Marcel Brown: October 23rd 2001. Using the slogan, 1, 000 songs in your pocket, Steve Jobs introduces the original iPod, featuring a 5GB hard drive, FireWire connectivity, and synchronization to iTunes.

Edwin Kwan: Attackers are using cybersecurity best practices against users, prompting them to download malicious browser updates.

Katy Craig: Quantum computing holds immense promise in fields like chemistry, materials science, and AI. Yet there’s a flip side to this advancement. Deep-pocketed nations like China and Russia, equipped with the scientific expertise and resources, could be making secret strides in quantum computing.

Hillary Coover: A Dutch consumer-rights group, SDBN, has initiated a class-action lawsuit against Amazon for allegedly violating the European Union’s privacy law by tracking website visitors without their consent using tracking cookies.

 

The Stories Behind the Cybersecurity Headlines

 

Edwin Kwan
Fake Browser Updates Delivering Malware

Attackers are using cybersecurity best practices against users, prompting them to download malicious browser updates.

This is Edwin Kwan from Sydney, Australia.

Security researchers are observing a growing trend where attackers are disguising their malware as fake browser updates. The attackers start by compromising a legitimate but vulnerable website. They would use an existing vulnerability or a misconfiguration on the website to inject a malicious JavaScript code. When visitors load the compromised site, the malicious JavaScript code is executed. The malicious code will gather information about the visitor’s browser version and location and use that to display a fake browser update page.

The page will be tailored to the visitor’s browser and inform the user that their browser is outdated and requires updating to view the website’s contents. It would also include an “update browser” link. Clicking on that link would download malicious software onto the user’s computer. The security researchers have observed four different threat clusters using unique campaigns to deliver their fake browser update laws.

Security awareness is the key to protecting against this type of scam, along with having endpoint protection as part of a defense-in-depth strategy.

Resources
– Proof Point: https://www.proofpoint.com/us/blog/threat-insight/are-you-sure-your-browser-date-current-landscape-fake-browser-updates
– Krebs on Security: https://krebsonsecurity.com/2023/10/the-fake-browser-update-scam-gets-a-makeover/
– Dark Reading: https://www.darkreading.com/threat-intelligence/watch-out-attackers-hiding-malware-browser-updates

 

Katy Craig
Countdown to Q Day

 Since the 1990s, researchers have been aware of the looming threat posed by quantum computing to our current encryption systems. They call it Q-Day. In 1994, the mathematician Peter Shor unveiled an algorithm that, if executed by a hypothetical quantum computer, could efficiently factor large numbers. A task that conventional computers struggle with. This vulnerability forms the basis of much of today’s encryption.

This is Katy Craig in San Diego, California.

At the time, Shor’s algorithm was viewed as an interesting but distant concern. However, quantum computing has made significant strides in recent years. IBM, Google, and others have demonstrated the development of more powerful quantum computers, and scaling up is not just a theoretical possibility, but an achievable goal.

Quantum computing holds immense promise in fields like chemistry, materials science, and AI. It could revolutionize drug discovery, lead to breakthroughs in battery technology, and transform various industries.

Yet there’s a flip side to this advancement. Deep-pocketed nations like China and Russia, equipped with the scientific expertise and resources, could be making secret strides in quantum computing. This poses a significant national security risk for the United States.

While American scientists have made progress, the fear of falling behind in the quantum race persists. The cybersecurity community, continues to emphasize the need for vigilance and innovation to protect our digital world in the era of quantum computing.

This is Katy Craig. Stay safe out there.

Resources
– National Security Agency: https://media.defense.gov/2021/Aug/04/2002821837/-1/-1/1/Quantum_FAQs_20210804.PDF
– Congress.gov: https://www.congress.gov/bill/117th-congress/house-bill/7535/text
– New York Times: https://www.nytimes.com/2023/06/14/science/ibm-quantum-computing.html

 

Hillary Coover
Cookie Tracking Lawsuit in Netherlands

Imagine this scenario as an analogy: would it be acceptable for someone to physically follow you around everywhere you go, observing your every move and action, in order to better understand you and eventually sell products tailored to your life? What if that same individual then proceeded to share all the intricate details of your daily routine and habits with third parties, which might include foreign entities, marketers, or even potential criminals?

