Your weekly top 5 technical and security issues Nerds should pay attention to:
A long read, but well worth it, “Your Face Is Not Your Own” is another deep dive on ClearviewAI: “When a secretive start-up scraped the internet to build a facial-recognition tool, it tested a legal and ethical limit — and blew the future of privacy in America wide open.”
“Expert” hackers used 11 0-days to infect Windows, iOS, and Android users. The breadth and abundance of exploits for unknown vulnerabilities sets group apart. Reporting on problems without sage advice is difficult for me to do, which is why I keep repeating that we must assume we’re already compromised, and therefore limit exfiltration and apply zero trust network access.
Don’t run TikTok on Android. Or at least patch it before you use it again: TikTok for Android 1-Click RCE.
Mimecast says SolarWinds hackers breached its network and spied on customers. As we can see, the SolarWinds attack has a much broader effect than just SolarWinds. Good on Mimecast for its transparency. We’re not so sure everyone takes that position that may have been impacted in a similar way.
New global model needed to dismantle ransomware gangs, experts warn. Ransomware victims paid nearly $350 million to hackers in 2020, a 311% increase over the prior year. But part of the problem with tamping down on ransomware attacks is that gangs are acting without any apparent consequences.
Did you know?
For a video version of this news, see: https://youtu.be/9bsMP_vZ4Xo