And that’s not all. Each week, we round up the security and privacy news we didn’t cover in depth. Click on the headlines to read the full stories. And stay safe out there.
If you use the uBlock Origin Chrome extension to filter online ads, expect to feel a little annoyed in the near future. Google has started rolling out new Chrome extension standards, called Manifest V3, which will disable the legacy version of the uBlock Origin extension that most users have likely installed. And even if you’re thinking, “Google is the silverback gorilla of online advertising, of course they’re finally forcing me to watch ads!” There is some good news. A new version of the Manifest V3 standards-compliant ad filtering extension, uBlock Origin Lite, is now available. On the other hand, it won’t block as much as the previous version of uBlock. Still, as a Google spokesperson told The Verge, you have options: “All of the major content filtering extensions have Manifest V3 versions available, with options for AdBlock, Adblock Plus, uBlock Origin, and AdGuard users.” Either way, you’ll soon need to install a new extension.
U.S. authorities announced charges this week against a 25-year-old Alabama man accused of hacking into the Securities and Exchange Commission’s X account. Prosecutors allege that Eric Council Jr. obtained personal information and false identification materials from a person who controlled the @SECGov account from unidentified co-conspirators. The council allegedly used the fake ID to carry out a SIM swapping attack, tricking AT&T retail store staff into giving it a new SIM card, which it eventually used to take control of the victim’s phone account. . The co-conspirators used that to gain access to the SEC’s X account, where they posted a false announcement about Bitcoin’s regulatory status, which was followed by a price jump of $1,000 per bitcoin. Council is charged with conspiracy to commit aggravated identity theft and access device fraud.
Supermarket chain Kroger has never widely used facial recognition technology in its stores and has no current plans to do so, a spokesperson told Fast Company this week. The company has faced a storm over its use of electronic shelf labels, concerns that ESLs could be used to impose price increases on popular items and fears that the devices could also be implemented with facial recognition. The company conducted a single-store facial recognition pilot of a technology called EDGE in 2019, but did not move forward with the service. US lawmakers, including Rashida TlaibElizabeth Warren and Robert Casey have publicly expressed concerns about Kroger’s use of ESL.
Microsoft told customers that it failed to capture more than two weeks of security logs from certain cloud services in September, including Microsoft Entra, Sentinel, Defender for Cloud and Purview. News of the lost logs was first reported by Insider business information. The company said in the notice that “a bug in one of Microsoft’s internal monitoring agents resulted in some of the agents malfunctioning when uploading logging data to our internal logging platform.” The blank runs from September 2 to 19. A Microsoft executive confirmed to TechCrunch that the incident was caused by an “operational error within our internal monitoring agent.”
System activity logs are crucial for all types of operations and are particularly used for security investigations and monitoring, because they can expose breaches and malicious activity. After Russian hackers breached US government networks via SolarWinds software in 2020, many agencies were unable to detect activity on their Microsoft Azure cloud services because they were not paying for the level features. premium from Microsoft, so they did not have proper network activity logs. legislators They were outraged about the surcharge, and the Biden administration worked for more than two years to get Microsoft to do free registration services. The company finally announced the change in July 2023.