AusPrivacy #1

AusPrivacy #1
Photo by Tobias Tullius / Unsplash

Privacy focused platform Proton has announced it's acquiring the end-to-end encrypted note taking application Standard Notes, Australian arrested in relation to Firebird RAT, Telstra customer details found on hacking forum, Diabetes WA cyber incident, Digital ID Laws clear the Senate, Google kills a service (that of course no one used), and more.

šŸ‘‹
Welcome to the first of what I aim to be a weekly roundup of Australian privacy and Cyber Security news and info. Being the first I'm going to go back a little further than the last week, to catch up on all the bigger stories.

In the News

Proton and Standard Notes are joining forces | Proton
Proton and the end-to-end encrypted note-taking app Standard Notes are joining forces. Weā€™ve long been admirers and are excited to welcome Mo and his team.

I was hoping for Proton to make their own for a little healthy competition, but I'll settle for this.

Firebird RAT creator and seller arrested in the U.S. and Australia
A joint police operation between the Australian Federal Police (AFP) and the FBI has led to the arrest and charging of two individuals who are believed to be behind the development and distribution of the ā€œFirebirdā€ remote access trojan (RAT), later rebranded as ā€œHive.ā€
Google kills ā€œOneā€ VPN service, says ā€œpeople simply werenā€™t using itā€
Did anyone want a VPN from the Internetā€™s largest data collector?

I'm surprised it lasted this long

iTWire - Backdoored open-source package back on GitHub after being sanitised
The repository of the open-source compression utility xz Utils, in which a backdoor was found prior to the Easter weekend, has now been restored to GitHub. The account of the original maintainer, Lasse Collin, has also been restored according to a post on Reddit. The presence of the backdoor was cauā€¦
Telstra customersā€™ details included in leaked data file
Posted to hacking forum.
Stolen ID register blocks 300k fraud attempts
A government register introduced following one of Australiaā€™s worst data breaches on record has blocked more than 300,000 fraudulent attempts to use stolen identity credentials legitimately in 18 months. The figures reveal for the first time the scale of attempts by fraudsters to use compromised passports, Medicare and driverā€™s licence data in the wake of the 2022 Optus data breach that kicked off a privacy push. As many as 9.8 million current and former Optus customers had at least some personal information compromised in the breach, while at least 2.1 million customers had identity documents stolen, prompting a rush for replacement credentials.
Apple alerts some iPhone users that they were targets of ā€˜mercenary spyware attackā€™ - 9to5Mac
Apple is alerting users to a new instance of an identified mercenary spyware attack on the iPhone. Possible victims haveā€¦
DuckDuckGo launches a premium Privacy Pro VPN service
DuckDuckGo has launched a new paid-for 3-in-1 subscription service called ā€˜Privacy Pro,ā€™ which includes a virtual private network (VPN), a personal data removal service, and an identity theft restoration solution.

U.S only, but I'm curious if these identity removal services are worth it or something you should be doing yourself.

Notification of Privacy Incident | Diabetes WA
Diabetes WA recently experienced a cyber incident, which resulted in a third-party gaining access to the personal information of some of our contacts.
Details Emerge Of Facebookā€™s Long History Of Spying On Encrypted User Communications Across Different Apps And Service
Last week youā€™ll recall that after a closed-door intelligence briefing, some members of Congress leaked word to Axios that they were ā€œshockedā€ by various TikTok behaviors.Upon cloā€¦
Digital ID providers to be kept to a minimum: Gallagher
Less than 10 private digital ID providers, including banks and payments service providers, are initially expected to be accepted into the expanded version of the federal governmentā€™s digital identity scheme. Finance minister Katy Gallagher made the comments on Tuesday, ruling out the prospect of ā€œhundreds of regulated digital ID providersā€ joining the soon-to-be-legislated the Australian Government Digital ID System (AGDIS).The Digital ID Bill, which will regulate and expand the system beyond the federal government, passed the Senate last week and will now return to the low house for sign off before passing into law.
iTWire - Digital ID a step forward for a ā€˜more secureā€™ digital economy
Payments industry provider Australian Payments Plus (AP+) has welcomed the passage by the Senate of the Digital ID Bills as a step forward for a more secure digital economy for Australia. AP+ Chief Executive Officer, Lynn Kraus said the establishment of a secure, unified digital identity framework iā€¦
Landmark digital identity laws clear Senate
Australiaā€™s digital identity scheme will expand beyond the federal government to the states and territories and the private sector after a landmark bill, first drafted more than three years ago, passed the Parliament. The Digital ID Bill sailed through the Senate on Wednesday evening with the support of the Greens, the Jacqui Lambie Party and a handful of independent senators, who backed the amendments circulated by the government on Tuesday. Amendments put forward by the Greens to make the bill ā€œgenuinely voluntaryā€ were also agreed to by the government and will require that business offer a comparable non-digital services for services that use digital ID.
70% of Australians donā€™t feel in control of their data as companies hide behind meaningless privacy terms
Weā€™re being tracked, targeted and profiled by businesses and data brokers. A new report on consumer data handling shows we need an urgent update of privacy laws.
iTWire - Assange case: Albanese eagerly grabs at crumbs from Biden
In the same way that a hungry traveller who has been wandering in the wilderness without food or water for months would grab at any sustenance, Australian Prime Minister Anthony Albanese has leapt upon a throwaway remark from US President Joe Biden about freedom for WikiLeaks founder and publisher Jā€¦

Events

Privacy Awareness Week
Privacy Awareness Week (PAW) is an annual event to raise awareness of privacy issues and the importance of protecting personal information.

Monday 6 May to Sunday 12 May

What I'm listening to

Carey Parker is on a mission to raise the awareness of everyday, non-technical people on the crucially important topics of cybersecurity and privacy. Carey has done some interviews with some great people who I otherwise wouldn't have been exposed to.

Firewalls Donā€™t Stop Dragons Podcast
Donā€™t Get Caught With Your Drawbridge Down!

In the inbox

If you need a daily fix of tech news I highly recommend The Sizzle. Best $6 a month I've spent in a long time.

The Sizzle - Australiaā€™s Favourite Tech Newsletter
Get an Australian take on the dayā€™s tech news with The Sizzle!

Help shape the future of AusPrivacy

I'm still discovering what this site will be, and very open to hearing what you think.