Pegasus Spyware shows no phone is safe ... and other security and privacy news

Privacy


The big story last week was the Pegasus / NSO spying story. The Washington Post has an extensive set of articles with disturbing detail. Here are some key points reported outside a paywall. WhatsApp chief says government officials, US allies targeted by Pegasus spyware In fact, it appears to be a replay of an earlier attack: WhatsApp Head Says New Pegasus Spyware Investigation Coincides With Its Findings From 2019 Attack Taking action, Amazon Shuts Down NSO Group Infrastructure The media articles were intense enough that NSO Says ‘Enough Is Enough,’ Will No Longer Talk to the Press About Damning Reports


The news on face recognition continue to show a fragmented approach. Maine’s facial recognition law shows bipartisan support for protecting privacy. On the other hand, Court orders US Capitol rioter to unlock his laptop ‘with his face’


Illustrating new ways of privacy invasions, Brokered cell location data led to the outing and resignation of a Catholic official and QR Codes Are Here to Stay. So Is the Tracking They Allow. And we should wonder why a Health record company pays hospitals that use its algorithms.

This shows once again, that Moving fast and breaking things cost us our privacy and security


Security


On Security, the fall-out from the Kaseya hack continued. The Kaseya Ransomware Saga Mysteriously Comes to an End, but Nothing to See Here, Folks, Just Keep It Moving as

Kaseya Obtains 'Decryptor Key' for Ransomware That Hit 200+ Companies How did they get the key? Kaseya denies paying ransom for decryptor Handing out the key, Kaseya Is Making Its Customers Sign Non-Disclosure Agreements to Obtain Ransomware Decryption Key


Kaseya is not the only recent ransomware case: Hundreds of touchscreen ticket machines are offline after a ransomware attack and US House terminates deal with iConstituent after company waited days to raise ransomware alarm

Supported by the No More Ransom portal of Europol, victims have saved in ransom payments by using these free decryption tools. In many cases, though, First came the ransomware attacks, now come the lawsuits.


Trying to ward off future attacks against vital infrastructure, DHS releases new mandatory cybersecurity rules for pipelines after Colonial ransomware attack


Beyond ransomware, Hackers Stole a Terabyte of Data from Oil Giant Saudi Aramco and government supported hacking appears on the rise Home and office routers come under attack by China state hackers, France warns illustrating How China’s Hacking Entered a Reckless New Phase


It’s not just big companies that get hacked, but there is a wide variety of attacks directed at consumers.


Regulation


It may be the summer doldrums: there was relatively little news on the regulatory front:

5 views0 comments