Firewalls Don't Stop Dragons Podcast
The Data Dam is Breaking
This week we’ll talk about three significant new data breaches. Each of these data leaks are important in different ways, but the trend is clear: data wants to be free. First of all, we need to stop collecting so damn much of it. But second, we need to make it more expensive for data-collectors who are criminally negligent with the protection of our data. Right now, it’s cheaper to let it escape than to spend time, effort and money to protect it. (In my Tip of the Week, I’ll tell you about a great free tool that will let you protect your own data.)
In other news: Google patches some serious zero-day Chrome bugs and I’ll explain how they work; personal data for many California gun owners was leaked; Marriott suffered yet another customer data breach; personal data on over 1 billion people in China is up for sale; Crypto exchange Coinbase is sharing info with US immigration enforcers; a sophisticated malware named ZouRAT is infecting SOHO routers; a new Windows worm appears to be coming from infected USB devices; a free decryptor has been released for AstraLocker and Yashma ransomware; Apple’s new Lockdown mode shows real promise; and the US Immigration and Customs Enforcement agency has become a full-tilt mass surveillance organization.
Article Links
- [Naked Security] Google patches “in-the-wild” Chrome zero-day – update now! https://nakedsecurity.sophos.com/2022/07/05/google-patches-in-the-wild-chrome-zero-day-update-now/
- [Gizmodo] California Gun Owners Had Lots of Their Data Exposed by the State Government https://gizmodo.com/california-gun-owners-data-exposed-state-justice-dept-1849124116
- [TechCrunch] Hotel giant Marriott confirms yet another data breach https://techcrunch.com/2022/07/06/marriott-breach-again/
- [ZDNet] Giant data breach? Leaked personal data of one billion people has been spotted for sale on the dark web https://www.zdnet.com/article/giant-data-breach-leaked-personal-data-of-one-billion-people-has-been-spotted-for-sale-on-the-dark-web/
- [The Intercept] Cryptocurrency Titan Coinbase Providing “Geo Tracking Data” to ICE https://theintercept.com/2022/06/29/crypto-coinbase-tracer-ice/
- [Ars Technica] A wide range of routers are under attack by new, unusually sophisticated malware https://arstechnica.com/information-technology/2022/06/a-wide-range-of-routers-are-under-attack-by-new-unusually-sophisticated-malware/
- [PCM] Hundreds of Windows Networks Are Infected With Raspberry Robin Worm https://www.pcmag.com/news/hundreds-of-windows-networks-are-infected-with-raspberry-robin-worm
- [BleepingComputer] Free decryptor released for AstraLocker, Yashma ransomware victims https://www.bleepingcomputer.com/news/security/free-decryptor-released-for-astralocker-yashma-ransomware-victims/
- [9to5mac.com] Firefox now lets users remove tracking parameters from URLs to enhance privacy https://9to5mac.com/2022/06/29/tracking-parameters-urls-firefox/
- [Ars Technica] Why Lockdown mode from Apple is one of the coolest security ideas ever https://arstechnica.com/information-technology/2022/07/introducing-lockdown-from-apple-the-coolest-defense-youll-probably-never-use/
- Data-Driven Deportation in the 21st Century https://americandragnet.org/
- Tip of the Week: https://firewallsdontstopdragons.com/creating-a-file-vault-with-cryptomator/
Further Info
- Cryptomator: https://cryptomator.org/
- Donate directly with Monero! https://firewallsdontstopdragons.com/contact/
- Seth interview on cryptocurrency: https://podcast.firewallsdontstopdragons.com/2022/06/06/cryptocurrency-101/
- Amulet of Entropy!!:https://amuletofentropy.com/
- No More Ransom. A non-profit devoted to helping break ransomware crypto so that victims don’t have to pay.
- ID Ransomware. A tool for identifying which ransomware you’ve been infected with and then guiding you to other resources for help.
- Subscribe to the newsletter: https://firewallsdontstopdragons.com/newsletter/new-newsletter/
- Become a Patron! https://www.patreon.com/FirewallsDontStopDragons
- Would you like me to speak to your group about security and/privacy? http://bit.ly/Firewalls-Speaker
- Generate secure passphrases! https://d20key.com/#/
Table of Contents
Use these timestamps to jump to a particular section of the show.
- 0:00:19: website facelift
- 0:01:35: Added Monero “tip jar” support option
- 0:02:02: Amulet of Entropy update
- 0:02:38: News overview
- 0:04:24: Chrome 0-day bugs with explanation
- 0:12:27: California gun owner info leaked
- 0:15:23: Another Marriott data breach
- 0:17:36: Personal data of 1 Billion people leaked
- 0:20:13: Coinbase providing info to ICE
- 0:25:28: Routers under attack by ZouRAT
- 0:31:06: New Windows network worm
- 0:34:23: Free decryptor for AstraLock ransomware
- 0:37:50: Firefox removes tracking parameters
- 0:40:04: Apple’s new Lockdown mode
- 0:45:19: Data Driven Deportation
- 0:48:39: Tip of the Week
- 0:54:19: Outro
- 0:54:38: How to donate Monero
- 0:56:16: podcast review
- 0:57:24: Previews