Show of hands: who remembers SecuROM? Alright, put your hands down, we can't see each other anyway. So, SecuROM was a really bad DRM used by several publishers to "protect" video games, by which I mean it mostly just annoyed legitimate buyers, got some of those publishers sued, and ultimately made the game unplayable on modern operating systems. The track record is enough to make you wonder why anyone would use DRM at all after this whole debacle.

But... it's still happening. Back in 2010, Disney released the game Tron: Evolution. The game was laced with SecuROM and suffered many of the same problems as previously described. As an example of how you don't really own what you buy anymore, the game simply bricked when Disney decided not to renew its SaaS subscription for SecuROM software.

Murder, torture, child abuse: each day we see things that keep us awake at night. Yet Mark Zuckerberg calls us ‘overdramatic’

It’s been a devastating few weeks for Android users. There have been warnings over dozens of apps capable of generating money for criminals behind your back using adware, and an app that could reinstall itself whenever users tried to delete the harmful programme from their handset – Android users don't have to install anything to be vulnerable. And then there was StrandHogg – a flaw the allows hackers to create a fake login page pretending to be a legitimate banking app on your handset, siphoning off your bank login details.

Worse still, StrandHogg will still direct users to the legitimate app once they’ve inputted their details. So, from your perceptive, all you’ve done is log into your banking app – unaware that hackers have just been handed over all the details they need to do the same.

Cybersecurity researchers have spotted a new variant of the Snatch ransomware that first reboots infected Windows computers into Safe Mode and only then encrypts victims' files to avoid antivirus detection.

Unlike traditional malware, the new Snatch ransomware chooses to run in Safe Mode because in the diagnostic mode Windows operating system starts with a minimal set of drivers and services without loading most of the third-party startup programs, including antivirus software.

Snatch has been active since at least the summer of 2018, but SophosLabs researchers spotted the Safe Mode enhancement to this ransomware strain only in recent cyber attacks against various entities they investigated.

By Aaron Kesel

The Department of Homeland Security’s Customs and Border Protection (CBP) branch has reversed a previous proposed plan to require all U.S. citizens to participate in its facial recognition entry/exit programs after backlash, Nextgov reported.

Earlier this week Reuters reported that the Trump administration intends to propose a regulation next year that would require all travelers – including U.S. citizens – to be photographed when entering or leaving the United States.

Since CBP’s facial recognition program started in September 2018, U.S. citizens and green card holders have technically been exempt from participating, although passengers have to actively opt out...

Earlier this week, security reporter Brian Krebs published a story explaining that Apple's latest iPhones (iPhone 11 and iPhone 11 Pro) periodically check the user's location even if the user disables location services individually for each and every app and service in the iPhone's Settings app.

Further Reading
iPhone 11 Pro and 11 Pro Max review: High quality for high prices
While this behavior ended when the user disabled location services system-wide, it was a bit of a head-scratcher. What was the iPhone doing and why? Was it sending this information to Apple? Why couldn't users find information on what was happening? Krebs had notified Apple of the issue as a potential security problem back in mid November, but the company responded this week stating:

By B.N. Frank

In August the Chicago Tribune published a report that 11 smartphone models exceeded federal RF safety levels. This led to FeganScott law firm starting a class action lawsuit against Apple and Samsung. Consumers claim they were not adequately warned about radiation exposure risks from these devices. Thanks to FeganScott for providing updates about their progress...

A cyberthreat actor has created a web site that promotes a fake VPN program that installs the Vidar and CryptBot password-stealing trojans. These trojans will then attempt to steal saved browser credentials and other information from a victim's computer.

While investigating a different malware infection, BleepingComputer stumbled upon a website promoting a VPN program called 'Inter VPN' that claims to be the "fastest VPN". It then shows an image of the VPN client, which is actually an image of the legitimate VPN Pro software.

Watching more than two hours of screens a day may harm the structural integrity of white matter in preschoolers' brains, with implications for language and literacy skills. Children under 2 years shouldn't use screens, but even those 2 and over may face lifelong consequences of too much screen time during childhood

You may want to think twice before gifting your child a new tablet or cellphone this holiday season, as increasing research suggests screen time may cause more harm than good.

More than 14,000 premium models were stolen between January and October this year, according to an analysis of insurance claims by Direct Line.

That is more than double the amount over the same period in 2015 and means a luxury vehicle is stolen once every 38 minutes on Britain's roads.

Police and insurance firms believe the rise is partly because modern keyless cars provide easy pickings for thieves.

Linux users can now stream shows and movies from the Disney+ streaming service after Disney lowering the level of their DRM requirements.

If your Firefox or Chrome browser has any of the below-listed four extensions offered by Avast and its subsidiary AVG installed, you should disable or remove them as soon as possible.

