Amazon to cut 10,000 employees in tech and corporate roles
Amazon is planning to lay off 10,000 employees in technology and corporate roles beginning this week. The layoffs would be the largest in the company’s history and will impact Amazon’s devices organization, retail division, and human resources. The news follows Meta who laid off 11,000 employees last week and Twitter which laid off almost 50% of its workforce.
Privacy experts cautious about FIFA World Cup Apps
The FIFA World Cup in Qatar starts in just a few days and has been mired in controversy since the country won the hosting honor. Now privacy experts say that two official apps are cause for concern. Ehteraz is a Covid-19 tracking app and Hayya follows fans’ entrance to and from the stadium. The latter requires full network access and unrestricted access to personal data. Øyvind Vasaasen, the head of security at the Norwegian Broadcasting Corporation (NRK) said, “It’s not my job to give travel advice, but personally, I would never bring my mobile phone on a visit to Qatar.”
98% of organizations have been severely impacted by cyber supply chain breach
A recent report cited 98% of respondents experienced negative impacts of a cyber breach in their supply chain, according to a new report. The annual report also found that 40% of respondents rely on third-party vendors or suppliers to ensure security. The industry as a whole reported a lack of understanding and communication across the enterprise regarding the role of cybersecurity.
Russian software disguised as American fools U.S. Army
Thousands of smartphone applications in Apple’s and Google’s online stores contain computer code developed by a technology company, Pushwoosh, that presents itself as based in the United States but is actually Russian. In response to the findings, the CDC removed Pushwoosh software from seven public-facing apps.
Thanks to this week’s episode sponsor, AppOmni
K-12 schools lack funding to combat ransomware threat
Many K-12 schools are targets for malicious cyberattacks, according to a report from the Multi-State Information Sharing and Analysis Center. The report found that 20% of schools spend less than 1% of their IT budgets on security. Schools are a lucrative target for stealing data and can surpass $1 million to remediate. The Los Angeles Unified School District was targeted by a ransomware attack in September which was linked to the Vice Society.
Anti-Fraud police arrest 59 suspected scammers
An anti-fraud operation across 19 European countries resulted in the arrest of 59 suspected scammers. The month-long operation in October as part of the e-Commerce Action initiative led by Europol’s European Cybercrime Centre (EC3) and the Merchant Risk Council. Police tracked down locations where fraudulently purchased goods were delivered and were assisted by banks, merchants, and logistic companies. Strong Customer Authentication (SCA) became mandatory across Europe under the Payment Services Directive (PSD2) but fraudsters are still finding ways to mess with merchant verification systems.
RCE flaw reported in Spotify’s Backstage software catalog
Backstage from Spotify has been discovered as vulnerable to a security flaw that could gain remote code execution by leveraging a disclosed bug in a third-party module. Backstage is an open-source developer portal that allows users to explore, create, and manage software components from a unified front door and is used by big companies like Netflix, Expedia, and Roku.