Daily Digest (11/20)

EU Digital Chief to Meet With Big Tech on Rules to Limit Power; Facebook Discloses ‘Hate-Speech’ Data; Cisco Rolls Out Fixes to Webex Flaws; Liquid, Japanese Cryptoexchange, Discloses Data Breach.

EU Digital Chief to Meet With Big Tech on Rules to Limit Power

The European Union’s digital chief has invited Big Tech companies to discuss proposed rules to limit their powers next week, an EU official said Thursday.

Tech companies and online platforms have lobbied against the proposed rules, to be formally presented by Internal Market Commissioner Thierry Breton and Competition Commissioner Margrethe Vestager on Dec. 9, Reuters reports.

The video conference, set for Tuesday, is expected to focus on the proposed regulations, the Digital Services Act (DSA) and Digital Markets Act (DMA).

DSA would require tech companies to make their advertising archives available to regulators and researchers and explain how their algorithms work.

On the other hand, DMA would target online gatekeepers, would provide a list of dos — sharing data with rivals and regulators, for instance — and don’ts, including not favoring their own services, according to Reuters.

Breton has invited CEOs from about 20 companies, including Google, Apple, Amazon and Facebook. Others include Microsoft, Booking.com, Expedia, Trivago, DuckDuckGo, Reuters reports.

It was unclear which CEOs would participate in the session, as some did not think the discussion would bring changes, according to the report.

Facebook Discloses ‘Hate-Speech’ Data

Facebook publicly disclosed Thursday the prevalence of “hate speech” on its platform in a quarterly content-moderation report.

The platform said that out of every 10,000 content views in the third quarter, only 10 to 11 included “hate speech,” NPR reports.

The content removed from Facebook and Instagram for breaking its rules on the issue ranged from violence to child exploitation to suicide and self-harm.

“The real question is: ‘What do we not catch? What do we miss?'” Guy Rosen, Facebook’s vice president of integrity, posed on a conference call with reporters.

“It’s why we consider (prevalence) to be the most-important measure.”

Rosen added that from March 1 through Election Day on Nov. 3, more than 265,000 pieces of content from Facebook and Instagram in the U.S. were removed, according to a Reuters report.

Facebook also said it acted on 22.1 million posts of “hate-speech” content and 6.5 million on Instagram.

Rosen said the company expected to have an independent audit of its content-enforcement numbers “over the course of 2021,” according to the reports.

Cisco Rolls Out Fixes to Webex Flaws

Cisco on Thursday introduced fixes to three vulnerabilities in its Webex video-conference software that could allow hackers to eavesdrop on meetings as a “ghost” without detection from meeting organizers.

The vulnerabilities were discovered by IBM Research and IBM’s Office of the CISO, which analyzed Webex because it was the company’s primary tool for remote meetings, ARS Technica reports.

The vulnerabilities made it possible for an attacker to join a meeting undetected — providing full access to audio, video, chat and screen-sharing capabilities.

They also allowed hackers to maintain audio feeds even after being expelled from the meeting and to gain full access to names, email addresses and IP data of attendees, according to IBM researchers.

“Even with the best practices,” ARS Technica said, “a host could still find themselves in a meeting with a guest who is unwanted and needs to be removed — whether it’s someone who has crashed the meeting or a participant who walked away from their computer and forgot to disconnect.”

Liquid, Japanese Cryptoexchange, Discloses Data Breach

Liquid, a cryptocurrency exchange portal based in Tokyo, disclosed a security breach on Wednesday.

In a blog post, the company said that a hacker breached employee email accounts and pivoted to its internal network in an attack last Friday.

The company, founded in 2018, said that it had detected the breach before the hacker stole any funds, but that an investigation revealed the attacker collected personal information from company databases, ZDNet reports.

The data included names, home addresses, emails and encrypted passwords.

Liquid CEO Mike Kayamori said the company was probing whether the intruder stole proofs-of-identity that users must provide when conducting an initial transaction on the platform.

“We do not believe there is an immediate threat to your account due to our use of strong password encryption,” Kayamori told ZDNet.

“Nevertheless, we recommend that all Liquid customers change their password and 2FA credentials at the earliest convenience.”

By DPN Staff