- Donald E. Hester
Cyber Risk Update 18 NOV 2022
AI Algorithms, Strict Place-of-Work Rules Potential Trouble Spots for Employment Claims
“…some of the artificial intelligence tools that employers use to winnow the field of job applicants may unwittingly discriminate against disabled applicants by failing to take into account the requirement imposed by the Americans with Disabilities Act that employers make reasonable accommodations for persons with disabilities.”
“…employers that demand workers who have been working remotely return to company offices may run afoul of the ADA if some of those workers resist because of mental health disorders, he said.”
Expert Analysis of Dangerous Artificial Intelligences in Government. The “real risks” of AI come from a lack of governance and risk understanding. https://www.nextgov.com/emerging-tech/2022/11/expert-analysis-dangerous-artificial-intelligences-government/379690/
An active extortion scam is targeting website owners and admins worldwide, claiming to have hacked their servers and demanding $2,500 not to leak data. https://www.bleepingcomputer.com/news/security/new-extortion-scam-threatens-to-damage-sites-reputation-leak-data/
Researchers at VMware Carbon Black are tracking the threat, dubbed BatLoader, and say its operators are using the dropper to distribute a variety of malware tools including a banking Trojan, an information stealer, and the Cobalt Strike post-exploit toolkit on victim systems. https://www.darkreading.com/attacks-breaches/researchers-alarm-batloader-malware-dropper
High-risk, critical vulnerabilities found in 25% of all software applications and systems https://www.cybersecuritydive.com/news/high-risk-critical-vulnerabilities-software/636592/?:%202022-11-15%20Cybersecurity%20Dive%20%5Bissue:46030%5D
Alert (AA22-320A) Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester
