25-Aug-23: In Security News Today

Is Bias in AI Algorithms a Threat to Cloud Security?

The use of AI in threat detection and response in cloud security is crucial, but it cannot replace human intelligence and expertise. Bias in AI algorithms used for cloud security can create risks, such as inaccurate threat detection, alert fatigue, vulnerability to new threats, erosion of trust, and legal and regulatory risks. To mitigate bias and strengthen cloud security, steps can be taken, including educating security teams about diversity, addressing the quality and integrity of training data, keeping humans involved in monitoring and evaluating AI algorithms, investing in continuous monitoring and updating, employing multiple layers of AI, striving for explainability and transparency, staying updated on emerging techniques to mitigate AI bias, and evaluating how well service providers address bias in AI.

Google Enhances Chrome Security with Quantum-Resistant Encryption

Google has announced its intention to integrate support for quantum-resistant encryption algorithms in its Chrome browser, starting from version 116. This effort aims to bolster TLS security and defend against potential future threats posed by quantum computing advancements. The quantum-resistant encryption algorithm, X25519Kyber768, is being adopted to enhance session key protection, ensuring that connections remain safeguarded by secure algorithms even as organizations prepare for the eventual impact of quantum computers on encryption security.

Lawmaker Proposes Bill Requiring Vulnerability Disclosure Policies for Federal Contractors

Congresswoman Nancy Mace has introduced a bill that would mandate federal contractors to implement a Vulnerability Disclosure Policy (VDP) consistent with NIST guidelines. The bill aims to reduce risks associated with federal contractors by ensuring a proactive approach to cybersecurity and enabling prompt identification and resolution of software vulnerabilities. HackerOne, a cybersecurity company specializing in bug bounty programs and vulnerability disclosure policies, strongly endorses the bill as an important step towards enhancing the cybersecurity resilience of businesses supporting the federal government.

Europe’s Digital Services Act Brings Changes to Big Tech Platforms

The Digital Services Act, a new set of EU digital regulations, will bring changes to big tech platforms like Facebook, Instagram, TikTok, Google, and Amazon. Users will have the option to turn off AI-recommended videos and personalized content experiences, and search results will be based solely on the words users type. Platforms will also be more transparent about content moderation decisions, and there will be increased efforts to stop the flow of counterfeit products. Additionally, digital ads targeted at children will be restricted to protect their privacy and prevent manipulation.

China-Linked Flax Typhoon Cyber Espionage Targets Taiwan’s Key Sectors

A nation-state activity group originating from China, known as Flax Typhoon or Ethereal Panda, has been conducting cyber attacks on organizations in Taiwan as part of an espionage campaign. The group gains and maintains long-term access to networks using built-in operating system tools and benign software. The primary targets are government agencies, educational institutions, critical manufacturing, and information technology organizations in Taiwan.

Google Introduces AI-Powered Security Controls for Workspace Customers

Google has introduced new AI-powered security controls for its Workspace customers, focusing on zero trust, digital sovereignty, and threat defense. The new capabilities include AI-powered zero trust features for granular control over data access, context-aware DLP controls for sensitive content sharing, enhanced DLP controls for Gmail, and client-side encryption improvements. Google is also partnering with Thales, Stormshield, and Flowcrypt to allow customers to store encryption keys in their preferred country, and offering options to choose where data is processed and limit Google support access.

Disclaimer: Titles and summaries are AI-generated. Please refer to the linked content for more details.