Security and privacy news, 4/3/2021
Among the major recent hacks, Solarwinds is still creating news: SolarWinds hack reportedly accessed emails for key DHS officials
Discussing the Hafnium hack, A CISO and a hacker detail how they’d respond to the Exchange breach, and we’re getting more advice: Exchange Server attacks: Run this Microsoft malware scanner now, CISA tells government agencies
With a new hack, Ubiquiti is accused of covering up a ‘catastrophic’ data breach — and it’s not denying it creating new exposures, Ubiquiti breach puts countless cloud-based devices at risk of takeover
The ransomware attackers last week went after schools in the UK A highly sophisticated ransomware attack leaves 36,000 students without email and also in the US Ransomware group targets universities in Maryland, California in new data leaks
While the feds are warning about attacks in the US Feds Indict Kansas Man for Allegedly Hacking Into Water Supply Feds say hackers are likely exploiting critical Fortinet VPN vulnerabilities, companies in Asia are also seeing attacks: Google: North Korean hackers are targeting researchers through fake offensive security firm and APAC firms face growing cyberattacks, take more than a week to remediate.
While we should expect better security from industry leaders, Stolen Data of 533 Million Facebook Users Leaked Online
As usual, we’re also hearing about holes in generally used technologies that make those hacks easier: Hackers backdoor PHP source code after breaching internal git server and
Relying on technology to remedy attacks can create a catch-22: Hacked companies had backup plans. But they didn't print them out before the attack.
Given the state of information insecurity, we’re getting a lot of advice
Let’s hope it takes.
In an interesting development IBM bets homomorphic encryption is ready to deliver stronger data security for early adopters This brings us closer to the dream of being able to process data without having to decrypt it first.
An analysis shows how collecting our digital exhaust from using the Internet can be used to create a finely detailed picture of our activities: How America’s surveillance networks helped the FBI catch the Capitol mob This validates that Facial recognition camera projects raise concerns in Eastern Europe
The technology to monitor continues to evolve: Engadget Podcast: Reviewing Google's sleep-stalking smart display.
As Google starts trialing its FLoC cookie alternative in Chrome not everyone is convinced that this solves the inherent tracking problems Google is testing its replacement for third-party cookies
Not surprisingly, Android sends 20x more data to Google than iOS sends to Apple, study says while at the same time Google puts limits on which apps can see what's installed on an Android device
To prevent your own security cameras from spying on you, see Why privacy shutters on security cameras make all the difference and to protect yourself from unexpected ‘gifts, here’s How to Keep Nearby Strangers from Sending You Files
May be everyone one is busy dealing with Covid, or it was the Easter break: There was not much regulatory news last week, except that The UK Is Trying to Stop Facebook's End-to-End Encryption