Security and Privacy News, 3/21/2021

Security

Hacks


New impacts of the Solarwinds hack continue to surface: SolarWinds-linked hacking group SilverFish abuses enterprise victims for sandbox tests and Mimecast says SolarWinds hackers breached its network and spied on customers


The scope of the hafnium hack is also still increasing :

To mitigate the impact Microsoft releases one-click mitigation tool for Exchange Server hacks and Microsoft Defender will automatically prevent Exchange server exploits

And if that were not enough, “Expert” hackers used 11 0-days to infect Windows, iOS, and Android users


Having found a repeat offender, Feds Indict Hacktivist Behind Verkada Surveillance Camera Breach

The boldness of random demands is increasing. After seeing that in 2020, Largest ransomware demand now stands at $30 million as crooks get bolder an even greater demand is issued: The Morning After: A ransomware gang is demanding $50 million from Acer And it’s not going to stop, as the FBI warns of rise in PYSA ransomware operators targeting US, UK schools


As we’re seen before, even crypto currencies are not safe: $5.7M stolen in Roll crypto heist after hot wallet hacked


New threats, loopholes, and risks


We’re being warned of two new phishing campaigns:


Big names are obviously big targets:


As digitization expands its scope, so are the targets for the bad guys:


With cars having lots of cameras, and being internationally connected, it was only a question of time for Tesla to become a National Security Threat to China!


Tallying the damage, FBI: One type of scam is costing business the most


With all those vulnerabilities, it’s a surprise that we don’t see more messages like these:

Facebook adds hardware security key support for Android and iOS and

Carmakers Strive to Stay Ahead of Hackers


Privacy


As cars are being mandated to connect to the Internet, their location information is hard to control: One company wants to sell the feds location data from every car on Earth


Face recognition as well seems to be unstoppable: American Airlines just revealed the future (you may feel very uncomfortable) and Does it keep COVID-19 out of buildings? Or is it really a facial recognition tool? This raises the question What Happens When Our Faces Are Tracked Everywhere We Go?


While Apple wins first battle in French fight over iOS 14 privacy protections, Google appears to be playing games: Google and the Age of Privacy Theater


With all that data in the data swamp, quality does not appear to matter much as shown by this entertaining story: Realtors keep pestering me. They say their software knows who I really am



Regulation & government actions


Google’s “privacy” actions are getting government attention: Google's plan to block third-party cookies has drawn attention from the DoJ for putting competitors at a disadvantage. Also, Google antitrust lawsuit amended to target Chrome’s Privacy Sandbox


Not to be left out, Facebook may soon face a UK antitrust investigation. Unhappy about California’s latest net neutrality law, AT&T lies about Calif. net neutrality law, claiming it bans “free data”


Hopefully, robocalls will become less profitable: FCC fines two Texas telemarketers $225 million for making 1 billion robocalls

In a novel move, California Passes New Regulation Banning 'Dark Patterns' Under Landmark Privacy Law. It will be interesting to see the legal definition of dark patterns.

Overseas, France’s privacy watchdog probes Clubhouse after complaint and petition and in the UK, Uber under pressure over facial recognition checks for drivers


Unsurprisingly, Signal's encrypted messaging app stops working in China

Recent Posts

See All