• Channels
    • #AxisOfEasy
    • Metaviews
    • Of Two Minds
    • Venture Crapital
  • Podcast
  • Our Mission
  • Contributors
  • Books
Subscribe

AxisOfEasy Subscribe

AxisOfEasy Weekly

Enter your email below to receive a concise, insightful weekly briefing and stay informed about cyberthreats and relevant tech happenings.

For the time being you do not have to be an easyDNS member to receive #AxisOfEasy, however when you subscribe we'll send you a $10 coupon in case you ever decide to try out one of our many web services.

#AxisOfEasy 274: If You Don’t Uninstall TikTok, You’re Putting America At Risk

by Mark E. Jeftovic on November 29, 2022

Weekly Axis Of Easy #274


Last Week’s Quote was  “When something is important enough, you do it even if the odds are not in your favor,” … was by Elon Musk and no one got it.

This Week’s Quote:  “Never tell people how to do things. Tell them what to do and they will surprise you with their ingenuity.” … by ???

THE RULES:  No searching up the answer, must be posted at the bottom of this post, in the comments section

The Prize: First person to post the correct answer gets their next domain or hosting renewal on us.


This is your easyDNS #AxisOfEasy Briefing for the week of November 28th, 2022, wherein our our Technology Correspondent Joann L Barnes and easyCEO Mark E. Jeftovic send out a short briefing on the state of the ‘net and how it affects your business, security and privacy.
 
 

In this issue:

  • If you don’t uninstall TikTok, you’re putting America at risk
  • Pegasus Project Findings Raise Alarms Around European Government Surveillance
  • Dutch government threatens to dump Facebook if security concerns aren’t addressed
  • Tehama County, California Social Services Department Compromised in Data Breach
  • Landmark Win for Google in Glupteba Botnet Legal Case
  • Announcing the release of Cronly.App


Elsewhere online:

  • Exploit code for Microsoft Exchange flaws released by a hacker group
  • Emotet malware’s return proves that the threat still persists ten years later
  • Here’s how a China-based advanced persistent threat actor hacks into the world’s computers
  • A hacking forum is offering 487 million WhatsApp user cell phone numbers for sale
  • There are over 1,650 malicious containers hidden in Docker Hub repositories


If you don’t uninstall TikTok, you’re putting America at risk

Sen. Mark Warner has expressed concern that TikTok poses a threat to national security and has argued that President Trump was justified in his goal to ban the app in 2020.

Warner says that the app is a “massive collector” of information, including information about keystrokes, which is all stored in Beijing. He also asserts that the app can disseminate content to a large number of people and could be used for propaganda.

Senator Tom Cotton, a Republican, agrees with these concerns and stated that China is probably lying about where TikTok stores user data. He suggests that American citizens uninstall the app.

Since the developers who write the code for TikTok are based in Beijing, Senator Warner pointed out that it is difficult to disentangle the app from China’s capital. He also said that TikTok is a network for broadcasting. If the Chinese Communist Party wants to reduce content that criticizes Chinese leadership and increase content that supports China, it can do so on a large scale.

Republican Senator Tom Cotton issued a warning to Americans earlier in a broadcast, claiming that China is lying about keeping TikTok user data in America with backups in Singapore. Reports show that data can be accessed in mainland China and that TikTok, which is a Chinese company, has to follow the laws of communist China.

TikTok is one of the biggest surveillance programs ever, targeting the youth in the United States. TikTok has access to everything on your phone, including photos, videos, text messages, contacts, and even your eye movements and facial features.

Senator Cotton has urged all Americans to uninstall the video-sharing app TikTok from their phones, if possible, or even to buy new ones altogether.

