Recent Posts

WhatsApp Delays Controversial ‘Data-Sharing’ Privacy Policy Update By 3 Months

WhatsApp said on Friday that it wouldn’t enforce its recently announced controversial data sharing policy update until May 15.
Originally set to go into effect next month on February 8, the three-month delay comes following “a lot of misinformation” about a revision to its privacy policy that allows WhatsApp to share data with Facebook, sparking widespread concerns about the exact kind ofWhatsApp said on Friday that it wouldn’t enforce its recently announced controversial data sharing policy update until May 15.
Originally set to go into effect next month on February 8, the three-month delay comes following “a lot of misinformation” about a revision to its privacy policy that allows WhatsApp to share data with Facebook, sparking widespread concerns about the exact kind ofRead More

NSA Suggests Enterprises Use ‘Designated’ DNS-over-HTTPS’ Resolvers

The U.S. National Security Agency (NSA) on Friday said DNS over HTTPS (DoH) — if configured appropriately in enterprise environments — can help prevent “numerous” initial access, command-and-control, and exfiltration techniques used by threat actors.
“DNS over Hypertext Transfer Protocol over Transport Layer Security (HTTPS), often referred to as DNS over HTTPS (DoH), encrypts DNS requests byThe U.S. National Security Agency (NSA) on Friday said DNS over HTTPS (DoH) — if configured appropriately in enterprise environments — can help prevent “numerous” initial access, command-and-control, and exfiltration techniques used by threat actors.
“DNS over Hypertext Transfer Protocol over Transport Layer Security (HTTPS), often referred to as DNS over HTTPS (DoH), encrypts DNS requests byRead More

Joker’s Stash, The Largest Carding Marketplace, Announces Shutdown

Joker’s Stash, the largest dark web marketplace notorious for selling compromised payment card data, has announced plans to shut down its operations on February 15, 2021.
In a message board post on a Russian-language underground cybercrime forum, the operator of the site — who goes by the name “JokerStash” — said “it’s time for us to leave forever” and that “we will never ever open again,”Joker’s Stash, the largest dark web marketplace notorious for selling compromised payment card data, has announced plans to shut down its operations on February 15, 2021.
In a message board post on a Russian-language underground cybercrime forum, the operator of the site — who goes by the name “JokerStash” — said “it’s time for us to leave forever” and that “we will never ever open again,”Read More

Tractors, Pod Ice Cream and Lipstick Awarded CES 2021 Worst in Show

Expert panel awards dubious honors to 2021 Consumer Electronics Show’s biggest flops, including security and privacy failures.Expert panel awards dubious honors to 2021 Consumer Electronics Show’s biggest flops, including security and privacy failures.Read More

Friday Squid Blogging: China Launches Six New Squid Jigging Vessels

From Pingtan Marine Enterprise:

The 6 large-scale squid jigging vessels are normally operating vessels that returned to China earlier this year from the waters of Southwest Atlantic Ocean for maintenance and repair. These vessels left the port of Mawei on December 17, 2020 and are sailing to the fishing grounds in the international waters of the Southeast Pacific Ocean for operation.

I wonder if the company will include this blog post in its PR roundup.

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Read my blog posting guidelines here.

From Pingtan Marine Enterprise:
The 6 large-scale squid jigging vessels are normally operating vessels that returned to China earlier this year from the waters of Southwest Atlantic Ocean for maintenance and repair. These vessels left the port of Mawei on December 17, 2020 and are sailing to the fishing grounds in the international waters of the Southeast Pacific Ocean for operation.
I wonder if the company will include this blog post in its PR roundup.
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered…Read More

Microsoft Implements Windows Zerologon Flaw ‘Enforcement Mode’

Starting Feb. 9, Microsoft will enable Domain Controller “enforcement mode” by default to address CVE-2020-1472.Starting Feb. 9, Microsoft will enable Domain Controller “enforcement mode” by default to address CVE-2020-1472.Read More

NSA Appoints Rob Joyce as Cyber Director

Joyce has long worked in US cybersecurity leadership, most recently serving as the NSA’s top representative in the UK.Joyce has long worked in US cybersecurity leadership, most recently serving as the NSA’s top representative in the UK.Read More