Privacy & Security  | | February 7, 2025 | | | Hi Readers, Cullen here. How secure is your messaging? In a previous edition, I told you that Chinese state hackers had comprehensively compromised the US telecommunications system. The US Cyber Safety Review Board is the body responsible for investigating the hack, but now that entire board has been laid off by the new administration. For the moment and for the foreseeable future, it would be worth paying a little extra attention to making sure that your sensitive information is only shared in encrypted channels. Read more about how to do that below! Cheers! | | | | Cullen Thomas,
Senior Instructor at iPhone Life | | | | | | - 🗒️✅ Your Security Checklist
- 🏆🎖️ Test Your Security Skills
- 📰 Your Weekly Security Update
- 🤨 This Should Be on Your Radar 📡
- 🍎📱Security Updates from Apple 🍎
| | | 🗒️✅ Your Security Checklist | | | | | 🏆🎖️ Test Your Security Skills | | | | What should you do in the following scenario? Your friend is organizing a vacation, and you have to send them a picture of your passport. What is the most secure method for sending sensitive information? - Email
- iMessage
- Signal
- Facebook Messenger
- Telegram
- WhatsApp
Scroll to the bottom to see how you did! | | | Marriott, Hyatt, & Other Hotel Chains May Have Lost Your Data to Hackers | | | | A company called Otelier that provides booking management software to numerous hotel chains has been hit by ransomware, and hackers made off with "millions" of records allegedly including names, addresses, phone numbers, and partial credit card numbers of guests. These kinds of stolen records help scammers to set up profiles on potential victims, as well as to execute identity theft schemes. The Bottom Line: To protect yourself, freeze your credit. This will prevent scammers from taking out loans in your name. Use a password manager so that all your passwords are unique. Use multifactor authentication so that stolen passwords do not compromise your other accounts. | | | 🤨 This Should Be on Your Radar 📡 | | | | Stock Market Disrupter DeepSeek Blames Signup Outage on Cyber Attack A new GenAI model from a Chinese startup called DeepSeek is supposedly more efficient than ChatGPT or other US-based competitors. Its unveiling caused Nvidia's stock to tumble by $600 billion. Meanwhile, users temporarily could not sign up for DeepSeek due to what the company is calling a cyber attack. To the Surprise of No One, Meta Is Training Its AI with User Data For users in the U.S. and Canada, Meta's AI chatbot will soon be able to collect data about you and the way you use Facebook and Instagram to create more personalized responses. For example, if you watched an Instagram Reel of a live music performance, Meta AI might suggest a local concert to you. According to Tech Crunch, there won't be a way to opt out. Browse in Privacy Through 2027 A VPN service is a crucial part of your online security toolkit. It encrypts your data and routes it through a secure connection, hiding your data from prying eyes. Sign up for NordVPN today and get 72% off in an exclusive iPhone Life deal! Great Opportunity or Investment Scam? Enterprise security company Tripwire has a great blog post on how to identify and avoid investment scams, which account for a staggering amount of theft every year. Worth a look. What Impact Trump's Executive Orders Will Have on Your Cybersecurity Firing the entire membership of the government board that was investigating the hack of US cellphone networks, calling for the development of cryptocurrencies, and ending policies meant to protect consumers from unethical use of AI are some of the highlights. Chris Krebs at Krebs on Security covers the cybersecurity aspects of the first weeks of the Trump Administration's efforts. New Unpatched Apple Processor Bugs Leak Secret Data to Web Browsers Security researchers have discovered a new set of speculative execution bugs in Apple's silicone processors for Mac. While these bugs likely do not yet pose any direct threat to current Mac users, they form the basis of future hacking efforts that permit secret data to be lifted through the Chrome and Safari web browsers, among other exploits. Apple has yet to release patches. | | | 🙈 Security Fail of the Week 👎 | | | | Researchers Say They Could Manipulate Solar and Wind Farms in Germany to Black Out the European Grid A pair of German researchers discovered that solar and wind farms are remotely controlled for the orders to add or withhold power from the grid using an unencrypted radio system. They were able to decode the commands that would cause up to 60Gw of generating capacity to withhold its power, enough to potentially ripple a blackout across the continent, using only off-the-shelf electronics and a radio antenna on a kite. Dan Goodin over at Ars Technica wrote up the story in an excellent and entertaining article. The Bottom Line: This kind of hack isn't all that practical, but it's cool! A lot of things would have to all work perfectly together to pull off a major disruption using this technique. Still, utility providers should probably be encrypting their control signals. | | | 🍎📱Security Updates from Apple 🍎 | | | | Everything you need to know about Apple's latest software updates. - The most recent iOS and iPadOS is 18.3
- The most recent macOS is 15.3
- The most recent tvOS is 18.3
- The most recent watchOS is 11.3
- The most recent visionOS is 2.3
| | The correct answer is D: Signal. This free messaging app uses end-to-end encryption and retains nothing about you. It allows you to send files, images, messages, and audio calls securely. iMessage, Telegram, Facebook Messenger, and WhatsApp all advertise similar capabilities but they are not as secure. Finally, email is not secure at all. Email is like a postcard: everyone who handles it can read it. | | There is far too much security and privacy news to cover it all. When building this newsletter, we look for scams, hacks, trouble, and news to illustrate the kinds of problems Apple enthusiasts may encounter in our private lives, and the self defense we can practice to keep our devices, accounts, and lives secure. Our commentary focuses on practical advice for everyday people. This newsletter was written by Cullen Thomas and Rhett Intriago and edited by Donna Schill. | | If you enjoyed this newsletter, you'll love all the security content available on iPhone Life Insider! This premium subscription includes: - The complete iPhone Life Privacy & Security Course for Apple Enthusiasts and other free online courses taught by expert instructors
- In-depth guides on everything from security to iPhone photography to other Apple devices
- Daily, bite-sized video tips on topics ranging from iCloud security to password management
- A digital subscription to iPhone Life Magazine, where you'll find articles covering the best security gear, apps, and in-depth how-tos
- The monthly premium iPhone Life Security Newsletter covering everything you need to know to keep your digital life secure
- Access to the ad-free version of the iPhone Life Podcast and exclusive bonus content
- Expert help with all your most pressing Apple Watch questions in our private Ask an Expert Facebook Group
Join the Insider community today and save 30 percent! | | Did we help with your security concerns? With your feedback, we can improve this security newsletter. Let us know how we did: | |
| | |
Comentarios
Publicar un comentario