Cybersecurity Institute News Roundup 20 May 2024

Welcome to this week’s Cybersecurity Institute News Roundup, a weekly overview of the some of the most interesting news and articles that have caught our attention recently from across the cybersecurity industry. This week’s roundup includes a packed list of news and articles including an AI ?surveillance in Paris, shaking up identity management, two head-to-head battles, the fate of the US National Vulnerability Database, and what e-ink screen may reveal about you (and your passwords).

?

Taylor Swift’s global influence in cybersecurity is seemingly endless – and not just when it comes to deepfakes. This time it is the use of AI-powered video surveillance on Swiftie concertgoers by French police, in preparation for the upcoming 2024 Summer Olympics:

https://www.biometricupdate.com/202405/paris-rolls-out-ai-surveillance-for-taylor-swift

?

As more automobile lenders and dealerships move credit applications online, synthetic identity fraud has skyrocketed with 2023 losses of $7.9 billion for the industry. However, unlike other industries impacted by fraud, the perpetrator is not usually a third party bad actor, but rather the borrower themselves:

https://www.govinfosecurity.com/synthetic-id-fraud-rises-98-in-auto-lending-industry-a-25157

?

When it comes to citizen identity, the UK Government Digital Service has introduced a comprehensive set of principles to help protect individual rights and enhance transparency in identity assurance services by placing control in the hands of the consumer:

https://www.biometricupdate.com/202405/new-identity-assurance-principles-introduced-by-uk-government

?

But while it’s natural to think about humans when we talk about identity, a far bigger issue is that of machine identities, particularly in the age of IoT and microservices. As such, any holistic cybersecurity strategy needs to think beyond the permissions granted each person in an organization and consider all the identities and permissions that allow access to systems and sensitive data:

https://thenewstack.io/taking-a-machine-first-approach-to-identity-management/

?

At the Google I/O conference the company announced Gemini 1.5 Flash, just one day after OpenAI unveiled its next generation GPT-4o. AI bragging rights aside, these developments promise to reinvent the search landscape with generative AI changing how people search for content online:

https://www.nbcnews.com/tech/tech-news/google-rolls-powerful-ai-models-competition-openai-heats-rcna152234

?

And while Google and Microsoft vie for AI domination, It seems at though Signal and Telegram are facing off about which messaging app is the most securely encrypted:

https://www.phonearena.com/news/telegram-vs-signal_id158347

?

The NIST-managed National Vulnerability Database (NVD) has an unprecedented backlog of nearly ten thousand vulnerabilities, fueling debate over who should be responsible for and fund populating the database with comprehensive and actionable risk information – NIST, CISA, private sector, or…?

https://www.govinfosecurity.com/experts-warn-nvd-backlog-reaching-breaking-point-a-25191

?

And finally, e-ink screens are going beyond just e-book readers and becoming an increasingly popular inclusion in some laptops and tablets as the technology has improved. However, ghosting remains an issue with these devices, which as well as being a minor annoyance, can also potentially reveal passwords and other sensitive information:

https://goodereader.com/blog/kobo-ereader-news/e-ink-ghosting-effect-can-reveal-sensitive-info-such-as-passwords

?

Be sure to share your thoughts on these stories in the comments and let us know what articles have caught your eye recently?