Read: https://www.zerohedge.com/political/democrat-intel-senator-trump-was-right-about-tiktok

 

Pegasus Project Findings Raise Alarms Around European Government Surveillance

According to the 2021 publication of the Pegasus Project (a spyware investigation led by 16 media outlets around the world) multiple European governments are using advanced spyware and surveillance tools on their own people. Reporters found that European governments had targeted more than 50, 000 phone numbers worldwide using the surveillance tool Pegasus, made by the Israeli company NSO Group. Civilians who were spied on included reporters at CNN, The New York Times, and Reuters, as well as human rights activists and lawyers. The report clearly shows that spyware abuse is just as rampant in European democracies as it is in authoritarian governments like China and Iran.

Modern spyware allows users to both track and pull information from a device. That includes remotely accessing the target’s mic and camera, and downloading texts, emails, and GPS locations without the user’s consent. The software under fire in this report, Pegasus, enables users to quietly access their target’s passwords, contacts, calendar events, texts, and phone calls without the target’s knowledge.

NSO Group, the Israeli company that makes Pegasus, has been used by repressive regimes all over the world for various human rights violations. It is no wonder then that European MPs were deeply concerned by the findings of the report and by the potential impact of such unconstitutional activities on European citizens. According to the findings, most European governments were indulging in undemocratic surveillance activities designed to repress expression and political competition.

The authors of the report didn’t hold back when they wrote that the abuse of spyware “mercilessly exposes the immaturity and weakness of the EU as a democratic entity.” Indeed, for all of their talk of “techno-democracy”, the US and European countries abuse spyware just as much as any other authoritarian regime. Though there is certainly still some semblance of a relatively independent media in these countries, the findings of the Pegasus Project serve as a stark reminder of how fragile democracy really is.

Read: https://slate.com/technology/2022/11/europe-spyware-scandal-pegasus-report.html

 

Dutch government threatens to dump Facebook if security concerns aren’t addressed

State Secretary Alexandra van Huffelen said that the Dutch government might stop using Facebook if the social media site doesn’t improve how it handles sensitive personal data. The company hired to check Facebook’s privacy policy said it’s unlikely the firm will meet all requirements, so the government will probably stop using the social media site altogether.

Van Huffelen thinks that Facebook users’ information isn’t protected well enough, and sensitive personal information could end up in the hands of U.S. security services, where Meta is headquartered.

The Dutch government has asked Facebook, among other things, to stop storing information about Dutch users who look at government pages. This is done in an attempt to protect the Dutch citizens’ personal information.

State Secretary Van Huffelen says that the government will have to stop using Facebook pages if the risks are not taken care of. Facebook said in response that the report was wrong about how Meta works and misunderstood important parts of Dutch law.

The Netherlands’ secretary admitted that quitting Facebook would be a big mistake since it is a popular social media site and a key way for the government to talk to people. At the beginning of this year, Germany’s data protection authority made a similar decision. This made Van Huffelen want to look into it as part of the Cabinet’s new plan to be stricter with social media.

Read: https://nltimes.nl/2022/11/19/dutch-government-will-stop-using-facebook-doesnt-improve-private-data-handling

 

Tehama County, California Social Services Department Compromised in Data Breach

Tehama County officials have informed former employees and recipients of services of a breach in the county’s social services data systems. The breach was identified earlier this year on April 9th, but investigations into the matter had stretched all the way to August 19th. Officials say that personally identifiable information (PII) of several current and former employees and recipients of social services had been compromised in the breach. Such PII included names, addresses, DOB, social security numbers, driver’s license numbers, and details of services obtained from the social security department.

“The County of Tehama is offering complimentary credit monitoring and identity theft protection services to individuals whose Social Security numbers or driver’s license numbers were involved,” the county says, though no cases of fraud seem to have been reported just yet.

The county refused to disclose either the number of victims or the type of cyberattack that took place. Back in June, however, Quantum ransomware operators claimed to have leaked roughly 32 gigabytes of data from the county’s systems.

