Washington Post: We tested apps for children. Half failed to protect their data. . “When parents download a learning or gaming app from the ‘Designed for Families’ section of the Google Play store, they likely assume that those apps keep their kids’ data safe. After all, the Children’s Online Privacy Protection Act (COPPA) prohibits website operators and app developers from tracking or collecting personal data from children under the age of 13. Yet that assumption could be wrong.”
Cyberscoop: New tool can help prevent government-mandated backdoors in software, Swiss researchers say. “A new framework from a lab in Switzerland could help prevent malware like Petya from spreading, but would also make it difficult — if not impossible — for governments to force software companies to deliver backdoored software updates in secret.”
TechCrunch: Microsoft launches Windows Bounty program, offering awards up to $250,000. “Microsoft has been running a bounty program for a few years now, launching it just ahead of the release of Windows 8.1 back in mid-2013. At the time, the company was awarding up to $50,000 for exploits, in an attempt to help address any potential security issues before they could become a larger public concern. It’s a tact taken by a number of tech’s biggest names, like Google, Facebook and, more recently, Apple. The software giant’s expanding things a bit today, with the simply named ‘Windows Bounty Program.'” I think they mean “tack” as in sailing, and not “tact”, but I’m not sure. Maybe “tactic”?
DarkReading: Voter Registration Data from 9 States Available for Sale on Dark Web. “Threat intelligence company LookingGlass Cyber Solutions says it has discovered over 40 million voter records from nine different states being traded in an underground forum for stolen credit card data and login credentials. The voter records being offered for sale include the voter’s full first, last and middle name, voter ID, birthdate, voter status, party affiliation, residential address and other details.”
Wordfence: If You Use This Script, You’ve Probably Already Been Hacked . “Several years ago, web publishing company Interconnect/IT released a handy tool for finding and replacing text in a website’s database. This tool, a stand-alone file published as searchreplacedb2.php, includes built-in WordPress compatibility that makes working with WordPress databases a breeze. Unfortunately, it doesn’t include any authentication or security measures, which makes infecting WordPress databases equally easy.”
BetaNews: Kaspersky launches free antivirus tool — Kaspersky Free!. “Kaspersky has been in the news quite a lot recently, primarily because of US concerns over links to the Russian government. The security company also hit the headlines when it filed an antitrust case against Microsoft because Windows 10 disabled Kaspersky antivirus software. But now there’s a new reason to be in the news — and this time it’s a good one.”
Ghacks: Google app takes screenshot of your searches on Android. “The company saves the search history of Google users already, but has added a new feature to the Google application that captures screenshots of all user searches automatically. The idea behind the feature is to provide users with direct access to their searches on the local device. If you need to recheck something, you can open the recent listing instead of having to run the search again.”