Happy Wednesday, y’all - Chad here. I hope everyone had a good Thanksgiving and enjoyed the break. We’re trying to get back on schedule with our regular posts, so in that vein, here’s your weekly Security Wrap-up. There were too many stories to post this week (yay Holidays!), so here’s a couple to check out.
IKEA Hit by Email Reply-Chain Cyberattack
A Black Friday, indeed! According to the story, “The phishing emails were coming from internal IKEA email addresses, as well as from the systems compromised at the company’s suppliers and partners.” Stop thinking about Liz and Criss failing the IKEA test for just a second and put yourself in their employees’ shoes: valid emails from real coworkers and external contacts were suddenly malicious! I’m not sure how you could ever trust your email again. This one’s frustrating because email’s just such a good invention, you know? I’m sure some of you don’t know a life without it, but I sure do. Here’s a quick selfie of me remembering:
Legal Cases and Privacy Rulings Aim to Curtail Facial Biometrics
Can you hear me applauding? Because I’m doing it as hard as I can. Facial recognition terrifies me, but the misuse(s) of it are honestly pretty sobering. TL;DR - a New York-based firm called Clearview AI is being taken to court for their facial-recognition service based on pictures that have been posted publicly/on your social media/etc. NO THANK YOU, PLEASE. The ACLU even chimed in: “[t]he involuntary capture of biometric identifiers — which cannot be changed — can pose greater risks to an individual’s security, privacy, and safety than the capture of other identifiers, such as names and addresses..” 