Smart glasses will come, like it or not! and other privacy and security news

Privacy

While Google glasses did not take off, “smart” glasses appear to be unavoidable:

Sunglasses Have Terms of Service Agreements Now, Thanks to Facebook, even though for now, Facebook glasses are not overly ‘smart,’ maybe a little shady.

Not wanting to be left behind Apple and Facebook Are Coming for Your Face Next

Despite many assurances to the contrary, Lawsuits say Siri and Google are listening, even when they’re not supposed to. Also, WhatsApp Moderators Can Read Your Messages

ProtonMail came under fire after giving authorities an activist's IP address. However, their

CEO says services must comply with laws unless based 15 miles offshore

In government surveillance, Police are investing in facial recognition and AI. Not everyone thinks that it's going well. Also, The LAPD's Spy Tactics Detailed in Over 6,000 Pages of Newly Released Documents

Going for the “freelancers”, DOJ fines NSA hackers who assisted UAE in attacks on dissidents

In a scary technical development, A Single Laser Fired Through a Keyhole Can Expose Everything Inside a Room

Security

Ransomware was a big story again in the last two weeks, with some hacks: Howard University announces ransomware attack, shuts down classes on Tuesday. Also, REvil ransomware group resurfaces after brief hiatusand Ransomware attackers targeted app developers with malicious Office docs, says Microsoft.

The government appears to be of two minds about ransomware. On the one hand, US Plans Sanctions for Ransomware Payment Facilitators. But then, FBI reportedly withheld ransomware key from business for 3 weeks in failed sting

As usual, other hacks were reported as well

• Attacker releases credentials for 87,000 FortiGate SSL VPN devices

• Cryptocurrency launchpad hit by $3 million supply chain attack

• Epik Was Warned About a Large Security Flaw Before Its Data Leaked

• Cybercriminal Gang Just Leaked 500,000 Fortinet VPN Users' Passwords

And the vulnerabilities continue to pile up:

• Phishers impersonate US DOT to target contractors after Senate passed $1 trillion infrastructure bill

• IBM finds cloud credentials sell for mere dollars in ‘booming’ dark web market

• Telegram has seen a sharp rise in cybercriminal activities, report says

• CISA warns of APT actors exploiting newly identified vulnerability in ManageEngine ADSelfService Plus

Reducing risk, Microsoft issues patch for zero-day exploit that uses malicious Office files

How can users avoid being the perfect ransomware victim, according to cybercriminals? They need to change the priorities: 91% of IT teams have felt 'forced' to trade security for business operations

Regulation

US regulators are moving to protect consumers:

• SEC wants to regulate Coinbase’s crypto yield product, Coinbase disagrees

• FTC says health apps must notify consumers about data breaches — or face fines

• The FDA should regulate Instagram’s algorithm as a drug

• Joe Biden to nominate facial recognition critic to FTC

Abroad, governments are getting in the action as well

• Google slapped with a $177 million fine by South Korea’s antitrust authorities

• Ireland probes TikTok’s handling of kids’ data and transfers to China

• What China’s new data privacy law means for US tech firms

Though not all efforts are consistent: Ireland fails to enforce EU law against Big Tech

While recognizing a problem, this effort is not likely to see broad take-up: AI: Ban the algorithms that threaten our human rights, says UN chief