Librem 5 Features

Purism, the maker of a line of built-for-Linux laptops, is now shipping a built-for-Linux smartphone. The company announced this week that the Librem 5 smartphone is now shipping to early backers of the crowdsourced, $699 smartphone project.

The Librem 5 is unlike anything else on the market. Not only is it one of the only smartphones on Earth that doesn't ship with Android, a fork of Android, or iOS—Purism's commitment to 100% open software, with no binary blobs, puts severe restrictions on what hardware it can use. Android's core might be open source, but it was always built for wide adoption above all else, with provisions for manufacturers to include as much proprietary code as they want. Purism's demand that everything be open means most of the major component manufacturers were out of the question.

Facebook quietly rolled out a chatbot to help employees tackle questions that family and friends may ask about its disastrous reputation over the holidays.

The tool, called ‘Liam Bot’, navigates employees through tough and uncomfortable questions about Facebook’s many controversies using a series of points.

The answers are said to have been written by Facebook’s public relationship team and lineup with the executive team’s statements on such things as free speech, election meddling and more.

Almost 700 students at the University of Ghent had their mobile phone use tracked and compared to their test scores.

Researchers found that intense phone use well above the norm — around five times in an hour-long lecture — causes a five per cent drop in exam scores compared to someone who shuns their device.

Anything more significant than using the device to check the time was taken into consideration, including using social media, using the internet or playing games.

The drop-off in exam scores is also linked with a higher chance of failing.

Phone-obsessed students were eight per cent more likely to flunk, sporting a 60.6 per cent pass rate, compared to the 68.9 per cent pass rate for those capable of leaving their handset face down.

A security researcher found that Apple's latest smartphone periodically seeks the user's location even when all applications and system services are set to never request.

The Cupertino company, however, is aware the handset collects location data and said it is 'expected behavior'.

The discovery was made by Brian Krebs of KrebsonSecuirty, a source that conducts in-depth investigations into security issues, who found the issue occurs with the iPhone 11 Pro running on Apple iOS 13.2.3.

Germany's largest retailer sees AMD domination with 82% market share, Intel losing big time

A vulnerability in millions of fully patched Android phones is being actively exploited by malware that's designed to drain the bank accounts of infected users, researchers said on Monday.

The vulnerability allows malicious apps to masquerade as legitimate apps that targets have already installed and come to trust, researchers from security firm Promon reported in a post. Running under the guise of trusted apps already installed, the malicious apps can then request permissions to carry out sensitive tasks, such as recording audio or video, taking photos, reading text messages or phishing login credentials. Targets who click yes to the request are then compromised.

Researchers with Lookout, a mobile security provider and a Promon partner, reported last week that they found 36 apps exploiting the spoofing vulnerability.

Once you realize most things you search for online are boring and obvious, you realize you don't really need Google in your life.

Mozilla Observatory, an online site-scanning service operated by the nonprofit company behind the Firefox web browser, rates Giuliani Security & Safety’s website an “F” for basic connection security, with a score of 0 out of 100. In a suite of 11 tests, the Giuliani Security & Safety site passes just 3, according to Mozilla.

Amazon-owned home surveillance company Ring gave law enforcement a heat map that let police see all devices installed in an area, allowing them to view users down to the street level, according to a new report from CNET.

While the feature was removed in July, law enforcement could reportedly use the function to search for the concentration of cameras in a neighborhood, and even see circles drawn around individual user locations. The documents that revealed the feature were obtained by a privacy researcher and shared with the publication.

According to reports, the Jeff Bezos empire has formed a partnership with law enforcement that involves Amazon handing over facial recognition data from people’s Ring doorbell systems, which are equipped with tiny cameras and wi-fi systems that relay everything they “see” back to Amazon, which then sends it to local police departments.

While these extensions certainly appear useful, security researcher Wladimir Palant reported that these extensions are sending a large amount of tracking data about a user's browsing habits to https://uib.ff.avast.com/v5/urlinfo.

This data includes the URL visited, page title, the referer, your OS version, a unique user identifier, your country code, whether you previously visited the page, and other information. With the large amount of info being sent, Palant is concerned that the security companies could use this information to reconstruct a user's browsing history.

A "major" security weakness in Google's Android software has let cyber-thieves craft apps that can steal banking logins, a security firm has found.

The bug lets attackers create fake login screens that can be inserted into legitimate apps to harvest data.

More than 60 financial institutions have been targeted by the technique, a survey of the Play store indicated.

Google said it had taken action to close the loophole and was keen to find out more about its origins.

For many people, watching television is a beloved pastime — but could your smart TV be watching you in return?

As discount smart TVs fly off the shelves in Cyber Monday sales, the FBI has issued a warning that the internet-connected devices can allow hackers access to your home.

Connected televisions with cameras and microphones can provide an opening for bad actors to spy on you and violate your privacy, they warned.

