{"id":92078,"date":"2020-08-21T08:12:20","date_gmt":"2020-08-21T15:12:20","guid":{"rendered":"https:\/\/www.intego.com\/mac-security-blog\/?p=92078"},"modified":"2020-08-26T13:17:53","modified_gmt":"2020-08-26T20:17:53","slug":"fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020\/","title":{"rendered":"Fancy Bear, ReVoLTE, and Instagram&#8217;s biometric theft &#8211; Weekly privacy news, August 21, 2020"},"content":{"rendered":"<p><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe loading=\"lazy\" class=\"youtube-player\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/VvBaV0mXa8I?version=3&#038;rel=1&#038;showsearch=0&#038;showinfo=1&#038;iv_load_policy=1&#038;fs=1&#038;hl=en-US&#038;autohide=2&#038;wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation\"><\/iframe><\/span><\/p>\n<p>Privacy News Online&#8217;s weekly video recap includes the top privacy stories, hosted by tech news commentator Brian Tong.<\/p>\n<p>Each episode includes a cybersecurity news segment hosted by Intego&#8217;s Chief Security Analyst, Josh Long. This week&#8217;s video features two security stories, one of which we covered here on The Mac Security Blog, about an advanced new specimen of Mac malware called XCSSET. For full details, please see our <a href=\"https:\/\/www.intego.com\/mac-security-blog\/mac-malware-exposed-xcsset-an-advanced-new-threat\/\" target=\"_blank\" rel=\"noopener noreferrer\">comprehensive XCSSET article<\/a>.<\/p>\n<blockquote class=\"wp-embedded-content\" data-secret=\"5dW22ZehsP\"><p><a href=\"https:\/\/www.intego.com\/mac-security-blog\/mac-malware-exposed-xcsset-an-advanced-new-threat\/\">Mac malware exposed: XCSSET, an advanced new threat<\/a><\/p><\/blockquote>\n<p><iframe class=\"wp-embedded-content\" sandbox=\"allow-scripts\" security=\"restricted\" style=\"position: absolute; clip: rect(1px, 1px, 1px, 1px);\" title=\"&#8220;Mac malware exposed: XCSSET, an advanced new threat&#8221; &#8212; The Mac Security Blog\" src=\"https:\/\/www.intego.com\/mac-security-blog\/mac-malware-exposed-xcsset-an-advanced-new-threat\/embed\/#?secret=5dW22ZehsP\" data-secret=\"5dW22ZehsP\" width=\"500\" height=\"282\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\"><\/iframe><\/p>\n<p>The other security story covered in this week&#8217;s video is about new Russian espionage malware for Linux, dubbed Drovorub. The NSA and FBI have released details about this threat, which includes a Linux kernel module rootkit and is capable of exfiltrating files from a target system. The report names the Russian GRU as the threat actor also known as Fancy Bear and APT28. You can read <a href=\"https:\/\/arstechnica.com\/information-technology\/2020\/08\/nsa-and-fbi-warn-that-new-linux-malware-threatens-national-security\/\" target=\"_blank\" rel=\"noopener noreferrer\">Ars Technica&#8217;s summary<\/a>, or see the <a href=\"https:\/\/media.defense.gov\/2020\/Aug\/13\/2002476465\/-1\/-1\/0\/CSA_DROVORUB_RUSSIAN_GRU_MALWARE_AUG_2020.PDF\" target=\"_blank\" rel=\"noopener noreferrer\">full PDF report<\/a> for more technical details.<\/p>\n<h3>Privacy news stories<\/h3>\n<p><img loading=\"lazy\" class=\"alignright wp-image-92082 size-full\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2020\/08\/Instagram-logo-square-icon-white-background.jpg\" alt=\"Instagram app icon\" width=\"150\" height=\"150\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2020\/08\/Instagram-logo-square-icon-white-background.jpg 768w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2020\/08\/Instagram-logo-square-icon-white-background-300x300.jpg 300w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2020\/08\/Instagram-logo-square-icon-white-background-150x150.jpg 150w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2020\/08\/Instagram-logo-square-icon-white-background-657x657.jpg 657w\" sizes=\"(max-width: 150px) 100vw, 150px\" \/>One of this week&#8217;s top privacy stories is that <a href=\"https:\/\/www.privateinternetaccess.com\/blog\/instagram-faces-500-billion-lawsuit-for-gathering-facial-biometrics-data-without-consent\/\" target=\"_blank\" rel=\"noopener noreferrer\">Instagram is facing a $500 billion lawsuit<\/a> for gathering facial biometrics data without consent. At issue is that pictures uploaded to Instagram may contain the face of someone other than the account holder, who may not have given consent to Instagram (or parent company Facebook) to have their photos used for facial recognition data. Facebook previously had to pay a $650&nbsp;million fine for a similar violation involving photos uploaded to the Facebook social network.