• Martin Kienzle

Security and privacy news, 4/18/2021

Security


SolarWinds: US and UK blame Russian intelligence service hackers for major cyberattack. Reacting, US expels Russian diplomats in response to SolarWinds hack


On the Hafnium front, Cyber criminals are installing cryptojacking malware on unpatched Microsoft Exchange servers. People could protect themselves with a Download that covers 114 CVEs including new Exchange Server bugs For those who don’t do it themselves, The FBI got a court order to delete backdoors from hacked Exchange servers


It never seems to end: Cyberattack on UK university knocks out online learning, Teams and Zoom The newly announced vulnerabilities show why:


IoT devices show additional vulnerabilities: These new vulnerabilities put millions of IoT devices at risk, so patch now and Critical security alert: If you haven't patched this old VPN vulnerability, assume your network is compromised

A Stanford study says Some FDA-approved AI medical devices are not ‘adequately’ evaluated, so it’s good to hear that Medtronic partners with cybersecurity startup Sternum to protect its pacemakers from hackers

For enterprises, Microsoft Defender for Endpoint now protects unmanaged BYO devices


The ongoing scourge of Ransomware: The internet's biggest security crisis is getting worse. We need a way out Meeting the Ransomware Gang Behind One of the Biggest Supply Chain Hacks Ever illustrates some new extreme tactics.


It’s good to know that there are good guys among the hackers as well:


For a complete guide on how consumers can stay saft on the Internet, look at this recent post on PCguide!



Privacy


Google seemed to dominate the privacy news last week. To start, let’s look at What would the internet look like without third-party cookies? Reacting to Google’s proposed scheme, 'FLoC off!' Vivaldi declares as it says no to Google's tracking system and Brave browser disables Google's FLoC tracking system


An interesting new book shows How biased AI can hurt users or boost a business's bottom line This being a hot topic, why is Google poisoning its reputation with AI researchers?


Unsurprisingly, Google allegedly gave its ad system an advantage with a special project


Given their history on the topic, it’s surprising thatGoogle is making another attempt at personal health records The data to be collected are too tempting. But who will trust them?


Not to be left out of the news, Amazon tried to coerce Ecobee into collecting private user data, the WSJ reports

In prior weeks, we’ve heard a lot of discussion about police use of face recognition. Here’s a reason why this is problematic: Wrongfully arrested man sues Detroit police over false facial recognition match


Regulation


As usual, the EU is pushing forward with privacy and data protection: EU plan for risk-based AI rules to set fines as high as 4% of global turnover, per leaked draft with support from their representatives: MEPs call for European AI rules to ban biometric surveillance in public In addition, Ireland opens GDPR investigation into Facebook leak

Downunder, Google misled consumers over location data settings, Australia court finds


Thankfully, there is movement in the US as well:

Minnesota Has Begun Crafting Privacy Policies for Connected Transit Tech

U.S. Lawmakers Pressure DOJ Over Funding of Predictive Policing Tools

Sen. Wyden proposes limits on exportation of American’s personal data

Recent Posts

See All