Tuesday, August 3, 2021

France Cracked Down on Google’s Ad Tech. What’s Next?

The French Competition Agency has hit the company with $855 million in fines this year. The money is meaningless—but the changes could be profound.

Hospitals Still Use Pneumatic Tubes—and They Can Be Hacked

The tech may seem antiquated, but it poses very modern cybersecurity problems.

A Guide to RCS, and Why It Makes Texting So Much Better

Google is pushing the new standard for Android devices, which promises better security and cooler features than plain old SMS.

The Top 30 Cybersecurity Bugs Include Plenty of Usual Suspects

Plus: A sneaky iOS app, a wiper attack in Iran, and more of the week's top security news.

The Privacy Battle That Apple Isn’t Fighting

California has begun enforcing a browser-level privacy setting, but you still can’t find that option in Safari or iOS.

Phantom Warships Are Courting Chaos in Conflict Zones

The latest weapons in the global information war are fake vessels behaving badly.

A Controversial Tool Calls Out Vulnerabilities Across the Web

PunkSpider is back, and crawling hundreds of millions of sites for vulnerabilities.

The Shapeshifting Cam Girl Rewriting the Rules of Porn

Face-morphing adult content creator Coconut Kitty is ushering in the unsettling future of the medium, one where nothing is as it seems.

Porn Showed Upon on Legit News Sites Thanks to Internet Rot

Plus: China's pipeline probing, a Chromebook debacle, and more of the week's top security news.

The Kaseya Ransomware Nightmare Is Almost Over

A decryption tool has emerged, meaning any victims whose systems remain locked up can soon breathe easy.

An Explosive Spyware Report Shows the Limits of iOS Security

Amnesty International sheds alarming light on an NSO Group surveillance tool—and the gaps in Apple and Google's defenses.

Venmo Gets More Private—but It's Still Not Fully Safe

Eliminating the global feed is a good step. But until the platform offers privacy by default, it remains a liability for many of its users.
Google

Linux Kernel Security Done Right

Posted by Kees Cook, Software Engineer, Google Open Source Security TeamTo borrow from an excellent analogy between the modern computer ecosystem and the US automotive industry of the 1960s, the Linux kernel runs well: when driving down the highway,...

Raccoon Stealer Bundles Malware, Propagates Via Google SEO

An update to the stealer-as-a-service platform hides in pirated software, pilfers crypto-coins and installs a software dropper for downloads of more malware.
SecurityWeek

SAP Customer Survey Reveals False Sense of Security

Many SAP customers have a false sense of security, according to a new report from risk management consultancy Turnkey Consulting and business-critical application security firm Onapsis. The SAP Security Survey Report 2021 is based on information from over 100 SAP...

BazarCaller – the malware gang that talks you into infecting yourself

Calling someone back feels safer than clicking an unknown link... but it isn't! Remind your friends and family.

‘DeadRinger’ Targeted Exchange Servers Long Before Discovery

Cyberespionage campaigns linked to China attacked telecoms via ProxyLogon bugs, stealing call records and maintaining persistence, as far back as 2017.