Privacy & Security
|
July 2024 Edition
|
|
|
Welcome to iPhone Life’s Privacy & Security Newsletter.
This is your one-stop shop for security news, how-tos, and no-nonsense advice designed to help you protect your digital life.
I’m Cullen Thomas, a security reporter who’s more than a little addicted to studying the strange world of hackers and cybersecurity. Each month, I’ll brief you on recent hacks and scams, followed by the top 3 things you can do to protect yourself. You’ll also get the latest privacy and security news, Apple security patches and updates, and security tips geared toward Apple enthusiasts like yourself.
This edition focuses on two huge privacy stories: the AT&T Snowflake breach and the Crowdstrike debacle—two of the most compromising incidents in the history of the internet.
Did the Crowdstrike outage cancel your flight, close your bank, or crash your self-checkout this month? Let me know how it affected you at security@iphonelife.com.
And as always, we’d love to hear from you about any scams, hacks, or trouble that your fellow readers might need to know about.
Cheers!
|
|
|
Cullen Thomas,
Senior Instructor at iPhone Life
|
|
|
PS. If you’d like to opt out of future editions of the Privacy & Security newsletter, no worries! You can do it easily here.
|
|
|
|
|
|
In This Newsletter:
- Top 3 Security Skills of the Month: What to practice based on the stories below.
- Common Hacks, Scams, & Trouble: A selection of illustrative threats from the last month.
- Latest from Around the Web: General privacy & security news for Apple enthusiasts.
- Security Updates from Apple: What we know about Apple's security patches and updates.
- Security Tip of the Month: Highlighting one of our daily tips to quickly help you secure your privacy.
|
|
|
Top 3 Things to Do to Secure Your Digital Life
|
|
|
Here are the three top things to do to secure your digital life, based on this month’s stories.
- Use credit monitoring and consider freezing your credit (especially if you use AT&T).
- Use a password manager to generate unique strong passwords that you never have to remember, especially for your home router and Wi-Fi.
- Employ multi-factor authentication wherever possible, but where possible use authentication apps instead of text message verification.
For a complete list of our top security recommendations, check out iPhone Life’s Privacy & Security Course for Apple Enthusiasts.
Delete Your Personal Data with Incogni Today!
Are you tired of neverending calls and texts from sources that shouldn't have your number? Data brokers collect your personal information and profit off it at the expense of your privacy. Incogni is a personal information removal service that reduces the volume of spam calls and emails by limiting public access to your information. It both lowers your risk of identity theft and keeps your data from being sold! Sign up for Incogni today for peace of mind and data protection.
|
|
|
Hacks & Scams You Need to Know About
|
|
|
This Is Why Your July Travel Plans Were Ruined
On Friday, July 19, flights all around the world were grounded, banks closed, self-checkouts at supermarkets crashed, ATMs failed, and government agencies and major companies had to close their doors while IT workers scrambled to fix entire buildings full of crashed computers, reports Risky.biz. It’s one of the largest cyber outages of all time, and it all happened because just 8.5 million windows machines all crashed at once. How did it happen?
(Read our full report)
If You Were One of 110 Million AT&T Customers Whose Data Was Compromised, Here’s What to Do
AT&T will be notifying nearly every one of its 110 million customers that their personal data may have been stolen in a massive security breach of the data warehousing company Snowflake, reports Data Breach Today. The affected data includes call and messaging metadata such as who was called, for how long, when, and possibly which cell towers were used. It could help scammers identify individual targets including their location, movements, and social networks. If you’re an AT&T customer, we can show you how to freeze your credit, a practice everyone should consider.
(Read more)
Do You Use Authy? Maybe You Shouldn't
Authy is a popular multi-factor authentication app similar to Google Authenticator or Microsoft Authenticator. According to Bleeping Computer, hackers have taken advantage of an unsecured Application Programming Interface endpoint within the app to identify the active phone numbers of account holders. If you use Authy, consider switching to one of the following authenticator apps.
(Read more)
Protect Yourself Online with NordVPN
Browse securely with NordVPN! Unlock online freedom, shield your data, and access global content. Join the millions who trust NordVPN for ultimate online privacy.
One More Reason to Worry About OpenAI
Last year, OpenAI was breached by a lone hacker, and the company has only now made the incident public. According to the New York Times, a hacker infiltrated OpenAI’s internal messaging system and was able to access “details about the design of the company’s A.I. technologies.” The company made the breach known to its employees in April 2023 but chose not to disclose the incident to the public or law enforcement agencies like the FBI.
(Read more)
Here’s How to Secure Your Home Wi-Fi
Did you know your Wi-Fi system has two important passwords? The one for the Wi-Fi (which everybody knows about since you can’t connect without it) and the one to access the router’s administration panel, which is where you would go to change your Wi-Fi name or the password used to connect. Changing both is important, as this hack demonstrates. Security researchers at Belgian consumer organization Testaankoop have discovered that two Lynksys router systems transmit Wi-Fi passwords and network names (SSIDs) in an insecure manner during initial setup, which would permit an attacker to read the password or to make changes, reports techspot.
