Bleeping Computer: Microsoft shares workaround for Windows 10 SeriousSAM vulnerability

Bleeping Computer: Microsoft shares workaround for Windows 10 SeriousSAM vulnerability. “Microsoft has shared a workaround for a Windows 10 zero-day vulnerability (dubbed SeriousSAM) that can let attackers gain admin rights on vulnerable systems and execute arbitrary code with SYSTEM privileges. As BleepingComputer previously reported, a local elevation of privilege bug found in recently released Windows versions allows users with low privileges to access sensitive Registry database files.”

China: Taobao, Weibo fined for illegal child content (BBC)

BBC: China: Taobao, Weibo fined for illegal child content. “China’s internet watchdog has ordered some of the country’s biggest online platforms to remove inappropriate child-related content. Kuaishou, Tencent’s messaging tool QQ, Alibaba’s Taobao and Weibo have been summoned by the Cyberspace Administration of China (CAC). CAC says the platforms must ‘rectify’ and ‘clean up’ all illegal content and has fined them.”

Motherboard: Amazon Shuts Down NSO Group Infrastructure

Motherboard: Amazon Shuts Down NSO Group Infrastructure. “Amazon Web Services (AWS) has shut down infrastructure and accounts linked to Israeli surveillance vendor NSO Group, Amazon said in a statement. The move comes as a group of media outlets and activist organizations published new research into NSO’s malware and phone numbers potentially selected for targeting by NSO’s government clients.”

IANS: 4 mn phone numbers of Clubhouse users ‘up for sale’ on Dark Web

IANS: 4 mn phone numbers of Clubhouse users ‘up for sale’ on Dark Web. “‘A database of 3.8 billion phone numbers of #Clubhouse users is up for sale on the #Darknet,’ leading cybersecurity expert Jiten Jain wrote on Twitter. ‘It also contains numbers of people in user’s phonebooks that were synced. So chances are high that you are listed even if you haven’t had a Clubhouse login,’ Jain added.”

CNN: Software company’s unveiling of decryption key comes too late for many victims of devastating ransomware attack

CNN: Software company’s unveiling of decryption key comes too late for many victims of devastating ransomware attack. “On Thursday, the software company Kaseya announced that it could help unlock any of its customers’ systems that were still inaccessible following a devastating ransomware attack early this month that took down as many as 1,500 businesses worldwide. But for many victims it was too little, too late.”

Rebuild Local News: Rebuild Local News coalition backs Senate bill to preserve community journalism

Rebuild Local News: Rebuild Local News coalition backs Senate bill to preserve community journalism. “The bill — jointly introduced by the chair of the Senate Commerce Committee, Sen. Maria Cantwell (D-WA), Sen. Ron. Wyden (D-OR), the chair of the Senate Finance Committee, and Sen. Mark Kelly (D-AZ) — seeks to provide a pathway to financial viability for local news in newspapers, in digital only publications, and on television and radio stations through a series of tax credits. The legislation mirrors a similar bill introduced in the House by Reps. Ann Kirkpatrick (D-AZ) and Dan Newhouse (R-WA), which has strong bipartisan support.”

Officials: Hacker stole identities of multiple victims killed in Surfside condo collapse (Local 10)

Local 10: Officials: Hacker stole identities of multiple victims killed in Surfside condo collapse. “Disturbing reports are emerging of a hacker taking advantage of those who were killed in the partial collapse of the Champlain Towers South condominium building in Surfside. Officials said the criminal is seeing the victims’ names in the news and then stealing their identities.”

CNN: TikTok, Biden administration agree to drop litigation over Trump-era app store ban

CNN: TikTok, Biden administration agree to drop litigation over Trump-era app store ban. “TikTok and the US government agreed on Wednesday to drop a lawsuit challenging the Trump administration’s attempt to ban the short-form video app from US app stores. In a filing in the US District Court for the District of Columbia, the two sides said they had mutually agreed the suit should be dismissed.”

Washington Post: Your contact list is spilling over to the Internet. Here’s how to make it stop.

Washington Post: Your contact list is spilling over to the Internet. Here’s how to make it stop.. “The names and contact information that used to stay safe in analog address books now float around the data economy, bouncing from smartphones to app-makers to third-party data collectors. That means apps get the names and phone numbers of everyone in your contacts — from your best friend to the stranger who might have rear-ended you at a stoplight. And companies might sell that information, too.”

Gizmodo: 25 States Are Forcing Face Recognition on People Filing for Unemployment

Gizmodo: 25 States Are Forcing Face Recognition on People Filing for Unemployment. “We acclimatize to dangerous tech creep in a series of f*ck-it moments until the point at which we realize a foreseeably bad network is so pervasive, we reluctantly adopt it and move on. There was a time when social media, Amazon shopping, and home surveillance seemed optional—until they weren’t. Now in many states, you’ll have to surrender a faceprint to a private face recognition program in order to access basic government services like unemployment insurance. We’ve been here before.” Asterisk by me because I like these newsletters having some chance of getting through corporate filters.