Welcome to The Dashlane Tech Check for April 27, 2017! I’ll help you catch up on Dashlane-related news and the big news in the tech industry. And just for fun, I’ll include a useful lifehack that will keep you safe and secure all year long.
What in the (Security) World?
Here’s what made headlines this week in the world of digital identity, security, and privacy:
FCC published full plan to reverse Title II net neutrality rules. Here’s what you need to know.
The Federal Communications Commission (FCC)’s chairman Ajit Pai announced the agency’s plan to remove the Internet’s “common carrier” status under Title II of the Telecommunications Act. The Verge says that Pai called the rules “heavy handed” and claimed the rules were “about politics.” In a statement released Wednesday, Pai said, “Earlier today I shared with my fellow commissioners a proposal to reverse the mistake of Title II and return to the light touch framework that served us so well during the Clinton administration, Bush administration, and first six years of the Obama administration.”
Here’s what’s you should know about the FCC’s draft proposal and the fight for net neutrality:
- It’ll undo “the legal authority used to implement net neutrality” known as Title II and “reclassify internet providers as Title I information services” in order to return to a “light-touch regulatory framework.”
- The FCC’s proposal also aims to “prevent the FCC from adopting any net neutrality rules to practices that internet providers haven’t thought up yet” and it’ll review rules regulating ISPs on things like blocking or throttling websites.
- The proposal aims to give the FCC the return the authority to “police the privacy practices of Internet service providers.” However, as The Verge points out, a 2014 court ruling found that “the FCC does have some authority to implement these kinds of rules. But critically, implementing them in full is illegal unless they’re also using Title II”.
- Members of The Internet Association, including Google, Facebook, Netflix, and more than 40 internet giants said there’s no reason to change the rules. “The current FCC net neutrality rules are working and these consumer protections should not be changed,” said the group’s CEO, Michael Beckerman.
- Also, more than 800 startups, innovators, and investors published a letter to Pai stating they’re “deeply concerned with [his] intention to undo the existing legal framework” protecting net neutrality.
- The published proposal will be voted on by the FCC–not the public–at a meeting on May 18th. Then, after months of debate and public comments, the commission will revise the rules based on feedback before taking a final vote to enact them.
48 percent of U.S. government organizations say they’re “very” or “extremely” vulnerable to data breaches
Infosecurity Magazine cites a 2017 Thales Data Threat Report that found that 65 percent of U.S. government organizations experienced a data breach at some point and 34 percent have experienced one in the last year. In addition, 96 percent of organizations consider themselves vulnerable to a data breach, while 48 percent felt “very” or “extremely” vulnerable to a data breach. Why do these government entities feel vulnerable? The study said that 53 percent of respondents cited a lack of budget and lack of staff.
Russian hackers have been targeting French presidential candidate Emmanuel Macron
French presidential candidate Emmanuel Macron has been targeted by the same Russian hackers who targeted the U.S. Democratic campaign leaders in the 2016 election, according to The New York Times. Security researchers from Trend Micro published a report saying that it spotted Russian operatives sending phishing emails to Macron’s campaign, with the intent to bolster National Front leader Marine Le Pen’s campaign.
LinkedIn’s opt-in ‘find nearby’ feature is met with criticism
Linkedin has apologized after it debuted a controversial new feature in its latest iOS update. According to Infosecurity Magazine, users were presented with this popup: “LinkedIn would like to make data available to nearby Bluetooth devices even when you’re not using the app. We will help you connect with others that are nearby.” With no clear information about the new feature, users raised concerns and outrage over the potential privacy implications. Microsoft responded swiftly saying the “opt-in ‘find nearby’ feature” was supposed to help members find other users but said the prompt to enable the feature “went out in error to a small group of LinkedIn members.”
A Microsoft Edge bug allows an attacker to steal users’ passwords from popular web services
Tom’s Hardware is reporting a security researcher found a serious flaw in Microsoft’s new browser. Manuel Caballero found a bug in the browser that would allow an attacker to steal a user’s passwords from popular web services due to Edge’s built-in password manager. He also found a SOP bypass in Edge that would allow a hacker to execute malicious code to tweet on behalf of the user.
Hackers can access the Hyundai mobile apps to unlock and start your car
A Recent version of the Hyundai’s Blue Link mobile app allows a hacker to remotely locate, unlock, and start your car, according to Rapid7 researchers. According to InfoSecurity Magazine, vulnerabilities in the app can also allow a hacker to access your personal information, including your username, password, PIN number, and historical GPS data.
Hipchat resets user passwords after suspected breach
Photo credit: HipChat
The group chat service, Hipchat said it was hit by a “security incident” that may have exposed users’ names, email addresses, and hashed passwords, and in some cases, some messages and content in chat rooms. According to PC World, the company is unsure how many users were affected, but maintains that no financial or credit information was taken.
Did Chipotle fall victim to a data breach?
Although the investigation is ongoing, CNBC is reporting that the burrito chain told investors that if had detected “unauthorized activity” on a network supporting payment processing at restaurants between March 24, 2017 and April 12, 2017. The company says that it has stopped the activity but complete findings won’t be available until after the investigation is complete.
Dashlane News You Shouldn’t Snooze
Dashlane CEO discusses Internet privacy and data security on ABC Eyewitness News and #TalkingTech Live
Dashlane CEO Emmanuel Schalit went to Los Angeles, CA to discuss internet privacy and data security. He was featured on KABC’s Eyewitness News at 7:00 pm. He also appeared on #TalkingTech’s Facebook Live video and was interviewed by USA Today’s Technology Correspondent and Dashlane evangelist Jefferson Graham!
This Week’s Lifehack to Improve Your Security
Did you know that 41 percent of small businesses were impacted by preventable mistakes made by negligent employees, contractors, and third-parties? It’s time for your organization to make cybersecurity awareness training the cornerstone of your security infrastructure. We asked 5 security experts and IT pros how to turn every employee into a cybersecurity pro using awareness training!
Have any thoughts on any of the news I shared? Leave me a comment below and make sure to visit our blog next week for another edition of The Dashlane Tech Check.