Weekly Tech News for April 7, 2019

Raymond Tec News Podcast Cover Art
Raymond Tec News
Weekly Tech News for April 7, 2019
Loading
/

Intro

Welcome to the April 7th, 2019 episode of the Raymond Tec News podcast. Each week I curate the articles, tweets, and backchannel sources to provide a 15 to 20-minute summary of tech news.

I’ll start off, like I always do, with the headlines to keep you up at night; data breaches, privacy concerns, and security threats. I’ll follow with this week’s feature, then I’ll balance out the negative with a series of stories to restore your faith in technology, and, maybe, humanity.

Let’s dive in.

Data Breaches

Cultura Colectiva, a Mexico-based content publisher, and At the Pool, a defunct app maker, have exposed more than 540 million Facebook records after improperly storing data accessible from the social media site. TechCrunch

A database managed by an Indian government healthcare agency was without password protection for more than three weeks, exposing 12.5 million pregnant women’s medical records. ZDNet

VoterVoice, a company that provides email contact forms for US legislators, has been caught insecurely storing details of people who contact their senators and representatives exposing email addresses and other personally identifiable information. TechCrunch

Macon, Georgia-based Navicent Health has determined a cyberattack from last year exposed records of more than a quarter of a million patients. Data Breach Today

Missouri-based Burrell Behavioral Health exposed about 67,000 patients’ data when a third-party business improperly configured an internet accessible server. Health IT Security

Let’s move on to Privacy Headlines.

Privacy Headlines

A researcher at Talos, Cisco’s security division, revealed that cybercriminal groups are operating in plain sight on Facebook, some using their real profiles. These groups trafficked in stolen credit card data, identity info, spam lists, and hacking tools. Wired

Airbnb is back in privacy news this week, when a family from New Zealand found a camera hidden in a fake smoke detector live streaming the living room of their vacation rental. CNN

WhatsApp has added a new feature that will allow users to control who can add them to groups, in an effort to improve privacy and prevent the spread of fake news. This announcement comes on the heels of a new fact-checking tip line Facebook launched in India ahead of this year’s contentious elections. TechCrunch

A hoax dating back to 2011 has reared its head again this week on Facebook. This is a copy and paste post stating that hackers are publishing sexual videos on your timeline that you can’t see but your friends can; don’t fall for it. Sophos Naked Security

AI researchers at Google, Facebook, Microsoft, and in academia have published an open letter requesting that Amazon stop selling biased facial recognition technology to law enforcement agencies. The Verge

Amazon has announced that Alexa will now talk to internet-connected health monitoring devices, allowing users to verbally check their blood sugar, schedule doctors’ appointments, and receive post-op instructions from hospitals. Personally, I’d rather Amazon not know how I got pink eye. Wired

Israeli security researchers have published a proof of concept that shows malware can access medical scanners to automatically add and remove cancer from CT scans. Security Week

Sanitation workers in Nanjing, China are required to wear a bracelet that tracks their movement and vibrates if it detects that they’re idle for more than 20 minutes. The Verge

The US Justice Department’s Inspector General has announced that the FBI is not notifying victims of cybercrime of their rights in a timely manner. In response, the FBI announced it’s in the process of replacing their current notification system. Data Breach Today

Several members of the European Parliament have voted the wrong way on the Copyright directive, not realizing what the for and against buttons actually meant. These members have requested their votes be changed. Sophos Naked Security

Jackson Cosko, a former staffer of Senator Maggie Hassan, has admitted to doxing 5 senators by publishing their private phone numbers and home addresses to Wikipedia. The details emerged after Cosko pleaded guilty to computer fraud and other offenses. The Verge

Let’s move on to security headlines.

Security Headlines

A phishing campaign has been targeting Verizon Mobile users since November of last year according to security research firm, Lookout Phishing AI. DarkReading

A new type of malware that targets IoT devices has been spotted in the wild. Dubbed Bashlite by researchers, the new strain focuses on WeMo brand home automation devices. ZDNet

Huawei has released a patch for its MateBook laptops that could have allowed an attacker to gain access to the system. This bug was first disclosed by Microsoft security researchers in January. The Verge

Dropbox, a leading cloud storage provider for individuals, has discovered 264 vulnerabilities after it ran a one-day bug bounty program. Reportedly, the company paid hackers more than $300,000 in bounties. ZDNet

The Android operating system now powers some 2 billion devices worldwide. Google has announced 75.7 billion downloads, or .04 percent of all downloads from its Google Play store in 2018 were harmful. These estimates are double the number from 2017. TechCrunch

Pharmaceutical giant, Bayer, has announced that they have successfully detected and defeated a Chinese cyberattack. Health IT Security

A critical security vulnerability has been discovered in Xiaomi’s MI and Mint browsers. Users are advised to discontinue using these browsers until a patch is released. The Hacker News

Scammers have been using a new trick to get more clicks on their advertising campaigns. By detecting when your mouse gets to the close button, the page resizes the ad forcing you to click on the ad. To avoid the scam, move your mouse to the close button and pause before clicking. ZDNet

A new report has announced that about 17,000 home and small office modems and routers are vulnerable to DNS Hijack Attacks. These attacks redirect your requests for legitimate sites to sites that serve malware. DarkReading

Waltham, Mass-based Care dot com has deleted tens of thousands of providers after a Wall Street Journal exposé revealed some providers were unlicensed and others had criminal backgrounds. The Verge

Former NSA contractor, Harold Thomas Martin III, has pleaded guilty to illegally accessing top-secret documents and cyber warfare tools. These tools have been found in the wild, most notably in the ransomware WannaCry. Sophos Naked Security

Chinese National Yujing Zhang was arrested last weekend for attempting to bring malware under the guise of attending a fabricated event to President Trump’s Mar-a-Lago golf club. President Trump was on the premises at the time. DarkReading

China has been trying to reunify with Taiwan for many years. To prevent China from tampering in the 2020 presidential election, Taiwan plans to ban Chinese search engine Baidu, and social media giant Tencent. ZDNet

GPS spoofing attacks have been rare and limited to cybercriminal groups until recently. Russia has been accused of the first large-scale GPS spoofing attack. These attacks interfere with the signals bounced back to GPS receivers to confuse navigation. Sophos Naked Security

Let’s move on to other headlines.

