 |
The IT Privacy and Security Weekly Update.Author: R. Prescott Stearns Jr.
Into year five for this award-winning, light-hearted, lightweight IT privacy and security podcast that spans the globe in terms of issues covered with topics that draw in everyone from executive, to newbie, to tech specialist. Your investment of between 15 and 20 minutes a week will bring you up to speed on half a dozen current IT privacy and security stories from around the world to help you improve the management of your own privacy and security. Language: en-us Contact email: Get it Feed URL: Get it iTunes ID: Get it |
Listen Now...
EP 238.5 Deep Dive - The IT Privacy and Security 'Times Are a Changin' Weekly Update for the Week Ending April15th., 2025
Episode 238
Thursday, 17 April, 2025
What personal information was compromised in the Hertz breach?The breach exposed customer names, birth dates, contact info, driver's licenses, payment cards, and some Social Security numbers. It stemmed from a cyberattack on Cleo, a third-party vendor previously targeted in a mass-hacking campaign.How is air travel changing, and what are the privacy implications?ICAO aims to replace boarding passes with digital travel credentials using facial recognition and mobile passport data. While data is reportedly deleted quickly, the expansion of biometric surveillance raises major privacy and security concerns.Why is the EU giving staff burner phones for U.S. trips?To mitigate potential U.S. surveillance risks, the EU is issuing burner phones to officials visiting for IMF/World Bank meetings—echoing similar precautions for China and Ukraine. It signals growing distrust in transatlantic cybersecurity.How are North Korean hackers using LinkedIn?Groups like Lazarus use fake recruiter profiles to trick targets into opening malware-laden job materials. These campaigns steal credentials and crypto, funding North Korea’s sanctioned activities and highlighting the rise of social engineering threats.Why is Let's Encrypt shortening TLS certificate lifespans?Let's Encrypt now issues 6-day certificates, down from 90. Benefits include improved security and automation; drawbacks involve more frequent renewals, which could create dependency on issuing infrastructure.What is the "Smishing Triad" targeting now?This group has moved from fake delivery texts to targeting banks via iMessage and RCS phishing. They steal banking info to load stolen cards into mobile wallets, illustrating more advanced and lucrative phishing tactics.What’s the significance of China acknowledging U.S. infrastructure hacks?China’s tacit admission of involvement in Volt Typhoon cyberattacks marks a shift in tone. The U.S. sees these as strategic signals, intensifying concerns about critical infrastructure security amid geopolitical tension.What is Android’s new auto-reboot security feature?Android phones will now reboot automatically after three days of inactivity. This clears memory, closes apps, and requires re-authentication—reducing the risk of unauthorized access.
