down endpoint performance and upset your SecOps team. DTEX takes a behavioral approach to DLP. Only DTEX allows you to see the full lifecycle of user behavior activity and understand the who, what, when and how of a possible data loss incident. No false positives. Learn more at dtexsystems.com.

Minorities, women to get free cloud certification exam

We’re looking at an estimated shortfall of 3.5 million unfilled cyber security positions worldwide by 2021. The Cloud Security Alliance (CSA), which defines and raises awareness of best practices in securing cloud computing environments, announced on Thursday that it’s taking steps to help solve the problem. It’s partnered with Tiro Security to provide students in the nextCISO program with complimentary access to its Certificate of Cloud Security Knowledge (CCSK) exam. The nextCISO program fosters diversity by providing training and education to bridge the minority and gender gap. CSA is hoping that the free access to its exam will help minorities and women to climb the career path that leads to becoming a CISO.

(AiThority)

Cybersecurity community decries firing of Christopher Krebs

Observers in the cyber security community say that US cyber security chief Christopher Krebs got fired for trying to debunk the president’s false claims about the 2020 presidential election having been rigged. In an interview with CNN, ex-CIA director John Brennan said the firing—which Trump did over Twitter—was the result of a “vendetta” by a president who is “trying to steal the election”. Krebs is widely credited with ensuring that the election wasn’t tampered with by nation-state actors and that it remained secure for all voters, with the DHS last week calling it “the most secure in election history.” Another cybersecurity expert told Threatpost that they were disappointed with what they called the “political, surreal and disheartening” dismissal. That source said that the cybersecurity community as a whole finds it very worrying to their overall mission to identify and block the work of threat actors “to the best of our ability.”

(Threatpost)

COVID-19 treatment research firm hit by malware attack

The global biotech firm Miltenyi is still trying to clean up in the wake of a malware attack. The firm, which supplies components that are crucial for COVID-19 treatment research, recently disclosed to customers that the attack went on for two weeks and that it’s still working to mop up disruptions to its phone and email communications. In some cases, the malware has impeded order processing. Miltenyi is currently supplying SARS antigens for researchers working on treatments for COVID-19. Unfortunately, the race for a cure paints a target on companies like Miltenyi, according to Ray Kelly, principal security engineer at White Hat Security. Kelly told Threatpost that ransomware threat actors, for one, could ask for sky-high payments were they to get their hands on data relating to the finalization of COVID-19 trials.

(Threatpost)

Those really bad passwords, like “123456”, are still really popular

It appears as cybersecurity concerns have risen, the overwhelming majority of us have not learned anything about coming up with good and complex passwords. According to a study by password manager NordPass, millions of people are still using “123456” and “password” as their password. To give you an idea how bad they are, “123456” has been breached more than 23 million times alone. To see a sampling of the top 20 worst passwords, head on over to our site to see the full story.

(Gizmodo)