Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybersecurity

Apple Device Analytics Contain Identifying iCloud User Data, Claim Security Researchers

From the, “There is really no privacy on every technology, application and device you use,” via BeauHD: “A new analysis has claimed that Apple’s device analytics contain information that can directly link information about how a device is used, its performance, features, and more, directly to a specific user, despite Apple’s claims otherwise. MacRumors reports: On Twitter, security researchers Tommy Mysk and Talal Haj Bakry have found that Apple’s device analytics data includes an ID called “dsId,” which stands for Directory Services Identifier. The analysis found that the dsId identifier is unique to every iCloud account and can be linked directly to a specific user, including their name, date of birth, email, and associated information stored on iCloud.  On Apple’s device analytics and privacy legal page, the company says no information collected from a device for analytics purposes is traceable back to a specific user. “iPhone Analytics may include details about hardware and operating system specifications, performance statistics, and data about how you use your devices and applications. None of the collected information identifies you personally,” the company claims. In one possible differentiator, Apple says that if a user agrees to send analytics information from multiple devices logged onto the same iCloud account, it may “correlate some usage data about Apple apps across those devices by syncing using end-to-end encryption.” Even in doing so, however, Apple says the user remains unidentifiable to Apple. We’ve reached out to Apple for comment.”

Department of Energy computer systems target of relentless cyberattacks

“Cyber attackers successfully compromised the security of U.S. Department of Energy computer systems more than 150 times between 2010 and 2014, according to a review of federal records obtained by USA TODAY. Incident reports submitted by federal officials and contractors since late 2010 to the Energy Department’s Joint Cybersecurity Coordination Center shows a near-consistent barrage… Continue Reading

Pete Recommends – Weekly highlights on cyber security issues, November 19, 2022

Via LLRX – Pete Recommends – Weekly highlights on cyber security issues, November 19, 2022 – Privacy and cybersecurity issues impact every aspect of our lives – home, work, travel, education, health and medical records – to name but a few. On a weekly basis Pete Weiss highlights articles and information that focus on the… Continue Reading

Senators to FTC: Twitter’s willful disregard for the safety and security of its users

Six Senator’s wrote to FTC Chair Khan: “We write regarding Twitter’s serious, willful disregard for the safety and security of its users, and encourage the Federal Trade Commission (FTC) to investigate any breach of Twitter’s consent decree or other violations of our consumer protection laws. In recent weeks, Twitter’s new Chief Executive Officer, Elon Musk,… Continue Reading

Pete Recommends – Weekly highlights on cyber security issues, November 12, 2022 

Via LLRX – Pete Recommends – Weekly highlights on cyber security issues, November 12, 2022 – Privacy and cybersecurity issues impact every aspect of our lives – home, work, travel, education, health and medical records – to name but a few. On a weekly basis Pete Weiss highlights articles and information that focus on the increasingly… Continue Reading

Mysterious company with government ties plays key internet role

Washington Post: “An offshore company that is trusted by the major web browsers and other tech companies to vouch for the legitimacy of websites has connections to contractors for U.S. intelligence agencies and law enforcement, according to security researchers, documents and interviews. Google’s Chrome, Apple’s Safari, nonprofit Firefox and others allow the company, TrustCor Systems,… Continue Reading

FBI warns scammers now impersonate refund payment portals

Bleeping Computer: “The FBI warns that tech support scammers are now impersonating financial institutions’ refund payment portals to harvest victims’ sensitive information and add legitimacy. In today’s public service announcement, the federal law enforcement agency said that the fraudsters trick victims (generally someone from within the elderly population) via email or phone calls into giving… Continue Reading

What to Do When You’ve Been Hacked

PCMag: “When your email, credit card, or identity gets hacked, it can be a nightmare. When you discover that your personal information has been hacked, your first thought may be, why me? Why couldn’t it have been someone else? In truth, you might have fallen victim for a reason, perhaps a weak, easily guessed password,… Continue Reading

Cyber Security for Law Firms: Our Top Tips

Law Technology Today: “In the digital era, cyber security is essential for law firms. Data breaches are becoming increasingly common, threatening the privacy of clients’ sensitive information and firms’ reputations. Consider data from ABA’s Cyber Security Report, which states that 25% of law firms have previously suffered a data breach. Among the many consequences of… Continue Reading

Pete Recommends – Weekly highlights on cyber security issues, November 5, 2022

Via LLRX – Pete Recommends – Weekly highlights on cyber security issues, November 5, 2022: “Privacy and cybersecurity issues impact every aspect of our lives – home, work, travel, education, health and medical records – to name but a few. On a weekly basis Pete Weiss highlights articles and information that focus on the increasingly complex… Continue Reading

Online Consumer Data Collection

CRS Report – Online Consumer Data Collection, October 31, 2022 – “Large amounts of consumer data can be collected, processed, and analyzedby operators of websites and mobile applications (apps) and third parties, which are entities otherthan the website or appprimary operator (e.g., data brokers). Operators collect data for multiple purposes, including providing services, selling user… Continue Reading

FINCEN – US Banks Spent $1 Billion on Ransomware Payments in 2021

“The Financial Crimes Enforcement Network (FinCEN) today issued its most recent Financial Trend Analysis of ransomware-related Bank Secrecy Act (BSA) filings for 2021, indicating that ransomware continued to pose a significant threat to U.S. critical infrastructure sectors, businesses, and the public. The report focuses on ransomware trends in BSA filings from July-December 2021, and addresses… Continue Reading