Canadian Government Rewrites Online News Act To Further Monopolize Funds for Legacy Media

The Canadian government has come up with an update to the Online News Act, C-18. The accompanying regulation adopted late last week – to dissuade Google from blocking search engine links in Canada – means that smaller outlets will be left out as most of the money goes towards big, legacy mainstream media.

The twist in legislation came in late November when Google gave Canada’s government $100 million to spend on supporting news outlets. Those who supported the bill interpreted this as a win.

Considering the losses already incurred by Facebook and Instagram, Google’s own costs, and other expenditures related to C-18 – news outlets in Canada can realistically hope to gain $25 million from the $100 million “donation” in new money.

The law, however, continues to represent some harm to other media, as it plays a crucial role in cutting off their revenues from link traffic and ad revenue from Google and Meta’s giant social media networks.

The money the government has been able to obtain from Google, in exchange for essentially backing down from its originally proclaimed ideas, is not that much – so the government backed down on another promise, namely, to keep out of how the new revenues (expected from the original C-18) are distributed.

Read:
https://reclaimthenet.org/canada-news-act-excludes-smaller-outlets-and-reserves-most-of-the-funds-for-legacy-media

CBS, Paramount Parent Company, National Amusements, Hacked in Latest Data Breach

National Amusements, the cinema chain and corporate parent of media giants Paramount and CBS, has confirmed it experienced a data breach in which the personal information of tens of thousands of people was compromised.

In a legally required filing with Maine’s attorney general, the private media conglomerate said hackers stole the personal information of 82,128 people during a December 2022 data breach. Details of the breach only came to light a year later, after the company began notifying those affected last week.

According to Maine’s notice, the company discovered the breach months later in August 2023, but did not say what specific personal information was taken. The breach notice reported that hackers had stolen financial information, such as banking account numbers or credit card numbers with their associated security codes and passwords. The stolen data may relate to the company’s employees since the data breach notification letter was submitted by the company’s HR chief.

The media giant, however, has said little else about the breach, or whether the personal information of its customers or users was also affected. It’s not clear what kind of cyberattack the company experienced, or whether the company received a ransom demand and had subsequently paid the hackers.

National Amusements would not comment beyond its data breach notice. When presented with questions about the incident, Molly Morse, a partner at Kekst CNC representing National Amusements, said the company declined to comment further.

Read:
https://techcrunch.com/2023/12/26/cbs-paramount-owner-national-amusements-hacked/

Journalists Caught Unawares by New OpenAI Deal to Use Their Stories

Last week, OpenAI and the German media conglomerate Axel Springer signed a multi-year licensing agreement. This agreement allows OpenAI to incorporate articles from Axel Springer–owned outlets like Business Insider and Politico into its products, including ChatGPT. Although the deal centers on using journalistic work, reporters whose stories will be shared as part of the agreement were not consulted about the deal beforehand.

Four Business Insider employees told WIRED they found out about the AI deal at the same time it was announced publicly. PEN Guild, the US union which represents around 280 workers at Politico and E&E News, another Axel Springer publication, says it was “not consulted or informed about the decision to have robots summarize our work.”

At a Business Insider all-hands meeting on December 13, the day the news broke, the deal was “a very quick line item,” according to a Business Insider staffer in attendance who spoke to WIRED on condition of anonymity. “How it works, when it’s starting, I have no idea.”

This isn’t the first deal struck between an AI company and a media company over data licensing—OpenAI made a similar agreement with the Associated Press in July, for example— but it’s a significant one. Right now, most major AI companies gather their training data by scraping the internet without first licensing the copyrighted materials they use. This has led to a wave of lawsuits against the companies, arguing the practice is unfair.

Instead of acquiring Axel Springer’s articles through permissionless scraping, OpenAI is now paying to integrate news stories into its products. This agreement demonstrates that companies like OpenAI are willing to cut deals with media companies—and that, even while arguing it’s legal to scrape web content, OpenAI is preparing for a future in which the current scraping approach stops working so well. (A number of news outlets, including the BBC and The New York Times, have taken steps to block OpenAI’s web crawler, in an effort to prevent scraping.)

