NEWS THIS WEEK: Apple patches iOS vulnerabilities; Roomba’s plan to map homes raises concerns; tax breaks for cybersecurity training proposed

July 29th, 2017

By Byron V. Acohido

In news this wekk, a company is offering to microchip employees, enabling them to open doors, log onto computers and purchase snacks with a swipe of the hand. Three Square Market, also known as 32M, said more than 50 employees are voluntarily getting implants Aug. 1 at what the company is calling a “chip party.” The chips are the size of a grain of rice and are inserted underneath the skin between the thumb and forefinger using a syringe. The procedure takes a couple of seconds. Company leaders hope the $300 microchips eventually can be used on air travel, public transit and for storing medical information. The company is partnering with Sweden’s BioHax International, where employees have been using the implants. Three Square Market is paying for the employees’ microchips. The technology has raised privacy concerns because of the potential to track a person’s whereabouts and purchases. Officials at 32M said the data in the microchip is encrypted and does not use GPS. But Michael Zimmer, who teaches internet ethics and privacy at the  University of Wisconsin-Milwaukee said he worries about the potential for “function creep,” where the stated purpose of a technology ends up spilling over into other uses, including surveillance. Source: The Associated Press via WestVirginia.com

Apple patches devices to prevent possible Wi-Fi hacks

Apple issued a critical security patch for all iOS devices to protect against a potential hack that attacks devices remotely via Wi-Fi. The tech company has urged users to install the operating system update to avoid a “potentially serious” cyber attack that could wipe out iPhones. Android devices also are threatened by the hack, but Google issued its own update earlier this month. Source: The Wall Street Journal

Bill would require Homeland Security to disclose more about cyber issues

A House panel advanced legislation requiring the Department of Homeland Security to give lawmakers more information on how it discloses cyber vulnerabilities to the private sector. The bill would require Homeland Security Secretary John Kelly to send a report to relevant congressional committees describing policies and procedures used by the DHS to coordinate the disclosure of what are called “zero days”—cyber vulnerabilities that are unknown to a product’s manufacturer and for which no patch exists. Source: The Hill

Coordinated effort to fight identity theft seems to be working

The number of identity theft victims was nearly cut in half last year, compared to the previous year, after the agency teamed with tax preparers to fight the problem, IRS Commissioner John Koskinen said. In 2015, thieves stole the identities of nearly 700,000 victims. Last year, the number dropped to 377,000. Source: The Associated Press via The Seattle Times

Shoplifting suspect uses former Cowboy player’s identity; team dumps player

Former Dallas Cowboys receiver Lucky Whitehead’s identity was falsely used in a shoplifting arrest. Prince William County, Virginia, police said the man charged in a case involving $40 worth of stolen food and drink from a convenience store in June wasn’t Whitehead. The Cowboys released Whitehead after reports that he was arrested and cited for missing a court hearing. Source: The San Francisco Chronicle

Sweden’s classified information might have been exposed

Swedish Prime Minister Stefan Lofven says his government is trying to safeguard sensitive information and minimize damage done by an IT outsourcing deal that could have exposed classified details to foreign powers. His administration will investigate the deal struck by the Swedish Transport Agency after classified information in its registers and systems was handled illegally, Lofven said. Source: Bloomberg Politics

Data about Italian bank’s customers might be at risk

Data about loan accounts belonging to 400,000 customers of Italy’s largest bank has been put at risk by two security breaches. Unicredit said that personal data and account numbers could have been stolen. But it added that the accounts’ passwords had not been compromised, so the hackers could not have carried out unauthorized transactions. Source: BBC

Roomba’s plans to map your home raise privacy concerns

IRobot’s plans to map user homes with the Roomba have raised privacy concerns, especially if the company sells its maps to a company such as Amazon, Apple or Google. The company has been in active discussions with Amazon and Google about its ongoing effort to add Alexa and Google Assistant functionality to the Roomba line. Source: Tech Crunch

Researchers show manufacturer its vulnerabilities by making ATM spew cash

Security researchers showed ATM maker Diebold Nixdorf how they could turn one of the company’s machines into a cash fountain. A hack of an exposed USB in one of Diebold Nixdorf’s Opteva ATMs allowed researchers at security company IOActive to get it to spew out cash until it was empty. Source: CNet

German cell phones might come with surveillance software

German security forces will have the technology to install surveillance software on cell phones before the end of the year, a leaked document shows. Police plan to use private firms to skirt legal dilemmas. The German government passed a law to hand police the power to hack into devices belonging to everyone suspected of criminal activity, not just those expected of terror offenses. Source: Deutsche Welle

Bill proposes tax breaks for cybersecurity training, funding for education

Three House Democrats introduced a multilayered bill aimed at boosting the cybersecurity work force. The “New Collar Jobs Act” would establish incentivized tax breaks for employers offering cybersecurity training, increase funding for a cyber scholarship program, and establish a student debt relief program for cybersecurity job takers. Source: The Hill

This column originally appeared on ThirdCertainty.com