Hacking your finger takes on a whole new meaning. Meta/Facebook’s banning of Canadian news leaves victims of wildfires unable to share valuable and maybe even lifesaving information, QR Codes evade detection in phishing schemes and a legend has passed with the death of John Warnock, co-founder of Adobe.
These stories and a lot more as we bring you the top tech news on today’s Hashtag Trending.
I’m your host Jim Love, CIO of IT World Canada and Tech News Day in the US.
Biometric authentication, often hailed as a foolproof security measure, isn’t as invincible as it seems. While it’s undeniably more secure than traditional passwords, it’s not immune to cyberattacks. A recent discovery by NordVPN researchers unearthed 81,000 hacked digital fingerprints on Dark Web forums. The inherent nature of biometrics – being unchangeable – makes a breach like this all the more concerning. Once compromised, your identity could be at risk indefinitely.
Adrianus Warmenhoven, a cybersecurity expert at NordVPN, emphasizes, “While biometric data offers enhanced security compared to passwords, it’s not unhackable. The difference? You can reset a password, but biometric data, once lost, is gone for good. This makes it a prime target for cybercriminals.”
The digital realm is potentially teeming with your biometric data. From fingerprints to facial recognition, there are over 20 types of biometric data. Traditional methods like skimmers on ATMs have been used to steal fingerprints, but with the advent of deepfake technology, cybercriminals have more sophisticated tools at their disposal. They can now exploit personal content from social media, like selfies and videos, to craft fake biometric identifiers.
Warmenhoven points out, “Years of social media usage have left a treasure trove of biometric data. With advanced deepfake capabilities, this data can be weaponized against our privacy, often without our explicit consent.”
While device-based biometric data is relatively secure due to encryption, using biometrics with apps can be dicey. Users often unknowingly grant access to dubious app developers. Even trusted developers aren’t foolproof; data breaches can expose biometric data stored on servers or the cloud. Additionally, data transmission between a device and storage can be intercepted, posing another risk.
So, how can one shield their biometrics? Warmenhoven suggests:
Don’t blindly opt for biometric authentication. Assess the credibility of companies requesting that access.
Use biometrics in tandem with strong passwords and multi-factor authentication.
And surprise, surprise – for a VPN company. Use a VPN. Secure your internet connection to thwart interception of transmitted biometric data.
Sources include: NordVPN
The dispute between Meta and the Canadian government over news publisher subsidies has escalated with dire consequences. Wildfire evacuees in Yellowknife, Northwest Territories, report that Meta’s decision to block Canadian news on Facebook and Instagram is obstructing crucial emergency updates. The conflict stems from Bill C-18, requiring social media giants to compensate Canadian news publishers for shared content. In response, Meta halted news sharing in Canada.
The ban’s impact is especially severe in the North, where residents, amidst wildfires, rely heavily on these platforms for timely information. Ollie Williams, editor of Cabin Radio, criticized both Meta’s ban and the government’s role in the standoff. Despite the challenges, residents are finding alternative ways to share information. The Canadian government expressed disappointment in Meta’s stance, emphasizing the importance of reliable news during emergencies.
Sources include: CBC News
Cyber threat actors are leveraging QR codes in their phishing campaigns, aiming to deceive employees into downloading malware or giving away their credentials. A recent campaign targeted a significant U.S. energy firm, as revealed by a study from Cofense. But industries affected include manufacturing, insurance, technology, and financial services and a lot more. The cunning strategy behind using QR codes is their ability to conceal malicious URLs, which often go unnoticed even by wary employees. Moreover, scanning the QR code with a smartphone bypasses the organization’s anti-malware defenses. The phishing emails typically instruct victims to update their Microsoft or Salesforce security by scanning an attached QR code. Those who comply are redirected to a fake Microsoft or Salesforce login page, prompting them to input their credentials. This ongoing campaign, which commenced in May, cleverly uses URL redirects via the Bing search engine. However, the report does indicate that while QR codes can successfully deliver malicious emails, they might not always lead the user to the phishing site due to modern mobile devices’ security features.
