Security and Privacy Leftovers

posted by Roy Schestowitz on Jun 21, 2023,
updated Jun 21, 2023

• We have nothing to hide, only everything to protect

  "I have nothing to hide." That's what most people say when I start a conversation about privacy. Have you ever wondered why you should use software that protects your privacy and the privacy of the people you communicate with? To understand this better, I recommend watching the first talk in our LibrePlanet 2023 lightning talk series. In her five minute talk, the speaker will convince you that you are worthy of all the privacy you want and need. For people who claim that they have nothing to hide, she has a persuasive reply: "I have nothing to hide, only everything to protect."

  If you don't use free software for the sake of your own privacy, then use it to protect your loved ones; if you don't value yourself enough to make sure that information that's yours -- and only yours -- stays with you, then at least honor the privacy of the most vulnerable people in our society. History shows that even societies that are considered to be free have areas in which they struggle to exercise equal treatment and fail to guarantee human rights for everyone who lives within them. In the above-mentioned lightning talk, the speaker cites the example of the Underground Railroad, a network of secret routes and safe houses that helped enslaved African Americans in the 19th century escape from slavery. The Underground Railroad would not have been possible without privacy!

• Palantir's deals with NHS England top £60M – without competition

  NHS England, the health department quango, first started working with the US data analytics company during the height of the pandemic, when a £1 award [PDF] led to a £1 million ($1.7 million) deal, and then a £23 million ($29.2 million) contract signed in December 2020 without competition for a COVID-linked data store and related analytics.

  That deal was subject to the threat of judicial review from campaigners, who argued the contract represented such a change in data usage it warranted public consultation under British data protection law. NHS England later agreed not to extend Palantir's contract beyond the pandemic without consulting the public.

• Oreo cookie maker says crooks gobbled up staff info [Ed: Microsoft Windows]

  Considering Mondelez was among the global companies hit in the NotPetya outbreak — and it recently settled its lawsuit against Zurich American Insurance Company, which it brought because the insurer refused to cover Mondelez's $100-million-plus cleanup bill — the fact that this was a third-party privacy breach probably provided a small bit of relief somewhere. Bryan Cave, we note, did not represent Mondelez in the NotPetya insurance legal battle.

• Power LED Side-Channel Attack

  This is a clever new side-channel attack:

  The first attack uses an Internet-connected surveillance camera to take a high-speed video of the power LED on a smart card reader­or of an attached peripheral device­during cryptographic operations. This technique allowed the researchers to pull a 256-bit ECDSA key off the same government-approved smart card used in Minerva. The other allowed the researchers to recover the private SIKE key of a Samsung Galaxy S8 phone by training the camera of an iPhone 13 on the power LED of a USB speaker connected to the handset, in a similar way to how Hertzbleed pulled SIKE keys off Intel and AMD CPUs...

• 5 Best VPNs for Linux in 2023 (Free and Paid)

  A VPN aka Virtual Private Network can protect your privacy online by keeping you anonymous on the internet. The way a VPN works is by routing your network to a different private network and server present somewhere across the globe, thereby protecting your online activity from trackers and phishing websites. If you are on Linux, you’re already a privacy-conscious user and you would want to use a VPN. In this guide, let’s look at the 5 best VPNs for Linux.

• Security updates for Tuesday [LWN.net]

  Security updates have been issued by Debian (libxpm and php7.3), Fedora (chromium), Mageia (kernel, kernel-linus, and sysstat), Red Hat (c-ares), SUSE (libwebp), and Ubuntu (cups-filters, libjettison-java, and libsvgpp-dev).

• Iowa’s largest school district confirms ransomware attack, data theft

  "The cyberattack against DMPS included a ransom demand. No ransom has been or will be paid in response to this attack based on the advice of our cybersecurity experts and what is in the best interest of the school district and community," Des Moines Public Schools said.

• FTC Says Genetic Testing Company 1Health Failed to Protect Privacy and Security of DNA Data and Unfairly Changed its Privacy Policy

  The Federal Trade Commission charged that the genetic testing firm 1Health.io left sensitive genetic and health data unsecured, deceived consumers about their ability to get their data deleted, and changed its privacy policy retroactively without adequately notifying and obtaining consent from consumers whose data the company had already collected.

• Over 100,000 compromised ChatGPT accounts found for sale on dark web

  Singapore-based threat intelligence outfit Group-IB has found ChatGPT credentials in more than 100,000 stealer logs traded on the dark web in the past year.

• Ransomware affects emergency radiology workflows [Ed: Microsoft Windows is killing people]

  Ransomware attacks have a significant effect on emergency radiology workflows, as well as on acute care delivery and the personal well-being of healthcare providers, according to a study published June 15 in the Annals of Emergency Medicine.

  Researchers led by Liselotte van Boven, MD, from VieCuri Medical Center in Venlo, the Netherlands, found several common themes among interviewed personnel, including limited preparedness by emergency departments for such attacks. They also found that many attacks occur during the acute care and recovery phases.

  "[The] interviews underscore the importance of preparation in reducing the marked clinical effect of cybercrime," van Boven and colleagues wrote.

  Many ransomware attacks occur at hospitals, disrupting medical care. Previous reports suggest that healthcare workers, including radiologists, experience longer emergency department shifts, delayed testing and treatment, higher complication rates, and increased need for patient transfers.

• Ransomware Gang Haunted US Firms Long Before MOVEit Hack [Ed: Microsoft Windows TCO]

  Shell Plc, IAG SA’s British Airways, the British Broadcasting Corp., the state of Minnesota’s Department of Education, multiple federal agencies — they’re among the victims of the latest data breach launched by Clop, a Russian-speaking hacking group that’s attacking targets around the world in both the public and private sectors.

  The Clop gang, also known as Cl0p, is known for “driving global trends in criminal malware distribution,” according to the US Cybersecurity and Infrastructure Security Agency, or CISA.

• The FCC launches a privacy task force focused on wireless

  The Federal Communications Commission (FCC) wants to get back into the business of regulating privacy. On Wednesday, Chairwoman Jessica Rosenworcel announced the agency had created a Privacy and Data Protection Task Force that will be led by Loyaan Egal, the head of the enforcement bureau. >

Microsoft Windows TCO:

• Suffering from ransomware is a reason to fire more than half of the workforce. The National Court endorses it

  One of the great fears of any company is that it will be affected by a cyber attack. The presence of malware on a company’s computer equipment can be fatal by producing stoppages in production, the impossibility of accessing their records and even the danger of the personal data of its clients. But now a new fear comes into play: the possibility of employees losing their jobs.

• Lockbit ransomware still poses persistent threat to businesses, warn international agencies

  The advisory reveals that Lockbit was the most prevalent ransomware variant deployed globally in 2022. Moreover, its activities have persisted throughout 2023, with incidents observed as recently as late May. In response to this alarming trend, the National Cyber Security Centre (NCSC), a division of GCHQ, collaborated with agencies from the United States, Australia, Canada, France, Germany and New Zealand to provide guidance aimed at reducing the likelihood and severity of future attacks.

• [Repeat] Alphv ransomware gang wants Reddit to withdraw change in API pricing

  On their web site on the dark web, the group said that it had sought a US$4.5 million (A$6.56 million) from Reddit in exchange for deleting the stolen data.

Windows TCO = cost of choosing Microsoft.