Welcome to The Dashlane Tech Check for March 31, 2017!  I’ll help you catch up on Dashlane-related news and the big news in the tech industry. And just for fun, I’ll include a useful lifehack that will keep you safe and secure all year long.

What in the (Security) World?

Here’s what made headlines this week in the world of digital identity, security, and privacy:

U.S. Congress voted to overturn online privacy rules. Here’s everything you need to know.

 

On Tuesday, Congress approved a measure to dismantle online privacy rules created by the Federal Communications Commission (FCC) that was set to take effect this October.  The measure would have required any internet service providers (ISPs)–Comcast, AT&T, Time Warner Cable, etc–to get permission from users before collecting and selling their personal data and online activities. Here’s everything you should know:

  • ISPs have access to a wide range of data, including what websites your visit, what apps you use, your browsing history, and personally identifiable information like your name, address and even your social security number.
  • According to The Verge, Republicans’ argument for overturning the rule is that it discriminated against ISPs, even though sites like Google and Facebook do the same thing. They also argue that the rule makes it difficult for consumers to know exactly who gets to see their online activities.
  • Do Facebook and Google have access to all your data? The Verge says not exactly: “Google and Facebook can’t see your web browsing history, they can only see what you click on while you’re on their own websites or on websites connected to their ad networks.”
  • Don’t expect a massive amount of ads and spam just yet. The FCC’s rules have not taken effect, meaning you won’t see any immediate changes to your online experience.
  • This measure also makes another blow to advocates for stronger privacy protections. According to The Verge, this measure also means that the “FCC won’t be able to pass privacy restrictions protecting all web browsing history again since the resolution prevents it”.
  • While there isn’t a foolproof way to protect your data, Runa Sandvik, director of information security for The New York Times recommends investing in a virtual private network (VPN) to protect your browsing information, and a Tor–a software program that encrypts your browsing activity and masks your online identity.

Learn more about this measure and what you can do to protect your data here.

Russian hackers targeted Clinton’s email ahead of 2016 election

 

Motherboard is reporting new evidence which shows that Russia’s military intelligence agency, the GRU, attempted to hack members of the US military, international diplomats, Russian government critics, Hillary Clinton’s campaign staffers, and Clinton’s official campaign email address. Researchers determined that over 19,000 phishing links were sent to over 6,700 targets worldwide. 

Airlines are finding workarounds for electronics ban

Turkish Airlines and Etihad are finding workarounds to the U.S. and U.K. electronics ban for inbound travelers from a number of Middle Eastern countries. The Verge reports that both airlines have announced programs to load laptops to passengers in business class on U.S. inbound flights. Qatar Airlines also announced that they will offer one hour of free Wi-Fi to all passengers and charge an addition $5 for Wi-Fi access for the length of their flight.

A massive 54-hour DDoS attack targets a US university

Security researchers at Imperva Incapsula have discovered a new version of the IoT-powered Mirai botnet that carried out a 54-hour DDoS attack on a US university last month. “We also noticed that the DDoS bots used in the attack were hiding behind different user-agents than the five hard coded in the default Mirai version,” said Dima Bekerman of Imperva Incapsula. “This, and the size of the attack itself led us to believe that we might be dealing with a new variant, which was modified to launch more elaborate application layer attacks.”

The Pew Research Center put Americans’ cybersecurity knowledge to the test

The Pew Research Center published a quiz testing how much Americans know about personal cybersecurity. Overall, only 1 percent of quiz-takers got all 13 multiple-choice questions right, and 50 percent of respondents answered only 4 questions correctly. See the full results here.

Almost half of UK firms have no cybersecurity policy in place

A report from the Institute of Directors and Barclays Bank discovered only 56 percent of UK firms have some sort of cybersecurity policy in place to protect devices and data, although 95 percent said they considered cybersecurity to be important to their business. 

Breach Alerts

2 laptops containing data for 3.7 million Hong Kong voters is reported stolen

 

Two government laptops containing the names, addresses, and identity cards for 3.7 million registered voters in Hong Kong was stolen. Mashable reports that the laptops were stolen from a locked room on Lantau Island. Hong Kong’s privacy commissioner for personal data says they’re launching a “routine probe” into the theft. 

Millions of credit card details and passwords were leaked by Microsoft’s Docs.com

Security researchers discovered that Microsoft’s Docs.com is automatically sharing credit card details, passwords, and social security numbers online, potentially affecting millions of users. Reportedly, the data can be easily accessed using the site’s search engine; Microsoft initially removed the search function to alleviate the issue, but results still appeared in Google’s cached search results. It’s still unclear how many users are affected. 

Dashlane News You Shouldn’t Snooze

Dashlane CEO Emmanuel Schalit offers advice on when you shouldn’t use a credit card for an online payment

Check your credit score often.

Dashlane CEO Emmanuel Schalit offered his insights on a time when you absolutely shouldn’t use your credit card to make an online purchase to Reader’s Digest. He advises avoiding inputting any personal or credit card information into a website using an insecure or public Internet connection. “Delete Wi-Fi networks from your devices that aren’t yours, and make sure to secure your Wi-Fi connection with a unique, private password,” Schalit suggests. Read the full article here.

This Week’s Lifehack to Improve Your Security

As you already know, password managers do much more than just protect and save your passwords. They can also protect your personal and financial information from scammers, hackers, and identity thieves! In our latest blog post, we should you how to use 3 features in Dashlane’s password manager to keep your personal and financial data secure while filing your taxes.

Have any thoughts on any of the news I shared? Leave me a comment below and make sure to visit our blog next week for another edition of The Dashlane Tech Check.

Also, don’t forget to follow us on Twitter to always be in the know! In our last Tech Check, changeable “lip passwords” could be the future of biometric authentication, WikiLeaks published another cache of CIA documents, and US intelligence officials dismiss President Trump’s wiretapping claims. 


Stay in the know about all things tech, security, and privacy! 
Pucker up! Your lips could be the future of biometric authentication
63 million LinkedIn users have weak passwords. Are you one of them?
5 major revelations you should know from the WikiLeaks CIA cache
The latest Yahoo security breach you didn’t hear about
Here’s everything you need to know about Cloudflare and how to keep your data safe