And it doesn’t end there. Each week, we cover security and privacy issues that we haven’t covered in depth ourselves. Click on the headlines to read the full stories. And stay safe there.
If you’re using the uBlock Origin Chrome extension to filter online ads, expect to get a little annoyed soon. Google has started implementing new Chrome extension standards, called Manifest V3, which will disable the legacy version of the uBlock Origin extension that most users may have installed. And while you may be thinking, “Google is the yellow gorilla of online advertising, it’s finally forcing me to see ads!” there is good news. A new version of the ad filtering extension that meets the Manifest V3 standards, uBlock Origin Lite, is now available. Then again, it won’t block as much as previous iterations of uBlock. However, as a Google spokesperson told The Verge, you have options: “Advanced content filtering extensions all have Manifest V3 versions available – with options for users of AdBlock, Adblock Plus, iBlock Origin and AdGuard.” Either way, you’ll need to install a new extension soon.
US authorities announced charges this week against a 25-year-old Alabama man accused of hacking the Securities and Exchange Commission’s X account. Prosecutors say Eric Council Jr. obtained personal information and materials for a fake ID of the person controlling the @SECGov account from unknown conspirators. Council allegedly used this fake ID to carry out a SIM swap attack, tricking AT&T store employees into giving him a new SIM card, which he then used to take control of the victim’s phone account. The participants used that to gain access to the X account of the SEC, where they sent a false announcement about the regulatory status of Bitcoin, which was followed by a jump in the price of 1,000 $ per bitcoin. Council is charged with conspiracy to commit identity theft and access device fraud.
Grocer Kroger has never used facial recognition technology widely in its stores and has no current plans to use it, a spokesperson told Fast Company this week. The company has come under fire for its use of electronic shelving labels due to concerns that ESLs could be used to force higher prices on popular items, and fears that the devices could be used with facial recognition. The company made a pilot of a face recognition technology called EDGE in 2019, but did not move forward with the service. U.S. attorneys including Rashida Tlaib, Elizabeth Warren, and Robert Casey have publicly expressed concern over Kroger’s use of ESL.
Microsoft told customers that it failed to capture more than two weeks of security logs from certain cloud services in September, including Microsoft Entra, Sentinel, Defender for Cloud, and Purview. News of the missing logs was first reported by Business Insider. The company said in a statement that “a bug in one of Microsoft’s internal monitoring agents caused other agents to malfunction when uploading log data to our internal logging platform.” The void extends from September 2 to September 19. A Microsoft official confirmed to TechCrunch that the incident was caused by “a bug within our internal monitoring agent.”
System activity logs are important for all types of operations and are mainly used for monitoring and investigation, as they can reveal breaches and malicious activities. After Russian hackers breached US government networks with SolarWinds software in 2020, many agencies could not see activity on their Microsoft Azure cloud services because they did not pay for Microsoft’s premium tier features, and therefore did not have enough network logs . Lawmakers are outraged by the fees, and the Biden administration has worked for more than two years to get Microsoft to make logging services free. The company finally announced the change in July 2023.
Source link