A Review of the Best News of the Week on Identity Management & Web Fraud
Combating deepfakes: How we can future-proof… (Help Net Security, Jul 20 2021)
So, an obvious question is whether deepfakes are powerful enough to fool the biometric-based solutions on which institutions such as banks and governments are becoming so dependent. Answer = not yet
Spam Kingpin Peter Levashov Gets Time Served (Krebs on Security, Jul 20 2021)
A federal judge in Connecticut today handed down a sentence of time served to spam kingpin Peter “Severa” Levashov, a prolific purveyor of malicious and junk email, and the creator of malware strains that infected millions of Microsoft computers globally. Levashov has been in federal custody since his extradition to the United States and guilty plea in 2018, and was facing up to 12 more years in prison. Instead, he will go free under three years of supervised release and a possible fine.
Catholic priest quits after “anonymized” data revealed alleged use of Grindr (Ars Technica, Jul 21 2021)
Location data is almost never anonymous.
Filter Out the Noise
Since I started this curated security news in June 2017, I’ve clipped ~20,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
Grindr Has Been Warned for Years About Its Privacy Issues (VICE, Jul 22 2021)
For years, security and privacy researchers found serious vulnerabilities in Grindr, allowing them do deanonymize and geolocate users.
Twitch streamers rake in millions with a shady crypto gambling boom (Ars Technica, Jul 18 2021)
Company “closely monitor[s] gambling content,” but experts say some promos may be illegal.
Counterfeiters are hungry for a piece of Apple’s $16B AirPod market (Ars Technica, Jul 16 2021)
Counterfeit earbud seizures at the border are up 63% so far this year.
Researchers Create New Approach to Detect Brand Impersonation (Dark Reading, Jul 16 2021)
A team of Microsoft researchers developed and trained a Siamese Neural Network to detect brand impersonation attacks.
How to Bridge On-Premises and Cloud Identity (Dark Reading, Jul 15 2021)
Identity fabric, a cloud-native framework, removes the need for multiple, siloed, proprietary identity systems.
Why People’s Faces Look Way Different Under Their Masks Than You Expect (VICE, Jul 20 2021)
Our brains fill in what we can’t see—like the lower half of someone’s face—but those predictions are often incorrect.
People Are Freaking Out Over an Anonymous Crypto Wallet ‘Ban’. Should They? (VICE, Jul 20 2021)
A new EU proposal aims to force service providers to collect information on customer accounts, sparking a furor of concern and misunderstanding.
Identity and PAM meet in the Cloud (Cloud Security Alliance, Jul 21 2021)
At the end of 2020, CSA published The 2020 State of Identity Security in the Cloud.Goals of the study Determine the use and challenges of public cloud workloads today and 1 year from now. Understand cloud IAM challenges, specifically human and machine identity challenges.