The metaverse is looking to monetize the things you imagine, and other privacy and security news

Privacy

The metaverse, capturing the things we imagine, will be the The next privacy crisis

The encroachments on our privacy are proceeding apace

• Signal unveils how far US law enforcement will go to get information about people

• Digging into Google’s push to freeze ePrivacy

• Russian Hackers Reportedly Hid Behind Americans' Home Networks to Mask Their Cyber Espionage

The commercial motivation is clear: Apple's Privacy Policy Cost Snap, Facebook, Twitter, and YouTube an Estimated $9.85 Billion in Revenue Naturally, this is value consumers provided to those companies for without being compensated.

To get some money back, US Citizens Sue Company That Processes Billions of Texts For Exposing Their Data

As Mozilla Firefox joins browsers implementing Global Privacy Control, the real question is whether the web sites honor the “do not track” requests.

Illustrating how carefully they vet their users, Facebook verified a fan page posing as Elon Musk

Security

Surprisingly, no major new ransomware attacks were announced last week, despite the fact that It's a 'golden era' for cyber criminals - and it could get worse before it gets better and the claim that Ransomware has proliferated because it's 'largely uncontested', says GCHQ boss

While The SolarWinds Hackers Are Looking for Their Next Big Score the defenders showed significant successes:

• These ransomware criminals lost millions of dollars in payments when researchers secretly found mistakes in their code

• Ransomware decryptor roundup: BlackByte, Atom Silo, LockFile, Babuk decryptors released

• Europol Captures 12 Suspects Believed to Have Used Ransomware to Attack 1,800 Victims in 71 Countries

• Feds cuff Russian said to be developer of 'Trickbot' ransomware

In other hacks,

• A security bug in health app Docket exposed COVID-19 vaccine records

• Third-party data breach in Singapore hits healthcare provider

• An Apparent Ransomware Hack Puts the NRA in a Bind

• Large Chinese Tech Firm Raided by the FBI After Accusations of Aiding Cyberattacks

Reports on the state of IT security showed a surprising lack of commitment:

• Nearly all US execs have experienced a cybersecurity threat, but some say there's still no plan

• HTTPS threats grow more than 314% through 2021: Report

• 79% of IT teams have seen increase in endpoint security breaches

• 70% of dev teams admit to skipping security steps

• 83% of orgs leave most sensitive data unencrypted on the cloud

• 55% of execs say that SolarWinds hack hasn’t affected software purchases

We’ll see lots more violations going forward!

On the positive side, Google Patches 2 Actively Exploited Chrome Zero-Days

Not all problems, though, are the result of attacks: KT clarifies routing error caused outage instead of DDoS attack

Regulation

The different approach to privacy between the US and the EU seems to defy a solution: Data transfers between the EU and the US: Still unclear on what you're supposed to do? Here's an explainer

Coming down on the side of consumers,

• Snap, TikTok and YouTube need to do more to protect children, lawmakers say

• The US Copyright Office just struck a blow supporting the right to repair

• EU Rejects Nvidia's Arm Deal Proposals, Citing Competition Concerns

Seagate violated sanctions by selling hard drives to Huawei, says Senate committee

Finally, China's personal data protection law kicks in today It will be interesting to watch how this plays out.