Info Security

Subscribe to Info Security  feed
Updated: 2 hours 29 min ago

Il Makiage Acquires Israeli AI Company

Fri, 08/13/2021 - 17:19
Il Makiage Acquires Israeli AI Company

American tech-driven beauty brand IL MAKIAGE has acquired Israeli deep-tech AI-based computational imaging startup Voyage81 for $40m. 

IL MAKIAGE, which is based in New York City's Soho area, was relaunched in 2018 by brother and sister duo Oran Holtzman and Shiran Holtzman-Erel. Two years later, the company became the fastest-growing online beauty brand in the United States.

Voyage81 developed the only patented software in the world that gives smartphones hyperspectral imaging capabilities. Where a normal smartphone photo detects three wavelengths of color, Voyage81's software can detect 31. 

The acquisition of Voyage81 was the result of a long-running search for specific technology, according to IL MAKIAGE CEO Oran Holtzman.

“For the past two years, we have been searching for computational imaging solutions that can work in beauty and wellness to further advance our existing AI capabilities," said Holtzman. 

"I have met dozens of computer vision startups but could not find a technology that can fit our industry and was strong enough to fulfill our goals. Bringing on Voyage81’s patented technology and exceptional team to our tech and data science departments is a HUGE win for our company's future, our users, and the industry at-large."

The software developed by Voyage81 can analyze skin and hair features from a photograph taken with a smartphone and use that data to create maps of blood flow and melanin. This information can in turn be used to create personalized skincare.  

Voyage81's founder and CEO Niv Price is the former head of R&D at Unit 81, described by the Jerusalem Post as "the most elite technological unit in the Israeli Defense Forces."

Price said that when he met with IL MAKIAGE, he had no intention of selling the company he founded in 2019. 

"But after meeting Oran and learning about the company’s long-term vision, we realized that under the IL MAKIAGE platform, Voyage81 technology will serve and benefit hundreds of millions of consumers, fulfilling our founding goal,” said Price. 

Voyage81 isn't the only tech company to be snapped up by IL MAKIAGE. In 2019, the beauty brand acquired NeoWize, a Y Combinator-backed data science startup that develops advanced active machine learning algorithms.

Categories: Cyber Risk News

US Agencies Ordered to Pinpoint Critical Software

Fri, 08/13/2021 - 16:50
US Agencies Ordered to Pinpoint Critical Software

The White House has ordered federal agencies to identify all the critical software in their systems and secure it.

The order was issued to the heads of executive departments and agencies on August 10 in a memo from the Office of Management and Budget's acting director, Shalanda Young. Recipients were given 60 calendar days from the date of the memo's publication to pinpoint the critical software. 

According to the memo, much of the software that the federal government relies on to perform its critical functions is "commercially developed through an often-opaque process that may lack sufficient controls to prevent the creation and exploitation of significant application security vulnerabilities."

Young writes that this situation has resulted in "a pressing need to implement more rigorous and predictable mechanisms for ensuring that products function securely in the manner intended."

In the memo, Young references guidance released by the National Institute of Standards and Technology (NIST) on what constitutes critical software. 

An executive order on Improving the Nation’s Cybersecurity, issued by President Joe Biden on May 12, 2021, directed NIST to publish a definition of the term critical software.

The resulting definition of critical software published by NIST in June described it as "any software that has, or has direct software dependencies upon, one or more components with at least one of these attributes:

• is designed to run with elevated privilege or manage privileges;

• has direct or privileged access to networking or computing resources;

• is designed to control access to data or operational technology;

• performs a function critical to trust; or,

• operates outside of normal trust boundaries with privileged access."

After identifying their critical software, agencies have one year to implement critical software guidance security measures decided upon by NIST.

“The United States faces increasingly sophisticated malicious cyber campaigns that threaten the public sector, the private sector, and, ultimately, the American people’s security and privacy,” the memo states. 

“The federal government must improve its efforts to detect, identify, deter, protect against, and respond to these campaigns and their perpetrators.”

Categories: Cyber Risk News

Dallas Loses 8TB of Criminal Case Data

Fri, 08/13/2021 - 16:10
Dallas Loses 8TB of Criminal Case Data

A large cache of criminal case data belonging to the Dallas Police Department (DPD) is thought to have been lost forever. 

About 22 terabytes of data went missing from the DPD computer database when data was migrated from an online, cloud-based archive to a server at the city's data center in April.

The data that disappeared included images, video, audio, case notes and other information gathered by police officers and detectives in relation to cases from before July 28, 2020. 

Dallas PD attribute the data's permanent departure to the actions of a single city IT employee who it says "failed to follow proper, established procedures" while performing the data migration.

Authorities softened the announcement of the loss earlier this week with news that approximately 14 terabytes of data have since been recovered. The DPD believes the remaining eight terabytes of information are gone forever. 

The quantity of information lost is considerable, since one terabyte can store as many as six million documents and 250,000 images.

District attorney John Creuzot said in a memo that it was "too soon to estimate how many cases will be affected and what the impact will be on those individual cases," but he was hopeful that duplicates of some of the data may have been stored elsewhere.

"It is possible that much of the missing evidence had already been uploaded to this office’s data portal prior to April 5," said Creuzot.

The absence of the case data was first noticed by city information technology officials on April 5. However, the Charlotte Observer reports that the district attorney's office was not notified of the loss until August 6. 

This notification reportedly followed complaints from prosecutors who suddenly found themselves unable to locate computer files on pending cases.

"It is concerning that it took four months for the Dallas Police Department to inform the district attorney of the loss of the data," said Dallas defense attorney Amanda Branan, the president of the Dallas Criminal Defense Lawyers Association.

Dallas Mayor Eric Johnson is calling for the Dallas City Council to launch an investigation into the data loss.

Categories: Cyber Risk News