2022-06-08
At Black Hat in 2018, I had very sharp words with a guy whose job is to coordinate vulnerability disclosures for a big company, about this very issue. He told me that he trusted his (CN) vulnerability reporters implicitly. That dude was and is hopelessly naive. Magical thinking. https://twitter.com/...
BleepingComputer
In a joint cybersecurity advisory, the NSA, CISA, and the FBI reveal China-backed hackers exploited publicly known vulnerabilities to snoop on network traffic
Several US federal agencies today revealed that Chinese-backed threat actors have targeted and compromised major telecommunications companies … Source: National Security … .
2022-01-13
If I was openly hostile to you about your end of the year playlist posts, this is why. Spotify is profiting massively from keeping hosts on their platform who, they are fully aware, spout dangerous, unscientific nonsense disinformation to a massive audience. https://twitter.com/...
Tech Policy Press
Over 260 health professionals call on Spotify to create a misinformation policy, after a discredited scientist spread COVID-19 misinfo on Joe Rogan's podcast
More than 260 doctors, nurses, scientists, health professionals and others have signed an open letter calling … Source: An Open Letter to Spotify .
2021-06-04
Unlike the tech industry, tech journalists don't typically have equity in their company, so while this made the publisher and some people very rich, the journos upon whose work the value of these brands is dependent probably didn't get squat out of this deal. https://t.co/Ge5MNT6X8C
TechCrunch
IDG, owner of PCWorld, Macworld, and IDC, to be acquired by Blackstone for $1.3B
Ron Miller / TechCrunch : Tweets: @chrisbrandrick , @threatresearch , and @jsnell See also Mediagazer Tweets: @chrisbrandrick : This serves as a good reminder for me to actually g...
2021-03-10
Astonishing to me that, in this day and age, anyone trusts a cloud-based video capture solution. Any of them. If you want to keep your pervasive panopticon CCTV recordings secret, keep it on-prem and lock that server down. That said, holy moly, this is bad. https://twitter.com/...
Bloomberg
Hackers say they breached Verkada, accessing feeds and archives of 150K surveillance cameras inside clinics, police precincts, jails, schools, Tesla facilities
- Hacker group says it wanted to show prevalence of surveillance — Video footage was captured from Sequoia-backed startup Verkada
2020-04-10
We published two previous articles about fleeceware propagating in the Google Play Store, and this morning we've published our findings about apps pulling the same stunt in Apple's App Store. Would you pay $30 a week (!) for an app? Didn't think so. https://news.sophos.com/...
ZDNet
Sophos: more than 30 “fleeceware” apps on the App Store, including some of the highest-grossing ones, are abusing free trial mechanics to charge obscene fees
Catalin Cimpanu / ZDNet :
2018-02-21
Just like SLAPP lawsuits, these are designed to punish people expressing security concerns, more than anything. I'd like to see the anti-SLAPP laws that exist amended to cover this type of abusive, punitive practice. http://twitter.com/...
ZDNet
Security researchers and reporters hesitate to report vulnerabilities fearing defamation lawsuits and other legal action
Zack Whittaker / ZDNet :