Welcome to Cybersecurity 202!Before the month is out, consider watching Louis Malle's 1990 film “Poisson de mai” about the Parisian student riots of 1968. Arcade Fire “Le mois de mai” isn't bad either.Below: Twitter to pay $150 million fine for collecting users' personal information for security purposes but using it for advertising, and UN Security Council set to vote to punish North Korean hackers.Huawei has largely lost the fight against 5G, but is now turning to 6GThe United States has mostly won the fight to restrict China's role in building next-generation 5G telecommunications systems due to spy concerns.But the battle over who will control the future of global communications technology has only just begun.Canada belatedly joins the United States and its closest allies this month in blocking Chinese tech giant Huawei from its 5G system.The move follows years of warnings from US officials that Huawei is too closely tied to the Chinese Communist Party and could be relied upon to use such a privileged position to spy on Western officials or sabotage anything connected to it. the Western Internet and the mobile phone system.Concerns are supercharged because 5G systems, which have just been rolled out, promise to be exponentially more powerful than their 4G ancestors and connect to a much wider range of devices known as the Internet of Things. .Canada's move essentially secures a near-term future in which global connected technology is divided into two major zones, with Western companies dominating in one and Chinese companies in the other.But Huawei is not giving up.The company has long rejected US claims that it is vulnerable or complicit in spying on Beijing.The company is already looking forward to the next revolution in communications technology and hopes that developments in cybersecurity or geopolitical changes will cause the West to become more open to Chinese products.Purdy's comments accompanied the release of a Huawei-funded white paper by academic Jean Lash, which argues that stronger security and transparency measures would be more effective in limiting the dangers of eavesdropping and hacking in 5G networks. than the current US method of banning Chinese technology.Western officials and analysts aren't buying it.For them, there is apparently no technological solution that makes the bet of allowing a Chinese company to play a role in the most sensitive parts of Western telecommunications systems.They bring up issues such as the Chinese crackdown in Hong Kong to argue party leaders and President Xi Jinping cannot be trusted.“The future looks like two different supply chains [for telecom] – one with a much higher risk profile,” Jim Lewis, a cyber exerciser at the Center for Strategic and International Studies and former government cyber official, m 'said.“People don't like being spied on by the Chinese government and if you're in China you have no choice but if you're in other countries you do,” Lewis said.There's no hard evidence linking Huawei to overseas Chinese espionage, but a handful of incidents have given fodder to critics who say the company is too sensitive to pressure from Beijing.The fight to restrict Huawei's role in 5G was launched under the Trump administration and is one of the few areas where Biden officials have largely stayed the course on Trump's policies.Twitter will pay $150 million to collect information to enhance user security but use it for advertising purposesTwitter will pay $150 million to settle allegations that it deceptively used contact information such as email addresses and phone numbers to target advertising, Cat Zakrzewski reports.Twitter told users it collects this data to secure accounts, including through multi-factor authentication and to recover passwords.The FTC also alleged “Twitter used phone numbers and email addresses to allow advertisers to target specific ads to specific consumers by matching the information with data they already had or obtained from brokers. into data.”Twitter will not be able to take advantage of the data "deceptively collected" and must tell users that it has used their phone numbers and email addresses for advertising purposes, according to a press release.The company will also have to introduce a new privacy program that will require it to review the security risks of new products.The company said in a blog post that "data security and privacy is something we take extremely seriously, and we have cooperated with the FTC every step of the way."The company first announced that it "inadvertently" mishandled emails and phone numbers for advertising purposes in 2019.Cybersecurity advocates have warned that Twitter's actions could make consumers less likely to enable multi-factor authentication — arguably the most effective consumer-level cybersecurity protection — out of distrust of businesses and fear of receiving Spam.The FTC previously sued Facebook for similar behavior in 2019.Taking the credentials users provide for two-factor authentication and then reusing them for ad targeting is unscrupulous and counterproductive to security, so good to see more of these cases.https://t.co/Jeaop6BnCAThe penalty is justified.Misuse of Information.users provided for security purposes means they are less likely to provide this information.in the future, which makes everyone less secure.https://t.co/x6ezB4HW1GEwa Jodlowskale managing director of a security startup who was previously executive director of the Python Software Foundation:It's no surprise that Twitter can't trust private personal data.Hope this doesn't deter people from using MFA.If available, use MFA which does not involve personal information like phone numbers ✅ https://t.co/aR5EPSOZNG— Ewa Jodlowska (@ewa_jodlowska) May 25, 2022This is a misuse of the data by a social media company, not an issue with the authentication technology the data was used for.The underlying problem is that we have grown accustomed to this type of unscrupulous behavior regarding our personal data by social media companies.Readme Security Management Editor Blake Sobczak:This could delay official campaigns to promote the adoption of multi-factor authentication.With spam calls and texts already harassing most customers, who wants to set up MFA just to have their phone number/email surreptitiously passed on to more advertisers?https://t.co/SHsQp9cxhUGoogle links Russian hackers to site hosting leaked Brexit emailsMost of the leaked emails apparently come from pro-Brexit campaigners in the UK, Reuter's Raphael Satter, James Pearson and Christopher Bing report.Google's Threat Analysis Group has linked the site to a Russia-based group called “Cold River”.The site also included leaked emails from former British foreign intelligence chief Richard Dearlove.Dearlove also blamed the hack on the Russian government, telling Reuters he was "well aware of a Russian operation against a Proton account that contained emails to and from me."Dearlove warned Reuters that the leaked emails should be treated with caution amid "the current crisis in relations" with Moscow."If the leaked messages are in fact genuine, it would be the second time in three years that suspected Kremlin spies have stolen private emails from a senior UK national security official and published them online," Satter writes, Pearson and Bing.The site bears some similarities to other sites used by Russians to leak sensitive documents, particularly in the run-up to the 2016 U.S. election, Johns Hopkins University professor Thomas Rid told Reuters.UN Security Council set to vote on sanctioning notorious North Korean hacking groupThe UN Security Council is expected to vote in the "coming days" on additional sanctions against North Korea that would target the infamous hacking group Lazarus, a senior US official told ReutersIt's Michelle Nichols.The resolution is unlikely to pass.It will need support from China and Russia, but both countries have "signaled their opposition", writes Nichols.The US government last month circulated a draft resolution that would freeze the assets of the Lazarus Group, which the US government says is controlled by North Korean intelligence officials, Reuters previously reported.reported.The Lazarus group has been behind a series of brazen burglaries and other hacks.UK to probe China takeover of chipmaker (Wall Street Journal)A notorious Vietnamese hacker becomes a government cyber-agent (France24)Surveillance AI firm with hidden ties to China seeks US infrastructure contracts (Protocol)Jury sees conflicting evidence on Michael Sussmann's role in Trump-Russia FBI meeting (Politico)FBI seeks over $100 million in cyber and data-related increases for 2023 (CyberScoop)Global oil and gas companies join pledge for cyber resilience (The Hill)MGM Resorts guest data is now disclosed for free on Telegram (The Register)Wisconsin Republican Quits Electoral Board Over Party Lies in 2020 (Rosalind S. Helderman)Thanks for reading.Until tomorrow.Save my name, email and website in this browser for the next time I comment.fr.techtribune.net is an equal opportunity employer.For announcements, jobs and any other questions, email us at techtribunedotnet(AT)gmail.com.Tech Tribune France takes copyright laws very seriously.If any content violates copyright, let us know via email, we will look into the matter and take action to ban the author and remove the content as soon as possible.© All rights reserved © 2022