Biden administration labels China top tech threat, promises proportionate responses to cyberattacks
www.theregister.com/2021/03/05/bide_administration_interim_national_security_guidance/ That assessment was offered in a new Interim National Security Guidance [PDF] issued on Wednesday, in which the administration also outlines plans to seek more regulation of advanced technologies and an intention to strike back after cyberattacks.. Guidance document at
AdGuard names 6,000+ web trackers that use CNAME chicanery: Feel free to feed them into your browser’s filter
www.theregister.com/2021/03/04/adguard_cname_tracker/ As privacy barriers have gone up to prevent marketers from gathering data from web users, CNAME manipulation has become more popular. As we reported last week, privacy researchers recently found that the presence of CNAME trackers has increased 21 per cent over the past 22 months and that CNAME trackers show up on almost 10 per cent of the top 10,000 websites. Worse still, 95 per cent of websites . that fiddle with their domain records in this manner leak cookies, which sometimes contain sensitive information.. List at
github.com/AdguardTeam/cname-trackers, paper at
Will Googles Privacy Sandbox take the bite out of tracking cookies?
blog.malwarebytes.com/privacy-2/2021/03/will-googles-privacy-sandbox-take-the-bite-out-of-tracking-cookies/ Third-party cookies have been the lynchpin of online advertising for many years. Plans to phase cookies out forever continue to run at a steady pace, with Google in the driving seat. In 2019, it announced its vision for a Privacy Sandbox.
Microsoft Office 365 gets protection against malicious XLM macros
www.bleepingcomputer.com/news/security/microsoft-office-365-gets-protection-against-malicious-xlm-macros/ Microsoft has added XLM macro protection for Microsoft 365 customers by expanding the runtime defense provided by Office 365’s integration with Antimalware Scan Interface (AMSI) to include Excel 4.0 (XLM) macro scanning. AMSI was introduced in 2015, and it has been adopted by all major antivirus products available for the Windows 10 platform since then. It allows Windows 10 services and apps to communicate with security products and request runtime scans of potentially dangerous data.
Security Researchers Probed 90,194 Amazon Alexa SkillsThe Results Were Shocking
www.forbes.com/sites/daveywinder/2021/03/07/security-researchers-probed-90194-amazon-alexa-skills-the-results-were-shocking/ A research team comprising experts from North Carolina State University (NCSU) and the Ruhr-University Bochum in Germany recently undertook a study of Amazon Alexa skills. What they uncovered was shocking: misleading privacy policies, developers able to claim they were, well, anyone, and multiple skills sharing the same Alexa trigger words, to name just some of the issues.