It's not just Apple, the EU also wants to scan devices! And other security and privacy news
Privacy
It’s not just Apple, the EU also is considering client side scanning, but many people see Client-side content scanning as an unworkable, insecure disaster for democracy. If you want to know more, here’s an analysis by leaders in the security and privacy field: Bugs in our Pockets: The Risks of Client-Side Scanning
Beyond this high-profile case, there are other invasions:
Ad-blocking browser extension actually adds ads, say Imperva researchers
Google pulls ‘stalkerware’ ads that promoted phone spying apps
Facilitating new surveillance methods,
Facebook is researching AI systems that see, hear, and remember everything you do
Tesla debuts new car insurance that uses Texans' real-time driving behavior
With all this invasive technology, it’s really amazing that Americans Have Faith in Tech Companies, Despite All the Evidence That They Shouldn't
Naturally, people in other countries are exposed as well: Moscow metro launches facial recognition payment system despite privacy concerns
Security
Olympus confirms US cyberattack, weeks after BlackMatter ransomware hit EMEA systems and Acer confirms second cyberattack in 2021 after ransomware incident in March
confirming once more that Ransomware is the biggest cyber threat to business. But most firms still aren't ready for it. And it’s not likely to get better:
This new ransomware encrypts your data and makes some nasty threats, too
CISA outlines cyberthreats targeting US water and wastewater systems
In other hacks, Microsoft Fends Off 2.4Tbps DDoS Attack, Second Largest on Record. More broadly, Software supply chain breaches are ‘staggeringly high,’ report finds
Again, new vulnerabilities for consumers became public:
Apple releases iOS 15.0.2 with a security fix for a bug ‘under active exploitation’
Apple Patches New Zero-Day iOS Vulnerability Possibly Under Exploitation
Microsoft warns over password attacks against these Office 365 customers
Security flaws at NFT marketplace OpenSea left users' crypto wallets open to attack
Whole Foods customer records among 82M exposed due to vulnerable database
Google's VirusTotal reports that 95% of ransomware spotted targets Windows
Some of these vulnerabilities are even created by government: Missouri Gov. Goes After Reporter Who Found Shockingly Bad Flaw in State Website
However, there was also quite a bit of good security news last week:
Ransomware: Even when the hackers are in your network, it might not be too late
More than 30 countries outline efforts to stop ransomware after White House virtual summit
REvil ransomware group goes dark after its Tor sites were hijacked
Trying to address security issues globally, US invites friends to multilateral cybersecurity meetings – Russia and China strangely absent
Regulation
In anti-trust news, Senate bill would prevent tech companies from favoring their products over rivals, and Pressure mounts on Amazon and App Store discrimination in new bill
Social media again was the target of some announcements:
Lawmakers want to strip legal protections from the Facebook News Feed
FTC to Companies: Knock It Off With the Deceptive Social Media Endorsements
Lawmakers Want to Hold Social Networks Responsible for 'Malicious Algorithms'
Giving Facebook and almost-free pass, Irish regulators support Facebook's 'consent bypass' legal maneuver, suggest $42 million fine for GDPR violations
Entering a new space, US regulator targets Tesla on NDAs, over-the-air software updates