How to Choose a PIN
Firewalls Don't Stop Dragons Podcast
Data Privacy Acts and Stalking Prevention in iOS Update
This chapter delves into the Vermont Data Privacy Act and the Maryland Online Data Privacy Act, emphasizing their data minimization rules and implications for state privacy regulations. It also explores the iOS 17.5 update's new cross-platform tracking detection system designed by Apple to combat stalking, including the anti-stalking feature in the Find My app to pinpoint and disable unwanted item trackers, showcasing collaborations to ensure device compatibility.
Security experts talk at length about how to choose a good password – but we don’t often talk about how to choose a good PIN code. A recent analysis by a researcher shows popular patterns humans use when choosing PIN codes, and therefore what you should avoid doing.
In the news: MediSecure e-Rx firm hit by data breach; CISA warns of active D-Link router exploit; a couple cases of insecure APIs being abused; 53k Nissan employees’ SSN’s leaked; new macOS malware called Cuckoo; Ascension Healthcare suffers cyberattack; Proton user’s poor OpSec gives him away; TunnelVision VPN attack exploits DHCP feature; Maryland & Vermont pass data privacy laws; tracker detection feature debuts on iPhone & Android.
Article Links
- [BleepingComputer] MediSecure e-script firm hit by ‘large-scale’ data breach https://www.bleepingcomputer.com/news/security/medisecure-e-script-firm-hit-by-large-scale-ransomware-data-breach/
- [The Hacker News] CISA Warns of Actively Exploited D-Link Router Vulnerabilities https://thehackernews.com/2024/05/cisa-warns-of-actively-exploited-d-link.html
- [Ars Technica] How I upgraded my water heater and discovered how bad smart home security can be https://arstechnica.com/gadgets/2024/05/how-i-upgraded-my-water-heater-and-discovered-how-bad-smart-home-security-can-be/
- [BleepingComputer] Dell API abused to steal 49 million customer records in data breach https://www.bleepingcomputer.com/news/security/dell-api-abused-to-steal-49-million-customer-records-in-data-breach/
- [infosecurity-magazine.com] 53,000 Nissan Employees’ Social Security Numbers Exposed https://www.infosecurity-magazine.com/news/employees-social-security-nissan/
- [Tom’s Guide] New Cuckoo macOS malware can take over all Macs and steal your passwords https://www.tomsguide.com/computing/malware-adware/new-cuckoo-macos-malware-can-take-over-all-macs-and-steals-your-passwords-too-dont-fall-for-this
- [Dark Reading] Ascension Healthcare Suffers Major Cyberattack https://www.darkreading.com/cyberattacks-data-breaches/ascension-healthcare-hit-by-cyberattack
- [restoreprivacy.com] Proton Mail Discloses User Data Leading to Arrest in Spain https://restoreprivacy.com/protonmail-discloses-user-data-leading-to-arrest-in-spain/
- [Ars Technica] Novel attack against virtually all VPN apps neuters their entire purpose https://arstechnica.com/security/2024/05/novel-attack-against-virtually-all-vpn-apps-neuters-their-entire-purpose/
- [mullvad.net] Evaluating the impact of TunnelVision https://mullvad.net/en/blog/evaluating-the-impact-of-tunnelvision
- [epic.org] Vermont Passes Landmark Data Privacy Bill https://epic.org/vermont-passes-landmark-data-privacy-bill/
- [epic.org] Governor Moore Signs Maryland Online Data Privacy Act https://epic.org/governor-moore-signs-maryland-online-data-privacy-act/
- [9to5Mac] Here’s how the new Cross-Platform Tracking Detection works https://9to5mac.com/2024/05/13/cross-platform-tracking-detection-ios-17-5/
- Tip of the Week: How to Choose a PIN https://firewallsdontstopdragons.com/how-to-choose-a-pin/
Further Info
- Send me your questions! https://fdsd.me/qna
- Check out my book, Firewalls Don’t Stop Dragons: https://fdsd.me/book
- Subscribe to the newsletter: https://fdsd.me/newsletter
- Become a patron! https://www.patreon.com/FirewallsDontStopDragons
- Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch
- Give the gift of privacy and security: https://fdsd.me/coupons
- Support our mission! https://fdsd.me/support
- Generate secure passphrases! https://d20key.com/#/
Table of Contents
Use these timestamps to jump to a particular section of the show.
- 0:00:34: Update Apple devices, Chrome
- 0:01:16: A note on supporting Firefox
- 0:03:48: News preview
- 0:07:00: MediSecure hit by large-scale data breach
- 0:09:01: CISA Warns of Actively Exploited D-Link Router Vulnerabilities
- 0:13:14: How I upgraded my water heater and discovered how bad smart home security can be
- 0:19:46: Dell API abused to steal 49 million customer records
- 0:23:11: 53,000 Nissan Employees’ Social Security Numbers Exposed
- 0:27:06: New Cuckoo macOS malware can take over all Macs and steal your passwords
- 0:32:41: Ascension Healthcare Suffers Major Cyberattack
- 0:35:22: Proton Mail Discloses User Data Leading to Arrest in Spain
- 0:43:35: Novel attack against virtually all VPN apps neuters their entire purpose
- 0:47:28: Mullvad: Evaluating the impact of TunnelVision
- 0:55:48: Vermont & Maryland Pass Data Privacy Laws
- 0:58:27: Here’s how the new Cross-Platform Tracking Detection works
- 1:01:50: Tip of the Week: How to Choose a PIN
- 1:10:12: Looking ahead
The AI-powered Podcast Player
