Pete Recommends – Weekly highlights on cyber security issues, November 9, 2024

Subject: She Tried to Opt Out of Election Texts, Got a ‘Text-Pocalypse’
Source: Newser
https://www.newser.com/story/358797/she-tried-to-opt-out-of-election-texts-got-a-text-pocalypse.html

WSJ columnist replied ‘Stop’ to the political texts on her phone, but the messages kept coming
Joanna Stern figured that, to stop all the political text messages she’s been getting lately as Election 2024 heads into its final days, she simply had to reply “Stop” to those texts, as is standard protocol. But “in the game of political texts, ‘Stop’ apparently means ‘Go! Go! Go!,'” Stern writes for the Wall Street Journal, detailing how she was inundated with dozens of additional texts after she tried to opt out of getting them. A political texting expert tells her that “unscrupulous texting vendors” have flipped the script on things, “perversely” using your request to stop the messages “as a data point, that ‘Oh, we found a live number!'” And so that left Stern on her own to figure out how to get out from under the “text-pocalypse” that descended upon her—which she finally did, after some effort.[WSJ article is paywalled; you may read it unpaywalled here https://archive.ph/CX9CL

Since the text-pocalypse hit my iPhone, I’ve been digging into what happened, and how to filter out the SMS spam. Here’s what I suggest in these final days of election-related text spam.

+ comments


Subject: Apple must ensure iPad OS complies with obligations under the Digital Markets Act
Source: EU Commission Mastodon
https://newsie.social/@[email protected]/113424392981805500

Apple must ensure iPadOS complies with obligations under the Digital Markets Act.

This means Apple must:

  • Allow users to set their default web browser
    Permit alternative app stores
    Ensure accessory devices like headphones and smart pens can access iPadOS features

We will now assess whether these measures effectively meet the #DMA obligations, taking also into consideration the input of interested stakeholders.

More info: europa.eu/!QNc6Fx


Subject: Using Google Authenticator? Read this
Source: Proton via Mastodon
https://newsie.social/@[email protected]/113425343649814119

Using Google Authenticator? Read this. “It may collect data from at least eight different data categories, including your phone’s contact list, the photos and videos on your device, plus your phone number and physical address.” pcmag.com/reviews/google-authe


Subject: DocuSign’s Envelopes API abused to send realistic fake invoices
Source: BleepingComputer
https://www.bleepingcomputer.com/news/security/docusigns-envelopes-api-abused-to-send-realistic-fake-invoices/

DocuSign’s Envelopes API abused to send realistic fake invoices. Threat actors are abusing DocuSign’s Envelopes API to create and mass-distribute fake invoices that appear genuine, impersonating well-known brands like Norton and PayPal.

Using a legitimate service, the attackers bypass email security protections as they come from an actual DocuSign domain, docusign.net. The goal is to have their targets e-sign the documents, which they can then use to authorize payments independently from the company’s billing departments.

Filed: https://www.bleepingcomputer.com/news/security/


Subject: Google Asked to Remove 10 Billion “Pirate” Search Results
Source: TorrentFreak
https://www.bespacific.com/google-asked-to-remove-10-billion-pirate-search-results/

TorrentFreak – “Rightsholders have asked Google to remove more than 10 billion ‘copyright infringing’ URLs from its search results. The search engine doesn’t celebrate the milestone in any way, but the takedown notices document intriguing shifts in volume over time, as well as shifting takedown interests. While search engines are extremely helpful for the average Internet user, copyright holders have also seen a massive downside. In addition to trillions of legitimate pages, there’s a steady supply of pirate sites.  …… however, U.S. law provided a solution; DMCA notices. In the hope of steering prospective pirates away from pirate sites, copyright holders began sending DMCA takedown requests to Google. These notices flag pirate links, which Google then removes from its search index. From Hundreds to 10 Billion.



Abstracted from beSpacific
Copyright © 2024 beSpacific, All rights reserved.


Subject: Turning On “Do Not Track” Is Practically Useless
Source: MakeUseOf
https://www.bespacific.com/turning-on-do-not-track-is-practically-useless/MakeUseOf

“If you want to prevent companies from tracking what you do online, you may be tempted to turn on your browser’s “Do Not Track” option. However, while enabling it doesn’t exactly do any harm, it doesn’t do much good either. So, here’s what I do to stop websites from tracking me instead of relying on Do Not Track…”

Abstracted from beSpacific
Copyright © 2024 beSpacific, All rights reserved.

Posted in: Cybercrime, Cybersecurity, Legal Research, Search Engines