Security and privacy news, 4/11/2021
Security
Last week’s security news showed many facets on how consumers are directly exposed to risks simply by engaging on the web.
Answers being sought from Facebook over latest data breach to find out What Really Caused Facebook's 500M-User Data Leak?
Another 500 million accounts have leaked online, and LinkedIn’s in the hot seat despite claiming the leak was just scraping of public information.
In addition, key consumer services and apps are being undermined to trap consumers:
Hackers are exploiting discord and slack links to serve up malware
A New Phishing Campaign Sends Malware-Laced Job Offers Through LinkedIn
New wormable Android malware poses as Netflix to hijack WhatsApp sessions
Android App That Promised Free Netflix Shockingly Just Highly Annoying Malware
He believed Apple’s App Store was safe. Then a fake app stole his life savings in bitcoin.
Massive amounts of consumer data have been exposed 70,000 SSNs, 600,000 Credit Card Records Leaked After Stolen-Data Hub Gets Hacked and No password required: Mobile carrier exposes data for millions of accounts
As usual, there was ransomware news: a VPN vulnerability allowed ransomware to disrupt two manufacturing plants It pays to find out how they got in:A company paid millions to get their data back, but forgot to do one thing. So the hackers came back again and When Companies Fail to Pay, Ransomware Gangs Email Their Customers
In different ways, the underlying infrastructures are attacked:
Windows and Linux devices are under attack by a new cryptomining worm
Imposters steal restaurants’ names in delivery app deception
FBI, CISA warn Fortinet FortiOS vulnerabilities are being actively exploited
While enterprises are actively investing in security Survey finds 96% of execs are considering adopting ‘defensive AI’ against cyberattacks consumers would rather not have to deal with it Experian: Consumers prefer ‘invisible security’ to passwords
The fact that Nation-state cyber attacks targeting businesses are on the rise indicates a dangerous escalation.
Privacy
Changes in the ad tracking technologies received a lot of attention lasts week.
While Privacy activist Max Schrems claims Google Advertising ID on Android is unlawful, files complaint in France, Apple shares more details about its imminent App Tracking Transparency feature showing that Tim Cook is making very different choices from Mark Zuckerberg.
Trying to push us from the frying pan into the fire, Email is the answer to the death of cookies for digital publishers
Advancing “customer data management" Segment founder on future of customer data management and acquisition by Twilio But do customers really want to be engaged by businesses? Shouldn’t customer data management mean that customers manage their data?
There are questions about the use of all the data collected. Study suggests Facebook shows users different job ads based on their gender. While Spotify explains how its voice assistant uses your data, not using it is users’ only way to control their data. And once they have the data, Tech Giants Won’t Name Foreign Companies They Give US ‘Bidstream’ Data To
Face recognition received a lot of attention again last week. There was more indication of heavy use in the US Clearview AI's Facial Recognition Has Been Used by Over 1,800 Public Agencies and Dallas Police Used Face Recognition Software Without Authorization, Installed on Personal Phones it In Europe, letters to the EU Commission claim Facial recognition tech is supporting mass surveillance. It's time for a ban, say privacy campaigners
In another case of technology advances having dark sides, Anyone with an iPhone can now make deepfakes.
Regulation
Facebook is increasingly in regulators’ sights, in the US FTC urges courts not to dismiss Facebook antitrust case as well as in Europe: Facebook’s tardy disclosure of breach timing raises GDPR compliance questions and Facebook’s Kustomer buy could face EU probe after merger referral
While anti-trust for big tech is still in early discussions in the US, UK’s Digital Markets Unit starts work on pro-competition reforms