Venafi: Social Media Data Collection Regulation: Survey – “…70 percent of respondents said governments should regulate the collection of personal data by social media companies to protect user privacy, but 72 percent believe government officials do not have a good understanding of the threats impacting digital privacy…”
The Economist: [What Zuckerberg should do] Facebook faces a reputational meltdown – “This is how it, and the wider industry, should respond”
Facebook: It’s Time to Make Our Privacy Tools Easier to Find – “We’ll also update our data policy to better spell out what data we collect and how we use it. These updates are about transparency – not about gaining new rights to collect, use, or share data.” Let’s hope so.
org: Researchers find leaky apps that put privacy at risk (not just a Facebook issue). Refers “to a paper presented by Northeastern associate professor Alan Mislove at the the Federal Trade Commission conference PrivacyCon last month,” but, annoyingly, doesn’t include a link.
My response (not used) to a request for comment: “Lately, quite a few comparatively new security issues have tended to overshadow ransomware in the media: cryptojacking, vulnerabilities relating to hardware and firmware, even privacy issues relating to social media (and especially Facebook). Yet this incident is a salutary reminder that ransomware has not gone away just because it isn’t talked about so much, and there are some examples for which there is still no decryptor available except by the ‘goodwill’ of the criminals. As long as some of the bad guys are making money out of it, the attacks will continue. It should, therefore, still be a priority for organizations and individuals to ensure that their data and systems are safely backed up and that ransomware can’t reach the backups as well as the original files.”
Trend Micro: Detecting Attacks that Exploit Meltdown and Spectre with Performance Counters
“We worked on a detection technique for attacks that exploit Meltdown and Spectre by utilizing performance counters available in Intel processors. They measure cache misses — the state where data that an application requests for processing is not found in the cache memory — that can be used to detect attacks that exploit Meltdown and Spectre.”
Tomáš Foltýn for ESET: Cryptocurrency exchange announces bounty on hackers
“Binance is offering a $250,000 USD equivalent bounty to anyone who supplies information that leads to the legal arrest of the hackers involved in the attempted hacking incident on Binance on March 7th, 2018,”