Zuckerberg talks to Congress, Facebook gets sued, and Verizon reports ransomware is today’s top threat.
Microsoft releases system updates on the second Tuesday of each month, and this month’s “Patch Tuesday” is a whopper. It covers nearly 70 security issues, 20 of which are rated “critical.”
The critical updates included patches for Adobe Flash Player, Windows Font Library, and a Spectre patch. As we reported last week, the Spectre vulnerability is a hardware issue, so software fixes like this latest patch can only partially help. Nevertheless, protecting against some scenarios is better than protecting against none. Read details about the patches, and make sure your system is fully updated.
Facebook CEO Mark Zuckerberg had two long days of testifying before Congress this week, sitting before the Senate Judiciary and Commerce Committee on Tuesday and the House Energy and Commerce Committee on Wednesday.
Zuckerberg was questioned on the social media giant’s privacy policies and its unwitting role in the 2016 US presidential election, when 87 million users had their data harvested by a quiz app and sold to political consultancy Cambridge Analytica. Zuckerberg informed Congress that his personal data was also among the info bought and sold.
Zuckerberg told Congress that as soon as Facebook had learned about this data harvest, the company demanded that both the quiz developer and Cambridge Analytica delete all the data. Zuckerberg admitted that Facebook did not notify the Federal Trade Commission of the data breach because the company considered the case closed, though they did not check that the data was indeed erased.
While Facebook’s CEO testified on Capitol Hill this week, a couple of class-action lawsuits were launched against the company. One was filed in California, representing the 70 million US Facebook users who had their data harvested by the now-infamous “This Is My Digital Life” quiz, and then used to allegedly influence the 2016 presidential election. The charge is “unjust enrichment and violation of privacy and consumer-protection laws when [Facebook] permitted app developers and other third parties to exploit its lax to non-existent enforcement practices.”
The other class-action lawsuit was filed in Delaware, and it’s a joint effort by both US and UK law firms. In this suit, Facebook is only one of the defendants. The prosecution is also putting Cambridge Analytica and a couple other data research groups under fire. John McCue, the London-based lawyer spearheading the UK arm of the claim, states, “The defendants effectively abused the human right to privacy of ordinary Facebook users and, if that were not enough, then the fruits of that abuse are alleged to have undermined the democratic process. This case will go some way to ensure that neither of these things can happen in the future.”
Verizon released its 2018 Data Breach Investigations Report this week, and over the last four years ransomware has gone from 22nd place to 5th place to 1st place, making it the current top threat in the digital world. This is hardly surprising, however, as data has proven itself to be the most valuable asset in today’s world.
In 2017, the number of ransomware attacks doubled what they were in 2016. In the 53,000 security incidents Verizon clocked for this year’s report, ransomware constituted almost 40% of them, proving itself far more prevalent than any other kind of malware attack. This is most likely due to unfortunate facts that ransomware programs are easily attainable on the dark web, and their particular method of attack gets results. If one thing is clear, it’s that everyone needs to keep their systems updated with the latest in anti-ransomware security.
Avast is a global leader in cybersecurity, protecting hundreds of millions of users around the world. Learn more about products that protect your digital life at avast.com. And get all the latest news on today's cyberthreats and how to beat them at blog.avast.com.