Recent Security News

with @djhardb, @infosecirvin, @KaitlynGuru, and @sambowne

July 3, 2020

A discussion with Elizabeth Biddlecome, Irvin Lemus, Kaitlyn Handelman, and Sam Bowne.

Irvin Lemus @infosecirvin

Why don’t /e/ smartphones ship (yet) to the USA?

DuckDuckGo CEO clarifies favicon script use, seeks to dispel privacy worries
Domains visited get leaked to DDG servers #527

Europe Introduces 13 New IoT Cybersecurity Provisions

Kaitlyn Handelman @KaitlynGuru

FDEU-CVE-2019-10222: Telia backdoor

Windows Telemetry service elevation of privilege

Technical Advisory – macOS Installer Local Root Privilege Escalation (CVE-2020-9817)

Sam Bowne @sambowne



Coronavirus: Fauci warns of 100,000 US cases per day, 'Herd immunity unlikely'

Government Response

Trump, in a hole, digs deeper into racial incitement
Here are the QAnon supporters running for Congress in 2020
FDA Covid Vaccine Guidance Throws Cold Water on Trump 2020 Goal
I am a paramedic working for NHS test and trace but I've yet to make a single call
A group of partygoers ignored contact tracing. This New York county responded with subpoenas.
Chicago’s 14-day quarantine order applies to travelers from these 15 states

Social Changes

As young people drive infection spikes, college faculty members fight for the right to teach remotely
Santa Clara County meeting that exposed 40 principals to coronavirus raises red flags
Muni expects to lose the majority of its bus lines permanently as financial devastation mounts
New cases correlated with in-restaurant credit card use
Texas Lt. Gov. Dan Patrick slams Dr. Fauci: 'I don’t need his advice anymore'
Ohio ice cream shop asks customers to stop yelling at teenage employees for wearing masks


Why are COVID cases increasing while deaths are decreasing? Simpson's paradox

Playing Around With The Fuchsia Operating System

Hacker ransoms 23k MongoDB databases and threatens to contact GDPR authorities

Elizabeth Biddlecome @djhardb

AWS Facial Recognition Platform Misidentified Over 100 Politicians As Criminals
Amazon face recognition falsely matches 105 US and UK politicians with police mugshots, but can you trust accuracy claims?

University of California San Francisco pays ransomware gang $1.14m as BBC publishes 'dark web negotiations'
Update on IT Security Incident at UCSF
How hackers extorted $1.14m from University of California, San Francisco

You wait ages for a mid-air collision spoofing attack and along come two at once: More boffins take a crack at hoodwinking TCAS
On the Feasibility of Exploiting Traffic Collision Avoidance System Vulnerabilities