don’t panic anyone, but there is a serious flaw in all supported versions of Microsoft Windows that allows attackers to take control of your machine. The so-called Follina vulnerability can be exploited using a weaponized Word document, and security researchers say they have already spotted government-backed hackers using this attack in the wild. Fingers crossed that Microsoft, which downplayed the severity of the flaw, will soon release a patch.
Speaking of patches, everything from Apple’s iOS and Google Android to Chrome, Firefox and Zoom received major security updates in May. Check out our full list of available updates to see which apps you need to check out ASAP.
We also explored the race to protect your voice from hackers and corporate greed. And we tried to unravel the mystery of China’s sudden warnings about US state-sponsored hackers going after Chinese systems, despite the fact that these hacks are well known and happened a long time ago. .
Meanwhile, in India, the country’s telecommunications regulator is preparing to crack down on robocall spam and scammers by requiring caller names to appear on caller ID. The idea sounds good, until you realize the privacy implications and the fact that such a plan might not even work.
Finally, because nothing is sacred, the Privacy Commissioner of Canada announced this week that a mobile app for Tim Hortons, the beloved coffee chain, illegally spied on its users’ locations. The app, which used location tracking technology from US company Radar, collected a constant stream of location data from users – checking as often as every 2.5 minutes – and created an ‘event’ whenever a user was “entering or leaving” their home, office, large sports complex or rival cafe, according to the commissioner’s office.
But that’s not all, guys. Every week, we round up the big security and privacy news that we haven’t covered ourselves. Click on the links for the full stories and stay safe.
If you lived in Illinois between May 1, 2015 and April 25, 2022, Google may owe you money. The company recently settled a class action lawsuit over a feature in the Google Photos app that categorized photos of people based on their faces. The problem ? According to the lawsuit, Google failed to receive consent from millions of users, a violation of the state’s biometric information privacy law. Google did not admit wrongdoing as part of the settlement, but it agreed to pay $100 million and put in place measures to prevent further privacy breaches. If you were an Illinois resident during that seven-year period and appeared in a photo uploaded to the Google Photos app, you can file a claim for your piece of the $100 million pie.
The blurred line between “at war” and “not at war” has become even more blurred this week. General Paul Nakasone, head of US Cyber Command and the NSA, told Sky News that the US military had carried out “a range of operations across the spectrum”, including “offensive, defensive and information” in support of the defense of Ukraine against Russian invasion. Nakasone declined to detail what these operations involved, but assured that they were perfectly legal. The general’s admission coincides with the US agreement to supply Ukraine with advanced missile systems with a range of 50 miles. The Kremlin reacted to this news by saying that the United States was “throwing oil on the fire”.
As part of the United States Supreme Court’s investigation into a leaked draft opinion striking down the guaranteed right to abortion in the United States, court clerks have been asked to hand over their private phone records and to sign an affidavit, according to CNN. This “unprecedented” decision is shocking to civil liberties advocates. As Albert Fox Cahn, founder of the Surveillance Technology Oversight Project, writes for WIRED: “The intrusive investigation reveals a troubling U-turn by the Supreme Court, and in particular Chief Justice John Roberts, on surveillance powers . Clerks, on the other hand, would be reluctant to refuse the request for telephone records or to consult a lawyer for fear of being wrongly suspected of having disclosed the draft notice to Politico Journalists.
A Trump-era conspiracy theory can finally be put to rest — theoretically, at least. A 52-page classified report into the “unmasking” of Michael Flynn, a former US national security adviser to Donald Trump, has been made public thanks to a Freedom of Information Act request filed by Jason Leopold from Buzzfeed News. Republicans have long accused Obama administration operatives of revealing Flynn’s name in classified documents for political purposes in the run-up to the 2016 election. But the Justice Department report, prepared by the former U.S. Attorney John Brash, found “no evidence that unmasking requests were made for political or other improper reasons during the 2016 election period or the transition period that followed.” Flynn ultimately resigned in 2017 for misleading Vice President Mike Pence about Flynn’s calls with Russia’s ambassador to the United States.