<\/p>\n<p><img loading=\"lazy\" class=\"alignright size-full wp-image-92084\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2020\/08\/ReVoLTE-reuse_attack_vector.jpg\" alt=\"\" width=\"200\" height=\"101\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2020\/08\/ReVoLTE-reuse_attack_vector.jpg 523w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2020\/08\/ReVoLTE-reuse_attack_vector-300x151.jpg 300w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2020\/08\/ReVoLTE-reuse_attack_vector-150x76.jpg 150w\" sizes=\"(max-width: 200px) 100vw, 200px\" \/>Meanwhile, a new attack that researchers are calling ReVoLTE (pronounced &#8220;revolt-y&#8221;) may allow hackers to eavesdrop on phone calls made over 4G LTE networks. Calls made over LTE are usually encrypted, but an implementation flaw found in many cellular towers enables attackers to decrypt conversations. Additional details are available at the <a href=\"https:\/\/revolte-attack.net\/\" target=\"_blank\" rel=\"noopener noreferrer\">ReVoLTE site<\/a>. Calls made using third-party calling apps that count toward your data plan usage, such as FaceTime or Signal, are not affected.<\/p>\n<p><strong>For the rest of this week&#8217;s privacy news, <a href=\"https:\/\/www.youtube.com\/watch?v=VvBaV0mXa8I&amp;list=PLL1eIqHwwN-MY4WwZvjNYcqo02CbtoB7J\" target=\"_blank\" rel=\"noopener noreferrer\">watch the eight-minute video<\/a> and read the <a href=\"https:\/\/www.privateinternetaccess.com\/blog\/privacy-news-online-weekly-review-august-21-2020\/\" target=\"_blank\" rel=\"noopener noreferrer\">related articles<\/a>.<\/strong><\/p>\n<p>You can subscribe to the <a href=\"https:\/\/www.youtube.com\/c\/Privateinternetaccess?sub_confirmation=1\" target=\"_blank\" rel=\"noopener noreferrer\">Private Internet Access YouTube channel<\/a> and click the \ud83d\udd14\u00a0to get notified when new videos are uploaded each Friday.<\/p>\n<h3>More security news, plus Apple news<\/h3>\n<p><a href=\"https:\/\/podcasts.apple.com\/us\/podcast\/intego-mac-podcast\/id1293834627\" target=\"_blank\" rel=\"noopener noreferrer\"><img loading=\"lazy\" class=\"alignright size-thumbnail wp-image-71818\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/ios9-podcasts-app-tile-150x150.png\" sizes=\"(max-width: 50px) 100vw, 50px\" srcset=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/ios9-podcasts-app-tile-150x150.png 150w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/ios9-podcasts-app-tile-32x32.png 32w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/ios9-podcasts-app-tile-50x50.png 50w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/ios9-podcasts-app-tile-64x64.png 64w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/ios9-podcasts-app-tile-96x96.png 96w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/ios9-podcasts-app-tile-128x128.png 128w, https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/ios9-podcasts-app-tile.png 300w\" alt=\"\" width=\"50\" height=\"50\" data-pagespeed-url-hash=\"2337344131\" \/><\/a>For more weekly news and commentary, particularly about Apple and security topics, <a href=\"https:\/\/podcasts.apple.com\/us\/podcast\/intego-mac-podcast\/id1293834627\" rel=\"noopener\">subscribe<\/a> to the <a href=\"https:\/\/podcast.intego.com\/\"><strong>Intego Mac Podcast<\/strong><\/a>. Veteran Mac journalist Kirk McElhearn and Intego&#8217;s Josh Long host our weekly audio discussion show.<\/p>\n<p>Sign up for Intego&#8217;s <strong>e-mail newsletter<\/strong> and follow <strong>The Mac Security Blog<\/strong> for more Apple and security news. And don&#8217;t forget to follow Intego on your favorite social and media channels: <a href=\"https:\/\/www.facebook.com\/Intego\" target=\"_blank\" rel=\"noopener noreferrer\">Facebook<\/a>, <a href=\"https:\/\/www.instagram.com\/intego_security\/\" target=\"_blank\" rel=\"noopener noreferrer\">Instagram<\/a>, <a href=\"https:\/\/twitter.com\/IntegoSecurity\" target=\"_blank\" rel=\"noopener noreferrer\">Twitter<\/a>, and <a href=\"https:\/\/www.youtube.com\/user\/IntegoVideo?sub_confirmation=1\" target=\"_blank\" rel=\"noopener noreferrer\">YouTube<\/a> (click the \ud83d\udd14 to get notified about new videos on Intego&#8217;s own YouTube channel, too).