Other Headlines

Though still very limited, Verizon has begun rolling out 5G in parts of Chicago and Minneapolis. The Verge

Google is continuing to take features from subsidiary Waze for its Google Maps application. Google Maps will soon warn you of traffic slowdowns. The Verge

Some Android TV users turned on their streaming devices to find Google has begun placing ads on their home screens. Many users were angered by the discovery. The Verge

Google and Walmart have announced that they’re teaming up to bring voice-based grocery shopping to consumers to combat Amazon’s push to be everything to everyone. ZDNet

North, the company that’s bringing stylish smart glasses to a wider market, have announced a slew of new features in their latest update including music playback controls, note transcriptions, and transit directions. The Verge

Netflix has announced that users will no longer be able to send shows between Apple devices using the AirPlay feature due to what it’s calling a technical limitation. The Verge

To compete with Apple TV and Amazon, Roku is now offering HBO subscriptions through its Roku Channel. TechCrunch

Fortnite developer Epic has announced they will be bringing more creative tools to its game to expand its community. This comes the same week that England’s Prince Harry called for the game to be banned, citing mental health professionals claims that it’s more addictive than drugs or alcohol. 9 to 5 Google | Variety

Snapchat is mirroring Chinese messaging apps by moving into the social gaming market. TechCrunch

TikTok, the China-based video streaming app, has developed a new talent show feature to draw more attention from users in Korea and Japan. The Verge

On November 20th of this year, Microsoft will be closing its HealthVault Patient-Records Service; all remaining data will be deleted. ZDNet

Microsoft is getting rid of that annoying requirement to click “safely remove hardware” when you disconnect USB thumb drives, hard drives, and smart phones. Unfortunately, it’s at the expense of transfer speed. ZDNet

Microsoft’s Skype has concluded a beta test of its new 50-person group video chat feature and is now available as an update. The Verge

To comply with the European Union’s antitrust ruling, Android devices will now prompt users to select browsers and search engines from a list, rather than defaulting to Google provided products. 9 to 5 Google

New York state has joined the ranks of California and Hawaii by enacting legislation to ban plastic bags in 2020. The Verge

Many publishers will release games exclusive to the North American or Asian markets and Steam has honored this tradition by blocking users from activating games they’ve purchased legitimately if they’re not in those locations. The European Union intends to put an end to this practice. TechCrunch

Hayabusa 2, a project team from the Japan Aerospace Exploration Agency, succeeded in the first part of its mission this week by landing rovers on an asteroid and collecting samples. In a few weeks, the team plans to fly around the asteroid, land on the other side, collect more samples, then fly the samples back to Earth. Adam Shostack & Friends

Australia is rushing laws through its legislature that could see executives do jail time if serious, violent crimes are streamed on their online platforms. ZDNet

The BBC and Discovery have announced they will be teaming up for a new streaming service focused on factual programming. TechCrunch

You’d almost think I planned that segue. Let’s move onto this week’s feature story, Fake News.

Good News

Facebook users may remember when they added the “Why am I seeing this ad?” button in 2014. This week the social media giant announced it would be adding a “Why am I seeing this post?” button as well. This will give users more transparency about why they’re seeing one post versus another but, more interesting than that, it will give us a look at the algorithm that decides the content on our News Feeds, something Facebook has been very secretive about. Having this knowledge will allow Facebook users to more intelligently interact with the site. TechCrunch

In today’s world of streaming video and immediate gratification, movement of physical items is often much slower than we would like. Nowhere is this more obvious than in the world of medicine, where hours and minutes may mean the difference between life and death. Until now, old-fashioned human courier services were still the norm for moving tissue and blood samples from where they’re extracted by your doctor to where they’re analyzed by lab technicians. This week, the FAA granted UPS the first license for commercial, profit-generating drones. UPS will be transporting tissue and blood samples by drone in North Carolina, testing the waters for a wider, national system. Thanks to this smart move, doctors will no longer have to depend on humans traversing traffic-filled roads to make medical diagnoses. Wired

A Scottish teenager named Kal Turnbull has turned a simple subreddit into a forum for rational, reasoned discourse with over 700,000 members. In 2013, the 17-year-old realized the cultural limitations of his upbringing in the Scottish Highlands, so he created a subreddit called “Change My View.” 6 years on CMV is heralded by some as an online oasis. Turnbull and his small team of moderators have spent a great deal of time modifying Reddit’s flawed algorithms which decided what topics should be pushed to the top by hacking together a system that ranked users based on their ability to be civil, rational, and impactful. Unfortunately, this system was a bit complicated and time-consuming, so the now 23-year-old Turnbull has launched a stand-alone website called “Change a View” dot com. Beyond streamlining the way the subreddit worked, Turnbull and his team have built-in a system that allows users to see why conversations have been flagged and allows moderators to talk directly to users. The new site also eschews private messaging in favor of keeping discussions public, and, therefore, civil. This is an exciting win for logic, reason, and discourse on the internet. Wired