Read:
https://www.wired.com/story/openai-axel-springer-news-licensing-deal-whats-in-it-for-writers/

Ubisoft Launches Investigation into Alleged Data Breach

Ubisoft, a renowned publisher in the gaming industry, is currently investigating the possibility of a data breach based on information provided by esteemed researchers from vx-underground. According to these researchers, an unidentified threat actor gained unauthorized access to Ubisoft’s infrastructure for approximately 48 hours, starting on December 20, 2023. Once the administrators became aware of the attack, they promptly took action and blocked the intruders from further access.

Renowned in the gaming industry, Ubisoft is a prominent multinational video game company. They are recognized for their development and publishing of highly popular franchises, including Assassin’s Creed, Rainbow Six Siege, Far Cry, and Watch Dogs. Ubisoft’s extensive presence spans across various platforms such as PC, consoles, and mobile devices.

The threat actor has asserted that they successfully infiltrated Ubisoft’s Microsoft Teams, Confluence, and SharePoint installs, with plans to exfiltrate around 900GB of stolen data from the gaming company. Additionally, in a prior cyber security incident in March 2022, Ubisoft encountered a significant impact on their games, systems, and services, as the Lapsus$ extortion gang claimed responsibility for breaching the company’s network and extracting internal data.

Read:
https://securityaffairs.com/156331/data-breach/ubisoft-investigating-alleged-data-breach.html

Iranian Cyberattackers ‘Peach Sandstorm’ Launch Global Defense Network Targeted Attacks

According to Microsoft, they have detected attempts by Iranian nation-state cyber attackers, referred to as Peach Sandstorm, to distribute a backdoor to individuals affiliated with military-industrial organizations. Microsoft Threat Intelligence revealed through messages on X (formerly Twitter) that the advanced persistent threat group Peach Sandstorm (also known as APT33, Elfin, Holmium, or Refined Kitten) has been actively targeting different organizations involved in the global infrastructure related to the research and development of military weapons, systems, subsystems, and components. Their objective is to deliver the FalseFont backdoor to these entities.

According to Microsoft Threat Intelligence, FalseFont is a tailored backdoor that possesses a diverse set of capabilities, enabling operators to gain remote access to compromised systems, execute additional files, and transmit information to command and control servers. The initial instances of FalseFont targeting victims were observed in early November, although it remains uncertain whether any successful infections were identified.

Throughout 2023, Microsoft has noted a consistent focus by Peach Sandstorm on organizations within the satellite and defense sectors. The deployment of FalseFont aligns with Microsoft’s observations of Peach Sandstorm’s activities over the past year, indicating an ongoing refinement of their tactics and techniques. This suggests that the group is continuously improving their tradecraft.

Read:
https://www.darkreading.com/cyberattacks-data-breaches/iran-peach-sandstorm-cyberattackers-global-defense

Elsewhere Online:

Substack Co-founder Hamish McKenzie Continues to Platform and Monetize Nazis Despite the Protests of 200+ Substack Authors
Read: https://www.theverge.com/2023/12/21/24011232/substack-nazi-moderation-demonetization-hamish-mckenzie

From Elon Musk to Britney Spears, the Real Estate Records of Top Celebrities Have Been Leaked Online
Read: https://www.hackread.com/data-leak-exposes-real-estate-records-elon-musk-trump/

The FTC proposes new changes to COPPA to further restrict the use, disclosure, and monetization of children’s personal information and data.
Read: https://www.ftc.gov/news-events/news/press-releases/2023/12/ftc-proposes-strengthening-childrens-privacy-rule-further-limit-companies-ability-monetize-childrens

Google Searches of 2023: Barbie, Shakira, and the Dominance of the Israel War
Read: https://www.zerohedge.com/geopolitical/barbie-shakira-war-israel-dominated-google-search-2023

Dollar Tree Data Breach: Sensitive Information of Almost 2 Million Employees Exposed in Third-Party Breach
Read: https://www.cpomagazine.com/cyber-security/dollar-tree-third-party-data-breach-exposes-sensitive-data-of-nearly-2-million-employees/


Previously on #AxisOfEasy