Read: https://www.securityweek.com/california-county-says-personal-information-compromised-data-breach

 

Landmark Win for Google in Glupteba Botnet Legal Case

In a blog post last Friday, Google announced its victory against two Russian nationals associated with the Glupteba botnet. The tech giant said that the court’s ruling set an important legal precedent for cybercriminals everywhere. In the post, Google’s VP of engineering for privacy, safety, and security Royal Hansen and the company’s general counsel Halimah DeLaine Prado wrote: “We made the explicit decision to name the criminal actors behind Glupteba as defendants in the suit (filed in New York), to expose them and their various shell companies.” Though the tactic was not a common one, Hansen and DeLaine Prado said that they felt it was important to disrupt the botnet group’s ability to operate discreetly online.

The blog post commented that the risk involved in making such an uncommon move was that these foreign actors could “attempt to abuse the US court system by litigating from abroad with no intention of complying with the court’s orders and could try to use the legal process to get information about Google’s defense mechanisms.” The court, however, was not easily manipulated by the defendants attempts, and it issued “monetary sanctions against both the Russian-based defendants and their US-based lawyer – requiring the criminal actors behind Glupteba to pay Google’s legal fees,” the blog post reads.

“This step is particularly important because it shows that there will be real, monetary consequences for engaging in this type of criminal activity.”

Google believes that exposing Glupteba’s legal defeat makes it less appealing for other criminal groups to collaborate with them. Their strategy seems to be working, as Google’s Threat Analysis Group has recorded a 78% decline in the number of infected hosts.

Read: https://www.infosecurity-magazine.com/news/google-wins-legal-battle-vs/


Announcing the release of Cronly.App

Have you ever had to manage multiple cron jobs or tasks from cloud environments? It can be a daunting task, leaving you with incomplete processes or problems that kill your cron jobs without you even being aware there was a problem.  The costs to efficiency and your wallet can be intense.

Having faced these issues ourselves, we here at easyDNS fell head over heals in love with the simplicity of Cronly.app. We entered into an agreement to purchase the base application and then went to town enhancing and improving what it can do to make it bulletproof for your use.

Cronly makes it dead simple to schedule and monitor your cron jobs in the cloud.

• Create Monitors to keep an eye on your cron jobs
• Get notified when they complete
• Receive alerts if there are any problems or unexpected interruptions
• Setup is all done via a user-friendly GUI

Costing less than a cup of coffee per month, each monitor includes the following:

• Unlimited Triggers
• Unlimited Users
• Unlimited SSL certificates
• Unlimited Projects
• Unlimited Integrations
• Unlimited API Calls

Cronly.app includes flexible notifications with integrations that range the gamut from Slack to Trello to Discord. Monitoring your application is as simple as calling a link we provide for every monitor you setup. You could be up and running in literal minutes. You only pay for what you use, and if you pre-pay a year you receive 2 months for free. Be one of the first to check it out on https://cronly.app today!

 

Elsewhere Online:

 

Exploit code for Microsoft Exchange flaws released by a hacker group Read:https://securityaffairs.co/wordpress/138768/hacking/proxynotshell-microsoft-exchange-poc.html

Emotet malware’s return proves that the threat still persists ten years later
Read: https://thehackernews.com/2022/11/notorious-emotet-malware-returns-with.html

Here’s how a China-based advanced persistent threat actor hacks into the world’s computers
Read: https://thehackernews.com/2022/11/chinese-mustang-panda-hackers-actively.html

A hacking forum is offering 487 million WhatsApp user cell phone numbers for sale
Read: https://heimdalsecurity.com/blog/487-million-whatsapp-mobile-numbers-hacking-forum/

There are over 1,650 malicious containers hidden in Docker Hub repositories
Read:https://www.bleepingcomputer.com/news/security/docker-hub-repositories-hide-over-1-650-malicious-containers/

 Previously on #AxisOfEasy

If you missed the previous issues, they can be read online here:

  • November 21st, 2022: Take Control Over Your Social Media Presence With Mastodon
  • November 14th, 2022: Concern Over Rise In Number Of Phishing Attempts: Dropbox Breach Of 130 GitHub
  • November 7th, 2022: No, Mark Jeftovic Is Not Trying To Pump Cryptos In Your Twitter DMs
  • October 31st, 2022: TechCrunch’s Analysis Of TheTruthSpy And The State Of Other Stalkerware Apps
  • October 24th, 2022: British Lawmakers Passed A Bill Allowing Protesters To Be Tagged Without Conviction

 

 

 

 

 

6 responses to “#AxisOfEasy 274: If You Don’t Uninstall TikTok, You’re Putting America At Risk”

  1. Jon says:
    November 29, 2022 at 6:44 pm

    Jim Collins, from Good to Great?

