Security News Update for Week Ending July 26, 2024
Google Rolls back Decision to Kill Third Party Cookies
Firefox and Safari, along with some other smaller browsers already block third party cookies by default. Google said that they would do the same. Google now says that phasing out third party cookies will hurt their revenue stream, uh, will impact online advertising, so they are not going to do it. They are, instead, allowing users to choose – users who barely understand how to read their email. I am sure they will make the right choice – for Google. There are numerous ways to enhance your browsing privacy. If you have questions, please contact us. Credit: Bleeping Computer
Hackers Cyber Attack Ukrainian Heating Systems in Winter
While this was a problem in Ukraine last January, it is a global problem. The “FrostyGoop” malware attacked industrial control systems at an energy facility and shut it down for two days, affecting 100,000 people. The hackers developed malware that talks directly to these industrial controllers. Unfortunately, there are about 50,000 of this specific controller exposed to the Internet worldwide, likely all vulnerable. Credit: Data Breach Today
CrowdStrike Can’t Catch a Break
CrowdStrike confirmed that they sent out $10 Uber Eats gift cards to some of their “partners” to acknowledge their hard work following CrowdStrike’s Massive screw up. Only problem is that the people who tried to use it said they got a message that the card had been cancelled by the issuing party. CrowdStrike claims that Uber thought it was fraud due to the high usage rate and cancelled the cards. Sucks to be them. Credit: Techcrunch
UK’s Ofcom Fines TikTok $2Mil for Failure to Provide Child Safety Info
First of all, lets face it, $2 Mil to TikTok is sofa cushion change. Still, they did get whacked by the UK regulator Ofcom. They submitted info (wrong info), then took it back, then submitted more info (but not really what they were asking for). They did get credit for being a first time offender (meaning the first time they got fined, not the first time they screwed up protecting kids). But this fine is not their big problem. The CJEU, the EU’s Supreme Court, upheld the decision that they are a gatekeeper (meaning lots of people use it), which dramatically increases the requirements they have, both from a reporting standpoint and an interoperability view. Also, the US wants to ban them if they don’t sell to a non-Chinese company. Wow. Credit: Computing
In Case You Were Wondering Why Software Has So Many Bugs …
CrowdStrike Says they did a survey of cybersecurity workers and they said they only review major software updates about half of the time due to cost, time and complexity. Truth is, it is probably less than the reported amount. This probably explains a lot. More details in The Register