Tougher European privacy rules coming, another computer processor bug found and Roaming Mantis malware spreads
We’re bringing you the latest cyber security news Welcome to Cyber Security Today. It’s Wednesday May 23rd. To hear the podcast, click on the arrow below:
This week you’ll be hearing a lot about corporate privacy policies because on Friday a new European Union privacy law called the General Data Privacy Regulation, or GDPR, comes into effect. Any company that collects personal data of EU citizens has to obey it. Microsoft has just announced that as part of its compliance with the law its updated privacy policies will be available to all users around the world, not just in the EU. That includes the right to know what data Microsoft collect about you, the right to correct that data, and to make the company delete it. Some companies may only allow stronger privacy protections for European customers. Meanwhile, tomorrow Google has invited groups representing online content publishers to meetings in several cities to explain its new GDPR policies for advertising. It isn’t clear, however, how many will show up. Some publishers have complained Google is using the law to force new and allegedly unfair terms on them, including keeping mum about how Google will use their data.
There are two types of computer bugs you have to worry about: Those in your software – like in Windows – and those in hardware. At the beginning of the year news broke that computer processors from Intel, AMD and others were vulnerable to leaking sensitive data from three flaws dubbed Spectre and Meltdown. Now a fourth variation has been found. So on Monday, Intel, AMD, ARM, IBM, Microsoft and other major tech companies released updates, mitigations and advisories to handle the new problem. It is thought browsers have already been fixed to lower the odds of exploiting all of these bugs. Intel says computer manufacturers should be releasing patches shortly for machines they make and sell. However, there may be a small performance hit. Watch out for advisories from your computer manufacturer.
Finally, Kaspersky Lab is warning that a malware for Android phones it calls Roaming Mantis is spreading. It used to be aimed mainly at Asian users who were directed to malicious Web sites and told to download a Facebook or Android file. Recently distribution has broadened to include web sites in many more languages, including English. The file, of course, is malware. Not only that, the group behind this is now targeting iPhones and iPads, getting them to go to a site that looks like its run by Apple. And, it’s also now targeting desktop computers so it can install cryptomining software, which will slow your computer down. A small number of infections have been seen in the U.S. None in Canada – yet. One way to protect yourself is to resist downloading anything you haven’t asked for. Another is to keep software on all your devices up to date.
That’s it for Cyber Security Today. Subscribe on Apple Podcasts, Google Play, or add us to your Alexa Flash Briefing. Thanks for listening. I’m Howard Solomon.