<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This week in Privacy News Online: attackers can decrypt phone calls made over LTE in some cases; Facebook-owned Instagram is being sued for gathering facial biometrics data without consent; and there&#8217;s new Mac and Linux malware.<\/p>\n","protected":false},"author":14,"featured_media":92079,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[5],"tags":[4291,53,1834,309,106,4593],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v17.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<meta name=\"description\" content=\"This week in Privacy News Online: attackers can decrypt phone calls made over LTE in some cases; Facebook-owned Instagram is being sued for gathering facial biometrics data without consent; and there&#039;s new Mac and Linux malware.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.intego.com\/mac-security-blog\/fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Fancy Bear, ReVoLTE, and Instagram&#039;s biometric theft - Weekly privacy news, August 21, 2020 - The Mac Security Blog\" \/>\n<meta property=\"og:description\" content=\"This week in Privacy News Online: attackers can decrypt phone calls made over LTE in some cases; Facebook-owned Instagram is being sued for gathering facial biometrics data without consent; and there&#039;s new Mac and Linux malware.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.intego.com\/mac-security-blog\/fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020\/\" \/>\n<meta property=\"og:site_name\" content=\"The Mac Security Blog\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/JoshLong\" \/>\n<meta property=\"article:published_time\" content=\"2020-08-21T15:12:20+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-08-26T20:17:53+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2020\/08\/PNO-20200821-400x260-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"400\" \/>\n\t<meta property=\"og:image:height\" content=\"260\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@theJoshMeister\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Joshua Long\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\",\"name\":\"Intego\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"width\":875,\"height\":875,\"caption\":\"Intego\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"name\":\"The Mac Security Blog\",\"description\":\"Keep Macs safe from the dangers of the Internet\",\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2020\/08\/PNO-20200821-400x260-1.jpg\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2020\/08\/PNO-20200821-400x260-1.jpg\",\"width\":400,\"height\":260,\"caption\":\"Privacy News Online weekly recap for August 21, 2020\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020\/#webpage\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020\/\",\"name\":\"Fancy Bear, ReVoLTE, and Instagram's biometric theft - Weekly privacy news, August 21, 2020 - The Mac Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020\/#primaryimage\"},\"datePublished\":\"2020-08-21T15:12:20+00:00\",\"dateModified\":\"2020-08-26T20:17:53+00:00\",\"description\":\"This week in Privacy News Online: attackers can decrypt phone calls made over LTE in some cases; Facebook-owned Instagram is being sued for gathering facial biometrics data without consent; and there's new Mac and Linux malware.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.intego.com\/mac-security-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Fancy Bear, ReVoLTE, and Instagram&#8217;s biometric theft &#8211; Weekly privacy news, August 21, 2020\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020\/#webpage\"},\"author\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/dcf592275ba6edde8d20f1e60029c6b1\"},\"headline\":\"Fancy Bear, ReVoLTE, and Instagram&#8217;s biometric theft &#8211; Weekly privacy news, August 21, 2020\",\"datePublished\":\"2020-08-21T15:12:20+00:00\",\"dateModified\":\"2020-08-26T20:17:53+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020\/#webpage\"},\"wordCount\":465,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2020\/08\/PNO-20200821-400x260-1.jpg\",\"keywords\":[\"Advanced Persistent Threats (APT)\",\"Facebook\",\"Instagram\",\"Linux\",\"Privacy\",\"Privacy News Online\"],\"articleSection\":[\"Security News\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020\/#respond\"]}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/dcf592275ba6edde8d20f1e60029c6b1\",\"name\":\"Joshua Long\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/5ad29f4111ce14911abaa98cbbcdea42?