• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

InfoSec News From Last Week October 25th, 2021

October 25, 2021 By Josh Stuifbergen

 

Exploit Broker Zerodium Increasing Focus on VPNs

The exploit broker Zerodium announced they are seeking exploits for ExpressVPN, NordVPN, and Surfshark VPNs. VPNs are becoming a more lucrative target.  Zerodium’s announcement has brought attention to that. Many use VPNs because they believe it protects their privacy. However, it also puts the responsibility of that information into the hands of a VPN company instead of your internet service provider or phone carrier. Therefore, it involves tradeoffs with whom you entrust more with your private data. The VPN market has been consolidating, with ExpressVPN being the most recent notable acquisition by Kape Technologies. The low-cost price of VPNs and business model may leave some weary on where the real profits lie.

The FTC Publishes a Report on the State of ISP Privacy

Internet Service Providers (ISPs) collect an extensive amount of consumer data. Many perhaps already knew and assumed this. Often the data is shared with advertising companies. The Federal Trade Commission (FTC) released a report on the state of consumer privacy among six major ISPs. The FTCs report makes it clear that very sensitive and private data is gathered, and correlated between other sources, which is making it hard for anyone’s data to remain truly anonymous even with deidentification methods used. Data gathering laws are important as many consumers don’t have a free-market choice to choose an ISP as many are only left with one option. The Federal Communication Commission (FCC) is seeking to gain legal authority over ISPs as it had been slated to do in 2017 but was overturned in a Congressional vote. The rules would have required ISPs to obtain user permission before collecting online activity data.

Ransomware Groups Consider Themselves the Victim

It has only been a week since US agencies took part in a takedown over REvil ransomware group’s infrastructure. Other ransomware groups have begun to show their frustrations. The Groove ransomware group called on like-minded groups in a blog post to focus their targets on US assets.  The Conti ransomware group followed with a post that included a long list of grievances such as the US Federal Government being “the biggest ransomware group of all time” and questioning the legality of the US agencies offensive hacking tactics (with little irony of their own criminal actions).

From Bleeping Computer

Apple is Consolidating iOS Advertising Data

Apple’s privacy tightening has resulted in a windfall for their in-house advertising. Apple tripled their iOS advertising share and now controls 58% of the market. This has come at the expense of other ad networks such as Facebook and Google Ads. Apple’s advertising is considerably more effective over rivals now that they have advantageous access to iOS data. This imbalance resulted in tumultuous share prices for Snapchat, which released underwhelming third quarter financial results.  This is partially attributed to their iOS adverting woes. It remains to be seen if Apple’s privacy restrictions are a net benefit for the consumer if that means that information is being consolidated to mainly one company (Apple).

Share This:

Related

Filed Under: Editorial Articles Tagged With: advertising, Apple, Conti, FCC, FTC, Groove, iOS, ISP, Kape Technologies, REvil, SnapChat, VPN, Zerodium

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Malvertising, Ransomware, and Alleged IRS Breach
  • Law Enforcement Infiltrate and Seize Hive Ransomware Operation
  • The RCE Vulnerability That Wasn’t
  • Cybersecurity News: ACLU Unveils Mass Surveillance Program, (More) Malvertising, and Breaches

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • CISA Warns of Weaponized RMM Software
  • Cybersecurity News: ACLU Unveils Mass Surveillance Program, (More) Malvertising, and Breaches
  • Law Enforcement Infiltrate and Seize Hive Ransomware Operation
  • Report Roundup
  • Cybersecurity News: Malvertising, Ransomware, and Alleged IRS Breach
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use