Apple's phone scanning technology triggers broad privacy push-back, and other news

Privacy

The big news last week was about Apple’s planned IOS function scanning people’s phones.

Apple will scan photos stored on iPhones and iCloud for child abuse imagery The reaction was pretty much negative all around.

• WhatsApp head says Apple's child safety update is a 'surveillance system'

• Apple is about to start scanning iPhone users' devices for banned content, warns professor For now it's child abuse material but the tech has mission creep written in.

• Apple child abuse material scanning in iOS 15 draws fire

• Critics Say Apple Built a 'Backdoor' Into Your iPhone With Its New Child Abuse Detection Tools

• Apple Is Working on Problematic iOS Tool to Scan for Child Abuse Photos on iPhones

Facebook disables accounts of NYU team looking into political ad targeting. Their excuse for this action was less than successful: FTC Slams Facebook for Lying About Why It Shut Down Misinformation Research

To further confuse people, Facebook changed its privacy settings again creating a plethora of settings that are hard to navigate for most users.

Consumer surveillance is getting worse:

• There's been a rise in stalkerware. And the tech abuse problem goes beyond smartphones

• The Pegasus Project Shows Tech Giants Need to Do More to Keep Users Safe

• Messaging Apps Have an Eavesdropping Problem

As often happens in a technology arms race, Researchers Say They've Found a Wildly Successful Bypass for Face Recognition Tech

Security

Last week’s news showed an incredible broadening of vulnerabilities

• Black Hat: Enterprise players face 'one-two-punch' extortion in ransomware attacks - broadening their incursion before the final attack

• Security company warns of Mitsubishi industrial control vulnerabilities

• Security researchers warn of TCP/IP stack flaws in operational technology devices

• Security flaws found in popular EV chargers

• Hackers target Kubernetes to steal data and processing power. Now the NSA has tips to protect yourself

• Raccoon stealer-as-a-service will now try to grab your cryptocurrency

• Trusted platform module security defeated in 30 minutes, no soldering required

• Attackers Started Exploiting a Router Vulnerability Just 2 Days After Its Disclosure

• Senate report warns of glaring cybersecurity holes at federal agencies.

resulting in broad expectations of increased damage

• Accenture report shows volume of cyber-intrusion activity globally jumped 125%

• Constant review of third-party security critical as ransomware threat climbs

• 85% of commercial apps have ‘critical’ vulnerabilities, study finds

• Egress: 73% of orgs were victims of phishing attacks in the last year

• Supply chain attacks are getting worse, and you are not ready for them

• Trend Micro: 80% of global orgs anticipate customer data breach in the next year

There were some new attacks

• DeadRinger: Chinese APTs strike major telecommunications companies

• Gigabyte is the latest major PC maker to suffer a ransomware attack

After attacks, cybersecurity incidents can become a legal minefield.

To improve protection, CISA to partner with Amazon, Google, Microsoft, Verizon, AT&T and more for cyberdefense initiative

Regulation

Following up on CCPA, California's privacy law raises risks of legal action and fines over data collection