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/5ad29f4111ce14911abaa98cbbcdea42?s=96&d=mm&r=g\",\"caption\":\"Joshua Long\"},\"description\":\"Joshua Long (@theJoshMeister), formerly Intego\\u2019s Chief Security Analyst, is a renowned security researcher and writer, and an award-winning public speaker. Josh has a master\\u2019s degree in IT concentrating in Internet Security and has taken doctorate-level coursework in Information Security. Apple has publicly acknowledged Josh for discovering an Apple\\u00a0ID authentication vulnerability. Josh has conducted cybersecurity research for well over 25 years, which is often featured by major news outlets worldwide. Keep up with Josh via X\/Twitter, LinkedIn, Facebook, Instagram, YouTube, Patreon, Mastodon, the JoshMeister on Security, and more. \\u2014\",\"sameAs\":[\"https:\/\/security.thejoshmeister.com\",\"https:\/\/www.facebook.com\/JoshLong\",\"https:\/\/www.instagram.com\/thejoshmeister\/\",\"https:\/\/www.linkedin.com\/in\/thejoshmeister\",\"https:\/\/www.pinterest.com\/thejoshmeister\/\",\"https:\/\/twitter.com\/theJoshMeister\",\"https:\/\/www.youtube.com\/@theJoshMeister\"],\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/author\/joshlong\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"description":"This week in Privacy News Online: attackers can decrypt phone calls made over LTE in some cases; Facebook-owned Instagram is being sued for gathering facial biometrics data without consent; and there's new Mac and Linux malware.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.intego.com\/mac-security-blog\/fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020\/","og_locale":"en_US","og_type":"article","og_title":"Fancy Bear, ReVoLTE, and Instagram's biometric theft - Weekly privacy news, August 21, 2020 - The Mac Security Blog","og_description":"This week in Privacy News Online: attackers can decrypt phone calls made over LTE in some cases; Facebook-owned Instagram is being sued for gathering facial biometrics data without consent; and there's new Mac and Linux malware.","og_url":"https:\/\/www.intego.com\/mac-security-blog\/fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020\/","og_site_name":"The Mac Security Blog","article_author":"https:\/\/www.facebook.com\/JoshLong","article_published_time":"2020-08-21T15:12:20+00:00","article_modified_time":"2020-08-26T20:17:53+00:00","og_image":[{"width":400,"height":260,"url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2020\/08\/PNO-20200821-400x260-1.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_creator":"@theJoshMeister","twitter_misc":{"Written by":"Joshua Long","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization","name":"Intego","url":"https:\/\/www.intego.com\/mac-security-blog\/","sameAs":[],"logo":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","width":875,"height":875,"caption":"Intego"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo"}},{"@type":"WebSite","@id":"https:\/\/www.intego.com\/mac-security-blog\/#website","url":"https:\/\/www.intego.com\/mac-security-blog\/","name":"The Mac Security Blog","description":"Keep Macs safe from the dangers of the Internet","publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020\/#primaryimage","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2020\/08\/PNO-20200821-400x260-1.jpg","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2020\/08\/PNO-20200821-400x260-1.jpg","width":400,"height":260,"caption":"Privacy News Online weekly recap for August 21, 2020"},{"@type":"WebPage","@id":"https:\/\/www.intego.com\/mac-security-blog\/fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020\/#webpage","url":"https:\/\/www.intego.com\/mac-security-blog\/fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020\/","name":"Fancy Bear, ReVoLTE, and Instagram's biometric theft - Weekly privacy news, August 21, 2020 - The Mac Security