(Read more)
|
|
|
Security News Roundup: What You Need to Know
|
|
|
If You Use Kaspersky Antivirus Software, It's Time to Go Shopping
Kaspersky antivirus software will be banned from operating in the United States, announced the US Commerce Department. Kaspersky is based in Russia, and has long had to navigate the perilous socio-political landscape between Russia and the United States and European Union.
(Read our full report)
How Secure Is Public Wi-Fi?
Kaspersky may have been banned in the US, but their researchers still write useful security blogs. In a piece posted to the Kaspersky blog, they detail how vulnerable the public Wi-Fi networks in Paris were ahead of the Olympic games. Spoiler: the picture is bleak, and we have an easy solution to avoid the risk.
(Read more)
Tackle Your Credit Card Debt with 0% Interest into 2026
If you have outstanding credit card debt, getting a new 0% intro APR credit card could help ease the pressure while you pay down your balances. The credit card experts over at Finance Buzz identified this top credit card as perfect for anyone looking to pay down debt and not add to it. You can also earn up to 20,000 miles after spending just $500 on purchases in the first 3 months! Click through to see what all the hype is about.
If TracFone Is Your Phone Carrier, Read This
The Federal Communications Commission reached a settlement with Verizon over allegations that TracFone, which is a wholly owned subsidiary of Verizon, failed to prevent hackers from breaching the company multiple times between 2021 and 2023, stealing data and gaining access that enabled the hackers to perform SIM swapping attacks on an unknown number of customers.
(Read more on how to protect yourself against SIM swapping)
Chrome Backslides on Privacy Promises: Here’s What It Means for You
Google has announced that third-party cookies will continue to function in their Chrome web browser. The world wide web consortium views third-party cookies (little files that advertisers and data brokers save to your computer through your web browser) as intrusive and unnecessary. The bottom line? Don’t use Chrome. (Read more on the browsers you should use)
|
|
|
Top Security Updates from Apple You Should Know About
|
|
|
Apple Beta Software Is Out—Should You Install It?
Apple has released public betas for the next versions of all its operating systems including iOS 18, iPadOS 18, macOS 15, tvOS 18, watchOS 11, visionOS 2. These introduce Apple’s generative AI system, Apple Intelligence, along with a full suite of new features and concerns. (Read more)
A macOS Vulnerability Could Give Hackers Access to Your Texts
Until MacOS 15, infostealer malware or hackers with remote access to a Mac can find the archive of notifications from the notification center and search through it for useful information such as text message contents including verification codes. (Read more)
VisionOS 1.2 Improves Creepy Digital Avatars
If you are one of the rare owners of an Apple augmented reality headset, the Vision Pro, then you will benefit from numerous bug fixes and security updates if you install the latest version of visionOS. (Read more)
Update to iOS 17.6 to Protect Your iPhone
The latest security patch for iOS, iPadOS, and most of the rest of Apple’s fleet contain no notable features but instead repair a wide array of vulnerabilities. Among them, ways for private data to be accessed on the lock screen, for apps to crash the iPhone, and more. (Read more)
|
|
|
Security Tip of the Month
|
|
|
Take Your Facebook Security into Your Own Hands
Security keys are physical devices that look like a USB Key, but work like your car key except for online accounts. You can use one to lock your Apple ID, your Microsoft account, Your Google account, and even your Facebook account. When locked with a security key, your account is much more difficult for scammers to access, as they would need the key in order to get in. Scammers stealing access to your facebook account is freakishly commonplace—we’ve all seen it happen to at least a few friends, if not ourselves—but adding this layer of security should solve that problem. Just don’t lose your security keys: once they’ve been used to lock an account, you can’t get back in without a key.
Facebook doesn’t make this easy, but we break the steps down for you here.
|
|
There is far too much security and privacy news to cover it all. When building this newsletter, we look for scams, hacks, trouble, and news to illustrate the kinds of problems Apple enthusiasts may encounter in our private lives, and the self defense we can practice to keep our devices, accounts, and lives secure. Our commentary focuses on practical advice for everyday people. This newsletter is written by me, Cullen Thomas and edited by Donna Schill.
|
|
If you enjoyed this newsletter, you’ll love all the security content available on iPhone Life Insider!
This premium subscription includes:
- The complete iPhone Life Privacy & Security Course for Apple Enthusiasts and other free online courses taught by expert instructors
- In-depth guides on everything from security to iPhone photography to other Apple devices
- Daily, bite-sized video tips on topics ranging from iCloud security to password management
- A digital subscription to iPhone Life Magazine, where you’ll find articles covering the best security gear, apps, and in-depth how-tos
- The monthly premium iPhone Life Security Newsletter covering everything you need to know to keep your digital life secure
- Access to the ad-free version of the iPhone Life Podcast and exclusive bonus content
- Expert help with all your most pressing Apple Watch questions in our private Ask an Expert Facebook Group
Join the Insider community today and save 30 percent!
|
|
|