In today’s cybersecurity news…
LinkedIn halts AI data processing in UK due to privacy concerns
Following up on a story we covered on last Friday’s Week In Review show, the UK Information Commissioner’s Office (ICO) has confirmed that LinkedIn “has suspended processing users’ data in the country to train its artificial intelligence (AI) models.” This follows an admission by the Microsoft-owned company that it had been using its members’ data to train its own AI without seeking those members’ explicit consent. This is as part of an updated privacy policy that went into effect on September 18 of this year. Users who reside outside Europe can also opt out of the practice by changing the settings in the “data privacy” section of account settings and turning off the “Data for Generative AI Improvement” option.
Ukraine bans Telegram Use for government and military
Citing national security concerns, Ukraine’s National Coordination Centre for Cybersecurity has “restricted the use of Telegram by government officials, military personnel, and other defense and critical infrastructure workers.” Ukraine’s National Security and Defense Council (NSDC) said that Telegram is “actively used by the enemy” to launch cyber-attacks, spread phishing messages and malicious software, track users’ whereabouts, and gather intelligence to help the Russian military target Ukraine’s facilities with drones and missiles. The ban does “not extend to personal phones, or people who use the app as part of their official duties.”
Dismissed German cyber chief falsely accused of associating with Russian spies
Arne Schönbohm was the head of Germany’s federal cybersecurity office until he was dismissed two years ago, following a scandal that suggested he had connections to Russian spies. The allegations were made on a late-night satirical program, ZDF Magazin Royale. The Munich Regional Court has now made a preliminary assessment against the program. Schönbohm is suing ZDF as well as pursuing a separate case against his former employer, the Federal Office for Information Security (BSI) for unfair dismissal.
Huge thanks to our sponsor, Vanta
With Vanta Questionnaire Automation, security & compliance teams can complete security reviews up to 5 times faster, giving you time back to focus on running your security & compliance programs.
Over 8,000 global companies like ZoomInfo, SmartRecruiters and Noibu use Vanta to save time on security reviews.
Visit vanta.com to learn more about Questionnaire Automation.
Airline executive’s lawsuit exposes hack-for-hire practice
According to The Record, aviation executive Farhad Azima “settled litigation this week against the law firm Dechert and two of its former attorneys who he alleged were involved in the hacking of his personal accounts in order to smear his reputation.” This case is drawing attention to a practice conducted by some law firms, private investigators, and mercenary companies to steal information through cyberattacks. Azima is based in Missouri. The law firm Dechert practices globally, with a head office in Philadelphia. The Record states that on behalf of their United Arab Emirates-based client, the firm allegedly hired a private investigator in North Carolina, who then hired India-based hacking firms. Dechert representatives told Reuters the case had been settled “without admission of liability.”
Microsoft ends development of Windows Server Update Services
This announcement means that Windows Server Update Services (WSUS) is now deprecated, but Microsoft intends to maintain current functionality and continue publishing updates through the channel. This follows a statement made by the company in August in which it described the service as one of the “features removed or no longer developed starting with Windows Server 2025.” Windows Server Update Services was originally introduced in 2005 as Software Update Services (SUS), to help IT administrators manage and distribute updates consistently for Microsoft products across large corporate networks.
Massive waves of spoofed traffic called “noise storms” perplex researchers
Since January 2020, the security firm GreyNoise Intelligence has been tracking a phenomenon consisting of massive waves of spoofed traffic involving millions of spoofed IPs, targeting major internet providers such as Cogent, Hurricane Electric, and Lumen, while intentionally avoiding AWS. Called “noise storms,” the researchers suggest they “could be associated with covert communications, Distributed Denial of Service (DDoS) attacks, or misconfiguration.” The millions of spoofed IP addresses generate unusual network activity, primarily focusing on TCP connections to port 443 (HTTPS) and ICMP packets, but without UDP packets that are usually associated with DDoS attacks. The experts observed “GreyNoise speculate that a sophisticated threat actor “with a clear agenda” may be behind the mysterious traffic. Though the traffic seems to originate from Brazil, links to Chinese platforms like QQ, WeChat, and WePay suggest deliberate obfuscation to conceal the true source.”
FTC issues report on online surveillance and privacy concerns.
The U.S. Federal Trade Commission (FTC) published a staff report on Thursday alleging that social media platforms and streaming services have “engaged in vast surveillance of consumers in order to monetize their personal information while failing to adequately protect users online, especially children and teens.” The report mentions Amazon (owner of Twitch), Facebook (now Meta), YouTube, Twitter (now X), Snap, ByteDance (owner of TikTok), Discord, Reddit, and WhatsApp. The report found that “the companies collected and could indefinitely retain troves of data, including information from data brokers, and about both users and non-users of their platforms. The staff report further highlights that many companies engaged in broad data sharing that raises serious concerns regarding the adequacy of the companies’ data handling controls and oversight. In addition, the staff report found that some companies did not delete all user data in response to user deletion requests.”