A Review of the Best News of the Week on Identity Management & Web Fraud

NJ Supreme Court: No 5th Amendment right not to unlock your phone (Ars, Aug 11 2020)
Courts are split on whether phone unlocking orders violate the Fifth Amendment.

Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims (Krebs on Security, Aug 06 2020)
A group of thieves thought to be responsible for collecting millions in fraudulent small business loans and unemployment insurance benefits from COVID-19 economic relief efforts gathered personal data on people and businesses they were impersonating by leveraging several compromised accounts at a little-known U.S. consumer data broker, KrebsOnSecurity has learned.

A Private Equity Firm Bought Ancestry, and Its Trove of DNA, for $4.7B (VICE, Aug 07 2020)
Blackstone, which says it will not have access to people’s data, acquired the genealogy and home DNA testing company from a group of other investment firms.

Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~16,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share today’s post on Twitter Facebook LinkedIn

#DEFCON: Bypassing Biometric Scanners with 3D Printed Fingerprints (Infosecurity Magazine, Aug 10 2020)
Using a budget-friendly 3D Resin printer, researcher details how it’s possible to trick fingerprint scanners

Digital Clones Could Cause Problems for Identity Systems (Dark Reading, Aug 08 2020)
Three fundamental technologies — chatbots, audio fakes, and deepfake videos — have improved to the point that creating digital, real-time clones of people is merely a matter of integrating the systems.

Las Vegas Cops Used ‘Unsuitable’ Facial Recognition Photos To Make Arrests (VICE, Aug 07 2020)
Records obtained by Motherboard show the police department used sub-par images in almost half of its facial recognition searches, increasing the chance of misidentifying suspects.

The Essential Role of IAM in Remote Work (The Security Ledger, Aug 10 2020)
The sudden shift to 100% remote work has been jarring. How can businesses ensure remote workers are productive, while protecting sensitive data and minimizing cyberthreats? Rachael Stockton of LogMeIn and LastPass provides some tips.

17 Essential Stats About the State of Consumer Privacy (Dark Reading, Aug 11 2020)
These illuminating numbers offer a glimpse into current consumer attitudes and enterprise readiness for protecting their customers’ personal data.

Gamifying Password Training Shows Security Benefits (Dark Reading, Aug 10 2020)
When picking passwords, users often fall back on certain insecure patterns, but good habits can be learned using simple games, a group of researchers find.

Better Business Bureau Warns of New Visa Scam (Dark Reading, Aug 10 2020)
Visa limitations due to the novel coronavirus have given rise to a wave of scams aimed at visa-seekers.

Expect Behavioral Analytics to Trigger a Consumer Backlash (Infosec Island, Aug 10 2020)
The deployment of cameras, sensors and applications in public and private places for behavioral analytics will be followed by consumer and regulatory backlash.

Europe Cookie Law Comparison Tool Launched (Infosecurity Magazine, Aug 10 2020)
Global law firm launches free Europe Cookie Law Comparison tool

Business must overcome privacy challenge for facial recognition to thrive (SC Media, Aug 11 2020)
Pharmacy chain Rite-Aid’s recent abandonment of an eight-year-old facial recognition program aimed at curbing shoplifting as well as creating new marketing underscores how widespread the use of the controversial technology is and how organizations struggle to overcome associated security and privacy challenges – as well negative perceptions.

Hackers Hijacked Popular YouTube Channels to Promote Bitcoin Scams (VICE, Aug 10 2020)
Several popular YouTube channels streamed Bitcoin scams in a series of hacks to promote Bitcoin scams.

Police use of facial recognition violates human rights, UK court rules (Ars Technica, Aug 11 2020)
Use of the tech needs to be narrower to conform to human rights law, court held.

Researchers Trick Facial-Recognition Systems (Dark Reading, Aug 11 2020)
Goal was to see if computer-generated images that look like one person would get classified as another person.

EU-US Privacy Shield Dissolution: What Happens Next? (Dark Reading, Aug 11 2020)
In a world that isn’t private by design, security and liability implications for US-based cloud companies are huge.

How Facebook and Other Sites Manipulate Your Privacy Choices (Wired, Aug 12 2020)
Social media platforms repeatedly use so-called dark patterns to nudge you toward giving away more of your data.

With iOS’s Privacy Nutrition Label, Apple Upstages Regulators (Dark Reading, Aug 13 2020)
New iOS privacy features require developers to disclose what data they’re collecting, how they’re using it, and with whom they share it.

All Of My TikTok Followers Are Fake (VICE, Aug 13 2020)
By buying followers, likes, and views, our own shoddy TikTok video climbed up the hashtag rankings.