Blog","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020\/#primaryimage"},"datePublished":"2020-08-21T15:12:20+00:00","dateModified":"2020-08-26T20:17:53+00:00","description":"This week in Privacy News Online: attackers can decrypt phone calls made over LTE in some cases; Facebook-owned Instagram is being sued for gathering facial biometrics data without consent; and there's new Mac and Linux malware.","breadcrumb":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.intego.com\/mac-security-blog\/fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.intego.com\/mac-security-blog\/fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.intego.com\/mac-security-blog\/"},{"@type":"ListItem","position":2,"name":"Fancy Bear, ReVoLTE, and Instagram&#8217;s biometric theft &#8211; Weekly privacy news, August 21, 2020"}]},{"@type":"Article","@id":"https:\/\/www.intego.com\/mac-security-blog\/fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020\/#article","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020\/#webpage"},"author":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/dcf592275ba6edde8d20f1e60029c6b1"},"headline":"Fancy Bear, ReVoLTE, and Instagram&#8217;s biometric theft &#8211; Weekly privacy news, August 21, 2020","datePublished":"2020-08-21T15:12:20+00:00","dateModified":"2020-08-26T20:17:53+00:00","mainEntityOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020\/#webpage"},"wordCount":465,"commentCount":0,"publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020\/#primaryimage"},"thumbnailUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2020\/08\/PNO-20200821-400x260-1.jpg","keywords":["Advanced Persistent Threats (APT)","Facebook","Instagram","Linux","Privacy","Privacy News Online"],"articleSection":["Security News"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.intego.com\/mac-security-blog\/fancy-bear-revolte-and-instagrams-biometric-theft-weekly-privacy-news-august-21-2020\/#respond"]}]},{"@type":"Person","@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/dcf592275ba6edde8d20f1e60029c6b1","name":"Joshua Long","image":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/5ad29f4111ce14911abaa98cbbcdea42?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/5ad29f4111ce14911abaa98cbbcdea42?s=96&d=mm&r=g","caption":"Joshua Long"},"description":"Joshua Long (@theJoshMeister), formerly Intego\u2019s Chief Security Analyst, is a renowned security researcher and writer, and an award-winning public speaker. Josh has a master\u2019s degree in IT concentrating in Internet Security and has taken doctorate-level coursework in Information Security. Apple has publicly acknowledged Josh for discovering an Apple\u00a0ID authentication vulnerability. Josh has conducted cybersecurity research for well over 25 years, which is often featured by major news outlets worldwide. Keep up with Josh via X\/Twitter, LinkedIn, Facebook, Instagram, YouTube, Patreon, Mastodon, the JoshMeister on Security, and more. \u2014","sameAs":["https:\/\/security.thejoshmeister.com","https:\/\/www.facebook.com\/JoshLong","https:\/\/www.instagram.com\/thejoshmeister\/","https:\/\/www.linkedin.com\/in\/thejoshmeister","https:\/\/www.pinterest.com\/thejoshmeister\/","https:\/\/twitter.com\/theJoshMeister","https:\/\/www.youtube.com\/@theJoshMeister"],"url":"https:\/\/www.intego.com\/mac-security-blog\/author\/joshlong\/"}]}},"jetpack_featured_media_url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2020\/08\/PNO-20200821-400x260-1.jpg","jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4VAYd-nX8","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/92078"}],"collection":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/users\/14"}],"replies":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/comments?post=92078"}],"version-history":[{"count":7,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/92078\/revisions"}],"predecessor-version":[{"id":92092,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/92078\/revisions\/92092"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media\/92079"}],"wp:attachment":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media?parent=92078"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/categories?post=92078"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/tags?post=92078"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}