Good news, dear reader: the head chef has returned to the internet kitchen after last week's...questionable events in US nuclear infrastructure. That means it's back to business as usual, so let's dive right in with a delectable 0-day exploit in Chrome for Apple.
Researchers at Google's Threat Analysis Group identified three high-severity zero-day vulnerabilities under active exploitation in Apple OSes and the Chrome browser. Both Apple and Google have actively pushed an update to end users, who need to reboot their devices for changes to take effect.
You may remember all the way back in October of this year, we reported news of the 23&Me data breach. To the surprise of probably nobody, there is more to this story than was initially reported. The company has officially stated that an estimated 14,000 users had their accounts compromised, with the realistic scope likely being more. Due to an opt-in service called DNA Relatives, the hackers were also able to gain information about people associated with the initial victim.
A bipartisan bill has been introduced this past week that aims to stop the Transport Security Administration's (TSA) use of facial biometrics in US airports. Several airports are already equipped with this technology and the TSA has plans to ramp up usage across the country. This bill would ban the TSA's planned expansion of such technology and retroactively repeal existing facial recognition authorization.
This bill also requires "explicit congressional authorization" for any future trials and, if passed, would give the TSA just 90 days to end its use of the tech and purge all facial biometric data it has in its servers.
In case you're not a crypto bro, a crypto mixer is used to obfuscate transactions by mixing wallet addresses among multiple different users. The various law enforcement agencies involved in the shutdown have stated that the mixer services were being used by the North Korean hacker group, Lazarus, to launder stolen funds.
TL;DR
- Update your Apple OS and Chrome right now if you haven't already
- You might just find out about an unknown cousin...because 23&Me got hacked
- The US government might actually do something to protect your privacy for once
- Trying to hide those shit-coin gains with a crypto mixer? You may be abetting North Korean money laundering
Last week it was gay furry hackers, this week it's North Korean money laundering. The internet is an awesome place with incredible abilities to connect people across the globe.
It's also rife with abuse and people wanting to do you harm. Why take any chances? Keep yourself safe online with a proactive and comprehensive privacy strategy. It's never too late to keep yourself and your data safe online.