A Review of the Best News of the Week on Identity Management & Web Fraud
Apple Says It’s Time to Digitize Your ID, Ready or Not (Wired, Jun 15 2021)
Digital driver’s licenses have had a slow start in the US so far, but iOS 15 Wallet will give the nascent technology a serious push.
All the New Privacy Features Coming to iOS and macOS (Wired, Jun 13 2021)
Improvements designed to keep your email private, crack down on data stealing apps, and help you find lost devices are on their way.
Fake Online Reviews Linked to $152 Billion in Global Purchases (Infosecurity Magazine, Jun 15 2021)
Around 4% of internet reviews are fakes, undermining trust in e-commerce
Filter Out the Noise
Since I started this curated security news in June 2017, I’ve clipped ~19,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
Arrest Made Over Multi-million-dollar BEC Scam (Infosecurity Magazine, Jun 10 2021)
Texas cops arrest man who allegedly defrauded businesses and individuals out of $2.2m
Canada Privacy Watchdog Slams Police Use of Facial Recognition Tool (SecurityWeek, Jun 11 2021)
Federal police broke Canada’s privacy laws by using a US company’s controversial facial recognition software in hundreds of searches, an independent parliamentary watchdog ruled Thursday.
Biometrics for banking and financial services market to reach $8.9 billion by 2026 (Help Net Security, Jun 10 2021)
The turn of next decade is expected to be more challenging for banks and financial institutions as security breaches become more sophisticated with technology advancements. Money laundering has become more widespread representing about 2%-5% of global GDP.
Authorities Take Down Stolen Login Credentials Marketplace Slilpp (SecurityWeek, Jun 11 2021)
Law enforcement agencies in the United States, Germany, the Netherlands, and Romania have taken down the stolen login credentials marketplace Slilpp, the U.S. Department of Justice announced on Thursday.
A Mystery Malware Stole 26 Million Passwords From Windows PCs (Wired, Jun 11 2021)
The credentials were part of a trove containing 1.2 terabytes of sensitive data extracted between 2018 and 2020.
Critical Entities Targeted in Suspected Chinese Cyber Spying (SecurityWeek, Jun 15 2021)
A cyberespionage campaign blamed on China was more sweeping than previously known, with suspected state-backed hackers exploiting a device meant to boost internet security to penetrate the computers of critical U.S. entities.
Identity management is now mostly about security (Help Net Security, Jun 15 2021)
IDSA released a study based on an online survey of over 500 IT decision makers. The report examines the impact that the pandemic and increase in remote work had on identity and access management (IAM) in the enterprise, as well as the implementation of identity-focused security strategies.
Smishing: Analyzing Sophisticated Scam Methods (Infosecurity Magazine, Jun 16 2021)
The rise of more sophisticated smishing methods has exacerbated the growing threat environment
Marketplace Selling Stolen Credentials Is Dismantled (Infosecurity Magazine, Jun 15 2021)
International operation takes down virtual Slilpp store selling over 80 million allegedly stolen credentials
Microsoft takes down large‑scale BEC operation (WeLiveSecurity, Jun 15 2021)
The fraudsters ran their campaigns from the cloud and used phishing and email forwarding rules to steal their targets’ financial information.
DuckDuckGo’s Quest to Prove Online Privacy Is Possible (Wired, Jun 16 2021)
The company best known for its search engine is launching a new set of tools aimed at creating an “easy button” for protecting your data online.