Parler removed from Apple, Google, and Amazon

Parler, which had been one of the fastest-growing apps in the US, including the number one app for Apple iPhones, has been removed from Apple and Google app stores and has also been suspended from its hosting platform, Amazon’s AWS. All three organizations cited violations of terms of service, including allowing posts that encouraged violence and crime. These actions quickly followed the removal of accounts belonging to or affiliated with President Trump on Facebook and Twitter on Friday. Other organizations that have followed suit include Reddit, Twitch, Stripe, Shopify, YouTube, Instagram, Snapchat, TikTok, Discord, and Pinterest.

(Washington Post and Axios)

Facial-recognition app Clearview sees a spike in use after Capitol attack

The CEO of Clearview, Hoan Ton-That, reported a 26 percent increase of searches over its usual weekday volume. This is significant because unlike traditional facial recognition tools used by law enforcement that use databases containing government-provided photos, such as driver’s license photos and mug shots, Clearview relies instead on a database of more than 3 billion photos collected from social media networks and other public websites. The searches are being done largely by local police departments who are answering a request for assistance from the FBI. The use of facial recognitions technologies remain contentious in many countries, including the US. 

(New York Times)

Emotet tops malware charts in December after reboot

The Emotet trojan is back at the top of the malware charts, having had a makeover designed to make it more effective at escaping detection. Check Point’s Global Threat Index for December 2020 revealed that it bounced back from fifth place in November, now accounting for 7% of malware infections globally. Check Point explains, “It has now been updated with new malicious payloads and improved detection evasion capabilities: the latest version creates a dialogue box, which helps it evade detection from users.” Trickbot and info-stealer Formbook are both in second place on the Index at 4% each.

(Infosecurity-Magazine)

Signal experiences surge after users flee WhatsApp

Signal’s encrypted messaging service has recovered from delays affecting its new user verification process after a mass exodus of WhatsApp users to their platform. Its verification service had become overwhelmed, causing significant delays across various mobile providers. The surge in membership can be attributed in part to WhatsApp parent Facebook requiring its users to share their user data with Facebook or stop using it altogether. In addition, a tweet from Elon Musk who recommended Signal to his 41.6 million followers.

(Bleeping Computer)

Thanks to our episode sponsor,  IT Asset Management Group

Organizations must have adequate written policies and procedures to meet the regulatory requirements for the disposal of their retired data containing devices.  These policies should be readily available and regularly reviewed by leadership.  IT Asset Management Group offers a free policy template to help establish or improve your written policies for IT asset disposal practices. Download the policy template today at itamg.com/CISO

Ryuk rakes in $150M in ransom payments

Joint research by Brian Carter, principal researcher at HYAS, and Vitali Kremez, CEO at Advanced Intelligence, examined Ryuk’s Bitcoin money-laundering operations and discovered that the organization uses a web of Bitcoin exchanges and typically uses two unique Protonmail addresses for each victim in order to communicate. Carter and Kremez also found evidence of significant reconnaissance activity when it came to victim selection, by way of “precursor malware families” that evaluate how lucrative an organization may prove to be as a target.

(Threatpost)

Lenovo’s AR glasses set their sights on enterprise

The company’s ThinkReality A3 glasses offer 1080p resolution, powered by a Qualcomm Snapdragon XR1 chip. Fish-eye cameras provide motion tracking, while an eight-megapixel RGB camera grabs video for remote use. They are intended for use in scenarios from factory floors and laboratories to busy retail and hospitality spaces, and mark another step forward in the deployment of AR wearables, following a path blazed by Microsoft, Epson and Google. The significance of this release is in its focus on industry rather than the consumer space.

(TechCrunch)

Ransomware gangs pursue top executives to pressure companies into paying

This new technique involves stealing data from workstations used by top executives and managers in order to obtain “juicy” information that they can later use to pressure and extort a company’s top brass into approving large ransom payouts. The Clop ransomware strain has been used to sift through a manager’s files and emails, and exfiltrate data that might be threatening or embarrassing, to the person who would most likely be in charge of approving a ransom demand for this attack or for a more conventional ransomware attack. 

(ZDNet)

Singapore changes the rules and will now use COVID-19 contact-tracing app data in criminal cases

Minister of State for Home Affairs Desmond Tan replied by saying that Singapore’s Criminal Procedure Code means its police can obtain any data for criminal investigations, including data gathered by the Covid app called TraceTogether. The Minister stated, “stringent measures are in place to safeguard this personal data,” that only certain officers are permitted to access the information and that it will be used only for permitted purposes and stored securely. He added that data for both witnesses and suspects will be accessed, but that witness data will be “extracted” from the dataset. Suspects’ data will be retained “for security.”

(The Register)