Terms of service and GDPR. LastPass breach update. GhostWriter resurfaces in action against Poland and its neighbors. Cellphones, opsec, and rocket strikes.

Ad practices draw a large EU fine (and may set precedents for online advertising). Updates on the LastPass breach, and on Russian cyber activity against Poland. Malek Ben Salem from Accenture explains smart deepfakes. Our guest is Leslie Wiggins, Program Director for Data Security at IBM Security on the role of the security specialist. And cellphones, opsec, and the Makiivka strike. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/2 Selected reading. Meta’s Ad Practices Ruled Illegal Under E.U. Law (New York Times) Meta Fined More Than $400 Million in EU for Serving Ads Based on Online Activity (Wall Street Journal) Meta's New Year kicks off with $410M+ in fresh EU privacy fines (TechCrunch) LastPass data breach: notes and actions to take. (CyberWire) Poland warns of attacks by Russia-linked Ghostwriter hacking group (BleepingComputer)  Russia says phone use allowed Ukraine to target its troops (AP NEWS) Russian soldier gave away his position with geotagged social media posts (Task & Purpose) Russian commanders blamed for heavy losses in New Year’s Day strike (Washington Post)