The Weekly Cypher is curated to keep you up-to-date on the latest in cybersecurity, biometrics, and related news and innovations. Here are a few of the headlines you might have missed this week.
A test by The American Civil Liberties Union of Amazon’s facial recognition system linked 28 members of Congress with criminal mugshots. The ACLU used Amazon’s open Rekognition API to compare the scanned faces of all 535 members of congress against 25,000 public mugshots. Happily, none of the members of Congress were in the mugshot lineup, but even so Amazon’s system generated 28 false matches, a finding that the ACLU says raises serious concerns about Rekognition’s use by police. The racial bias problems previously found in facial recognition systems showed in this test as well. Eleven of the 28 false matches (39 percent) misidentified people of color, including civil-rights legend Rep. John Lewis (D-GA) and five other members of the Congressional Black Caucus. Only 20 percent of Congress are people of color. Amazon has said it intends to continue sell Rekognition to the government, despite objections by employees and shareholders. [Read More]
Russian hackers who penetrated hundreds of US utilities, manufacturing plants and other facilities last year did so using conventional of phishing tools and tricking staffers into entering passwords, according to DHS officials. They could have caused mass blackouts, but did not. Instead, the hackers appeared more focused on reconnaissance. The hackers made their way into the air-gapped control rooms by first infecting vendors working with the utilities. [Read More]
LifeLock Bug Exposed Millions of Customer Email Addresses | Krebs On Security
Identity theft protection firm LifeLock may have actually exposed customers to additional attacks from ID thieves and phishers. The company recently fixed a site vulnerability that allowed anyone with a Web browser to index email addresses associated with millions of customer accounts, or to unsubscribe users from all communications from the company. Because of it, cyber criminals could harvest the data and use it in targeted phishing campaigns spoofing LifeLock’s brand. [Read More]
New Samsung Tablet Will Include Iris Scanner | Computer Business Review
The Samsung Galaxy Tab S4 is scheduled for release later this year and leaked reports show it will ship with both an Iris scanner and facial recognition, known as Intelligent Scan. The facial recognition program first appeared in Samsung’s Galaxy S9 and S9+ and will replace the fingerprint scanner in the Galaxy Tab 4. Intelligent Scan is able to be used in low-light. The tablet will switch between scanning both your iris and face, searching for the fastest way to unlock. Samsung describes it as “a deep learning-based verification solution” which analyzes lighting conditions to decide which of the two biometric methods is best for unlocking the device. [Read More]
A sharp rise in the number of Massachusetts’ criminals attempting to hide their identities through fingerprint alteration has caused the FBI to designate the Bay State as a hot spot for fingerprint alteration. State Police officials say the first three cases of deliberately altered fingerprints were logged in 2002, and by 2010 only 72 arrests had been recorded. While year-by-year breakdowns not available, state police spokesman David Procopio said since 2010, police have made 795 more arrests. Boston-area FBI officials started looking out for altered prints in 2014 after two doctors were busted in separate cases for allegedly offering to surgically alter the fingerprints of convicted criminals and immigrants in the U.S. illegally. [Read More]