I hate to break it to you, but that’s exactly what’s happening in the digital world and European regulators are working hard to stop these practices and preserve their citizens’ rights to privacy.

Hi, this is Hillary Coover in Washington, DC.

A Dutch consumer-rights group, SDBN, has initiated a class-action lawsuit against Amazon for allegedly violating the European Union’s privacy law by tracking website visitors without their consent using tracking cookies.

Tracking cookies are small pieces of data stored on a user’s web browser used to monitor and record their online activities and preferences.

The legal action takes advantage of recently expanded legal provisions for class actions under an EU law effective in June. The lawsuit, which claims to represent around 5 million Amazon account holders in the Netherlands, seeks damages for the consumers themselves and a court order to halt Amazon’s data tracking practices. SDBN’s chair hopes the lawsuit will pressure Amazon to change its data collection methods.

This legal challenge mirrors a 2021 regulatory penalty issued to Amazon by Luxembourg’s privacy regulator, which the company is currently appealing. The case is part of a growing trend in Europe where consumers and consumer protection groups are increasingly suing companies over potential privacy violations and throwing in some pretty hefty regulatory fines.

As consumers, it’s essential to be informed and assertive about how our digital footprints are utilized and to advocate for robust data protection measures that balance technological advancement with individual rights. For tech companies, these lawsuits serve as a good warning and a crucial opportunity to reevaluate and strengthen their commitment to ethical data practices.

Because… Ultimately, by prioritizing transparency, consent, and robust safeguards, companies can not only meet regulatory requirements, but they can also build trust and long-term relationships with their user base.

Resources
– Wall Street Journal: https://www.wsj.com/articles/dutch-consumer-group-sues-amazon-over-data-tracking-8883087b?mod=cybersecurity_news_article_pos1

 

Marcel Brown
This Day, October 22-23, in Tech History

This is Marcel Brown bringing you some technology history for October 22nd and 23rd. But first, a bonus from October 21st, 1991.

At the Comdex Computer Expo in Las Vegas, Apple introduces the first line of PowerBook notebook computers, the PowerBook 100, 140, and 170. The first truly portable Macintosh, the PowerBook line refined portable computing and set the bar for future laptop designs. For example, the PowerBooks were the first laptop to have a trackball positioned in front of the keyboard. Most existing PC laptops of the time ran DOS and were therefore keyboard oriented, requiring the use of external mice.

October 22nd, 1938. In a makeshift lab on the second floor of a rental house, Chester Carlson and his assistant, Otto Kornei, successfully invent the process that would lead to the photocopier. Carlson had written 10- 22- 38 ASTORIA on a piece of paper and these became the historic words that were first photocopied.

Ironically, Cornai had so little faith in the invention that within a year he quit working for Carlson and willingly gave up any claims he had on the process. However, Carlson would later gift Kornei 100 shares of the Xerox Corporation that would eventually be worth 1 million dollars.

October 23rd 2001. Using the slogan, 1, 000 songs in your pocket, Steve Jobs introduces the original iPod, featuring a 5GB hard drive, FireWire connectivity, and synchronization to iTunes.

By using a 1. 8 inch drive, the iPod was significantly smaller than competing MP3 players of the time. The FireWire port allowed simultaneous charging and high speed music synchronization, innovative for its time. At the time, the original iPod only worked with Macintosh computers. However, the popularity of the iPod among Windows users, who had to hack together a solution to use it with their computers, prompted Apple to release a Windows compatible version in the second generation of iPods.

With the introduction of the iTunes Music Store in June of 2003, the runaway success of the iPod completely changed the landscape of the music and computer industry. That’s your technology history for today. For more, tune in tomorrow and visit my website, thisdayintechhistory. com.

Resources
– This Day in Tech History:
https://thisdayintechhistory.com/10/22
https://thisdayintechhistory.com/10/23