By Jamie Redman

On November 26, a new Silk Road video was published that reveals underreported and never-before-seen information. The film called the Silk Road Case: The Real, Untold Story contains over 400 references to direct evidence from a wide range of sources. The organization Freeross.org published the video on YouTube and called it “the most comprehensive, researched narrative about Silk Road and Ross Ulbricht’s case.”...

By B.N. Frank

Most disruption predicted in San Jose, Seattle, Salt Lake City, Boulder, Detroit, Huntsville, Louisville, and more…

82% of Americans think Artificial Intelligence (AI) is more harmful than helpful. Reports indicate there are many good reasons for this and it’s not just about massive job loss.

Proponents insist we’ll all be okay though – we just need UBI (Universal Basic Income). $1000/month might be okay for some, but not everyone could live off that. For those who manage to keep their jobs – they’ll still be more “exposed” to AI. They also may be forced to “merge” with it...

Monday afternoon, RIPE—Réseaux IP Européens—or the regional Internet Registry for Europe, the Middle East, and parts of Central Asia—announced that it's out of IPv4 addresses.

What this means is that the organization has handed out its last available /22 (1,022 address) netblock. If you need European public IP addresses of your very own, you must get on a waiting list and hope for some other company to die on the vine and relinquish its address space when it does.

There are some caveats to RIPE's used-IPv4-address car lot, though. To get on the waiting list, you must never have received any subnet from RIPE in the past... and you may only receive a single /24 subnet. That gets you 256 total IPv4 addresses, three of which are used just to set the whole thing up (network, broadcast, and gateway).

By John Vibes

Ring, the home security system developed by Amazon, is planning to build a database of neighborhood watchlists using facial recognition technology.

Documents obtained by the Intercept revealed that the company is working with law enforcement on a system that will identify people who are considered “suspicious,” and let Ring owners know when these individuals are near their home, using the facial recognition software built into the security system’s cameras.

The software will also give the Ring owner the ability to notify police or call in the suspicious activity on their own...

Fingerprinters are a tracking method that allows a company to track you based on characteristics of your computer rather than through tracking cookies.

It does this by building a profile of your device based on its characteristics such as the screen resolution, the browser you use, timezone, language, installed extensions, the installed fonts, and your operating system.

All of this information is compiled into a unique fingerprint that can be used to track you through the different sites you visit on the Internet.

Starting with Firefox 72, the browser will automatically block Fingerprinters on any sites that you visit through its Enhanced Tracking Protection feature.

By B.N. Frank

“Smart Cities” are great for those who collect, analyze and sell residents’ and visitors’ data. Everyone else seems to be getting a bum deal though.

According to a 2018 Smart Cities Dive article, 66% of Americans don’t want to live in “Smart Cities” because of privacy and cybersecurity concerns. No matter, here they come...

Facebook and Google, according to the report, deserve to be singled out of the so-called Big 5 for their outsize influence on internet users.

With Facebook controlling not only its eponymous social media platform but also WhatsApp, Messenger, and Instagram, and Google parent company Alphabet in control of YouTube and the Android mobile operating system as well as the search engine, the companies "control the primary channels that people rely on to engage with the internet."

In fact, the report continues, the two companies control "an architecture of surveillance that has no basis for comparison in human history."

Just like its predecessors, 5G networks are reliant on a constant supply of power. However, unlike its predecessors, 5G is anticipated to play a much more important role in our daily lives. Therefore, there is a genuine risk that in the near future blackouts or power shortages could disrupt 5G networks and have perilous consequences for society at large.

In the event of a 5G network failure, the entire ecosystem of countless connected devices could collapse. Autonomous vehicles, drones and other driverless types of technology would come to a standstill, people could be locked out of their smart homes, municipal infrastructure could stop working, and some critical service providers would take a hit too. In other words, large segments of the society and the economy could come to a screeching halt – not a far cry from your favorite sci-fi apocalypse movie.

By B.N. Frank

Amazon Ring doorbells are very popular right now for homeowners and their neighborhood police departments. However, Internet of Things (IoT) technology has a 74% failure rate, which explains why security experts are constantly issuing warnings about it.

Unfortunately, none of this has stopped individuals, business, scientists, and others from wanting to use IoT for surveillance, automated vehicles, and more...

By Alanna Ketler

I hope you are sitting down for this lengthy and worrying list of how "others" can access your smartphone...

'This is the first time I've seen all these social media profiles collected and merged with user profile information into a single database on this scale,' Troia told Wired.

'From the perspective of an attacker, if the goal is to impersonate people or hijack their accounts, you have names, phone numbers, and associated account URLs.'

He and Diachenko stumbled upon four billion accounts, which belonged to the 1.2 billion individuals, spanning more than four terabytes of data, but were unable to locate the culprit behind the leak -the server could only be traced back to Google Cloud Services.

There was also no way to know if the data had been downloaded or found by anyone else prior to his discovery, Troia noted in a blog post.