InfoSec News Nuggets 05/05/2023

Microsoft Is Ending Windows 10 Updates  Microsoft is finished with major updates to Windows 10, the tech giant said in a blog post Thursday. Windows 10 version 22H2 is the current and final version of the operating system, though Microsoft said it will continue to release monthly security updates for all Windows 10 editions until it reaches end of support on Oct. 14, 2025. Existing long-term servicing channel, or LTSC, releases will still receive updates beyond that end…
Read More

InfoSec News Nuggets 04/17/2023

TikTok ban gets final approval by Montana's GOP legislature  Montana's House gave final passage Friday to a bill banning the social media app TikTok from operating in the state, a move that's bound to face legal challenges but also serve as a testing ground for the TikTok-free America many national lawmakers envision due to concerns over potential Chinese spying. The House voted 54-43 in favor of the measure, which would make Montana the first state with a total…
Read More

InfoSec News Nuggets 04/11/2023

KFC, Pizza Hut owner discloses data breach after ransomware attack  Yum! Brands, the brand owner of the KFC, Pizza Hut, and Taco Bell fast food chains, is now sending data breach notification letters to an undisclosed number of individuals whose personal information was stolen in a January 13 ransomware attack. This comes after the company said that although some data was stolen from its network, it has no evidence that the attackers exfiltrated any customer information. In…
Read More

InfoSec News Nuggets 04/05/2023

‘Smart’ tech is being weaponised by domestic abusers, and women are experiencing the worst of it  Readers may be familiar with the famous Dolly Parton line “It costs a lot of money to look this cheap”. I like to paraphrase it. If I have a guest at my home, I’ll sweep my hand across the room and say: “Friend, it took a lot of learning to live this dumb.” No, I’m not talking about learning to wear…
Read More

InfoSec News Nuggets 12/13/2022

North Korean Hackers Impersonate Researchers to Steal Intel A prolific North Korean state hacking group has gone back to basics in a new attempt to understand Western thinking about the hermit nation, according to Microsoft. Instead of using spear-phishing emails and/or covert information-stealing malware, the hackers are using fairly simple impersonation tactics to get the information they want, the Microsoft Threat Intelligence Center (MSTIC) told Reuters. They’re doing this by sending emails to researchers and foreign…
Read More

InfoSec News Nuggets 09/16/2022

Proton and DuckDuckGo want Congress to approve tech antitrust reform ‘as soon as possible’ More than a dozen smaller tech companies, including Proton and DuckDuckGo are urging lawmakers to pass comprehensive antitrust legislation “as soon as possible.” For them, passing the bill would kill two birds with one stone, allowing lawmakers to address anti-competitive conduct and privacy failures in one go.  In a letter to top congressional leaders on Tuesday, executives from a dozen smaller tech…
Read More

InfoSec News Nuggets 12/23/2021

Former Uber CSO Faces New Charge for Alleged Breach Cover-Up A federal grand jury has expanded the list of charges filed against the former chief security officer of Uber, who's been accused of a criminal data breach cover-up. Joe Sullivan, 52, who served as Uber's CSO from April 2015 through November 2017, faces a new charge of wire fraud over a 2016 hack of the ride-sharing service, which resulted in the exposure of 57 million…
Read More

InfoSec News Nuggets 09/03/2020

Uber to require mask selfies for riders who haven’t been covering up Uber drivers have long had to take a selfie to show they're wearing a mask before accepting rides. Now the same scanning software will be used on  passengers. By the end of September in the U.S. and Canada, Uber passengers that have been flagged for not wearing a mask will have to scan their face through the app before they can request another ride. The…
Read More

InfoSec News Nuggets 5/5/2020

New Firefox service will generate unique email aliases to enter in online forms Browser maker Mozilla is working on a new service called Private Relay that generates unique aliases to hide a user's email address from advertisers and spam operators when filling in online forms. The service entered testing last month and is currently in a closed beta, with a public beta currently scheduled for later this year, ZDNet has learned. Private Relay will be available as a…
Read More