Sources include: IT World Canada
Over 75,000 current and former Tesla employees have been alerted about an insider data breach involving the theft of personal information. The breach, which happened on May 10, came to light when a German media group informed Tesla that they had obtained a copy of the stolen data.
Tesla identified two of its former employees as the culprits, alleging that they had taken the data in violation of Tesla’s IT security and data protection policies and subsequently shared it with the media group.
The stolen data primarily consists of contact details, including addresses, phone numbers, and email addresses of the staff.
Tesla has taken legal action against the ex-employees, securing court orders that prevent further misuse of the stolen data and subjecting the violators to potential criminal penalties. The company is also offering credit monitoring support to the affected individuals.
Insider cyber-attacks, though not predominant, are not rare. Reports suggest that on average, 30 per cent of cyber-attacks can be attributed to insiders.
Sources include: IT World Canada
And another development in the great Linux debate that we’ve featured on our stories and our weekend editions interviews.
CIQ, SUSE, and Oracle have united to establish the Open Enterprise Linux Association (OpenELA), aiming to offer source code compatible with Red Hat Enterprise Linux (RHEL). This move comes as a counter to Red Hat’s decision to limit source code access from RHEL to only its paying customers. Gregory Kurtzer, CEO of CIQ, emphasized that OpenELA’s formation marks a new chapter for Enterprise Linux, ensuring a resilient future for both upstream and downstream communities.
OpenELA plans to release source code compatible with RHEL versions EL8, EL9, and possibly EL7 later this year. Their motto, “No subscriptions. No passwords. No barriers. Freeloaders welcome,” is a direct jab at Red Hat’s recent policy changes. Red Hat had shifted its focus to CentOS Stream, which some critics describe as a continuous rolling beta of RHEL’s next version.
While OpenELA has not detailed its strategy for maintaining RHEL compatibility, they have assured that distributions like Rocky Linux and Oracle Linux will remain fully compatible. OpenELA encourages other organizations, including AlmaLinux and even Red Hat, to join their initiative, aiming to establish a community-driven standard for the Enterprise Linux ecosystem.
Sources include: IT World Canada
Dr. John Warnock, the visionary co-founder of Adobe, passed away at the age of 82. His pioneering efforts, alongside co-founder Dr. Charles Geschke, catalyzed the desktop publishing revolution. Their groundbreaking product, PostScript, emerged after they left Xerox Palo Alto Research Center (PARC) in 1982, dissatisfied with the company’s lack of interest in their innovative InterPress language. The two left PARC and formed a new company that we would all come to know – Adobe.
In 1987, Apple had licensed PostScript for its LaserWriter printers, and it swiftly became the industry’s standard printer language. And by 1991, another of Warnock’s concepts evolved into the ubiquitous Portable Document Format (PDF) we rely on to this day.
Warnock was CEO of the company until 2000 but remained on the board until his death.
He received numerous awards for his contributions to science and technology but Adobe’s current Chair and CEO’s tribute to Warnock’s went beyond his impact on the industry, emphasizing his unwavering spirit, passion, and Warnock’s keen insight into customer-centric technologies as well as his dedication to setting high standards for customer empathy, a sentiment echoed by his artist wife, Marva, who frequently used Adobe products.
That’s the top tech news stories for today.
A small editorial note, I picked up two security related stories today. I do pull them in, but only when they have a real newsworthy slant to them, but if cybersecurity is important to you, you may want to subscribe to my colleague Howard Solomon’s podcast CyberSecurityToday. It’s one of the top-rated podcasts across North America and Howard not only keeps you up to date, he makes the subject accessible to all. Go to itworldcanada.com/podcasts or wherever you get your podcasts and get Cybersecurity Today.
Hashtag Trending goes to air 5 days a week with a special weekend interview show we call “the Weekend Edition.”
I’m your host, Jim Love. Have a terrific Tuesday!