TechCrunch: APKPure app contained malicious adware, say researchers. “Security researchers say APKPure, a widely popular app for installing older or discontinued Android apps from outside of Google’s app store, contained malicious adware that flooded the victim’s device with unwanted ads.”
InfoSecurity Magazine: Office Depot Europe Configuration Error Exposes One Million Records. “Among the 974,000 unencrypted records found in the database were customer names, phone numbers, home and office addresses, @members.ebay addresses, marketplace logs, order histories and hashed passwords.”
CPO Magazine: Faced With Potential Loss of Revenue, Snapchat Explores Ways Around Apple’s New Privacy Rules. “The Financial Times reports that the parent company of messaging app Snapchat has explored plans to skirt Apple’s new privacy rules and continue tracking users, making use of banned device fingerprinting techniques rather than the IDFA identification number.”
BBC: US blacklists seven Chinese supercomputer groups. “The US has blacklisted seven Chinese groups it accuses of building supercomputers to help its military. It is the first move by the Biden administration to make it harder for China to obtain US technology On Thursday, three companies and four branches of China’s National Supercomputing Center were added to the US blacklist.”
CNN: 500 million LinkedIn users’ data is for sale on a hacker site. “Information scraped from around 500 million LinkedIn user profiles is part of a database posted for sale on a website popular with hackers, the company confirmed Thursday. The sale of the data was first reported on Tuesday by cybersecurity news and research site CyberNews, which said that an archive including user IDs, names, email addresses, phone numbers, genders, professional titles and links to other social media profiles was being auctioned off on the forum for a four-figure sum.”
NIKKEI Asia: Myanmar junta targets 100 celebrities active on social media. “Myanmar’s junta has placed at least 100 celebrities on its wanted list for allegedly inciting protests against its seizure of power, taking aim at those with big social media followings. Since Friday, the nightly news on state television has named 20 prominent figures accused of violating the law. The list is later reprinted the next day in a government-controlled newspaper. The list swelled to 100 on Tuesday night.”
Seattle Times: Sale of National Archives in Seattle halted by Biden administration. “The impending sale of the National Archives at Seattle has been stopped by the Biden administration. On Thursday, the Office of Management and Budget, which administers the federal budget and had approved the sale of the 10-acre Sand Point facility during the Trump administration, reversed course.”
TechRepublic: Money laundering is a real issue in tech: Here’s what is being done to stop it. “Money laundering and technology go hand in hand, sadly, and I discussed the topic with industry experts Gudmundur Kristjansson, founder and CEO at Lucinity, an artificial intelligence-based anti-money-laundering solutions provider, and and Zac Cohen, COO at Trulioo, an online identity verification service.”
Politico: Letter: Top federal watchdog probing State Department following hacks. “The Government Accountability Office is conducting a wide-ranging probe into the department’s cybersecurity practices following several hacks on the department’s email system over the last decade, according to the documents and people familiar with the matter. Just last week, POLITICO revealed that suspected Russian hackers stole thousands of emails from the department in recent months.”
The Daily Beast: Elite University Track Coach Stole Athletes’ Nudes Then Extorted Them: DOJ. “A track coach who left Northeastern after a sexual harassment investigation and was then hired by another university is facing several charges after allegedly duping female athletes to send him nude photographs in an elaborate social media scheme—and cyberstalking at least one of them.”
The Local: Austria privacy group files complaint against Google. “An Austrian online privacy campaign group said Wednesday it has a filed a complaint against Google over what it says is a tracking code ‘illegally’ installed on Android phones. The complaint from NOYB relates to Google’s Android Advertising Identifier (AAID) and has been lodged with the CNIL, France’s data protection authority.”
From the Congressional Research Service, and in PDF form: Facebook’s Acquisition of GIPHY: Potential Competition Issues. “Facebook is now facing antitrust lawsuits, some of which focus on its past acquisitions. This Insight discusses how Facebook’s acquisitions can affect competition in digital advertising and the potential implications of the antitrust lawsuits on Facebook’s acquisition of GIPHY.”
Cycling News: Bikmo launches bike theft tracking tool as 74,000 bikes reported stolen in 2020. “Bikmo has today launched an interactive bike theft tracking heatmap, combining police data and population data to find the best and worst areas for bike theft in England and Wales in 2020. The aggregated data confirms that 74,573 bikes were reported stolen across the two countries, down from 83,536 in 2019.”
SC Magazine: Hackers rush to new doc builder that uses Macro-exploit, posing as DocuSign. “Researchers at Intel471 have identified a new malicious document builder that has gone from a new, relatively unknown exploit to being incorporated into the attack chains of top cybercriminal groups in less than a year. The builder, dubbed EtterSilent, comes in two flavors: one version exploits an old remote code execution vulnerability in Microsoft Office and another uses a Macro-based exploit and is designed to look like DocuSign, a popular software program that allows individuals or businesses to electronically sign documents.”