    Reply
  2. ruslan says:
    November 29, 2022 at 7:36 pm

    Henry Ford?

    Reply
  3. Mike says:
    November 29, 2022 at 8:01 pm

    For the quote I’m going to say Henry Ford.

    Reply
  4. Christopher Greene says:
    November 29, 2022 at 10:27 pm

    General George Patton! I finally got one!

    Reply
  5. Technician Tuesday: How fast do I want life to come at me? - How to Make Your Technology Work For You says:
    November 29, 2022 at 10:59 pm

    […] I read this latest post on Axis of Easy, by Mark Jeftovic at EasyDNS. Among other things, there’s reports of […]

    Reply
  6. Gunnar says:
    November 30, 2022 at 7:03 am

    For the quote : Steve Jobs

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Be informed. Be safe. Be amused, often stunned with #AxisOfEasy Weekly Enter your email below to receive a concise, insightful weekly briefing. When you subscribe we'll send you a $10 coupon in case you ever decide to try out one of our many web services.

AxisOfEasy Weekly

Enter your email below to receive a concise, insightful weekly briefing and stay informed about cyberthreats and relevant tech happenings.

For the time being you do not have to be an easyDNS member to receive #AxisOfEasy, however when you subscribe we'll send you a $10 coupon in case you ever decide to try out one of our many web services.

#AxisOfEasy
#AxisOfEasy
Bombthrower
Bombthrower
Metaviews
Metaviews
Of Two Minds
Of Two Minds
Uncategorized
Venture Crapital
Venture Crapital
#AxisOfEasy is brought to you by....

easyDNS

Power & Freedom™ since 1998


Ledger Nano X - The secure hardware wallet easyDNS

Latest Headlines

  • #AxisOfEasy 283: GoTo’s Data Breach Is Even Worse Than Previously Thought
  • What Goes Up Also Comes Down: The Heavy Hand of Bubble Symmetry
  • Here’s How "Prosperity" Ends: Global Bubbles Are Popping
  • Heretical Thoughts on Orthodoxies
  • The Race to the Bottom Accelerates
  • #AxisOfEasy 282: California’s Unprecedented Data Breach Highlights Need For Privacy In Public Safety
  • You Want Truly "Sound Money"? A Thought Experiment
  • The 1970s: From Rotting Carcasses Floating in the River to Kayak Races
  • Contrarian Thoughts on the Petro-Yuan and Gold-Backed Currencies
  • #AxisOfEasy 281: Hackers Unleash Chaos: Danish Central Bank And Leading Private Bank Websites Under Siege

Latest Comments

  • Jon on #AxisOfEasy 282: California’s Unprecedented Data Breach Highlights Need For Privacy In Public Safety: “I’ll have a go with Emerson.”
  • Mike on #AxisOfEasy 282: California’s Unprecedented Data Breach Highlights Need For Privacy In Public Safety: “For the quote I’m going to say Walden.”
  • Bethany on #AxisOfEasy 282: California’s Unprecedented Data Breach Highlights Need For Privacy In Public Safety: “Quote: Use the talents you possess, for the woods would be a very silent place if no birds sang except…”

Behold The Axis

  • Epsilon Theory
  • Guerrilla Capitalism
  • James Kunstler
  • Metaviews
  • OfTwoMinds
  • Peak Prosperity
  • TTMYGH
  • Venture Crapital
  • Zerohedge

Tags

  • Alexandra van Huffelen
  • Beijing
  • China
  • Docker Hub
  • Dutch
  • Emotet
  • Germany
  • Glupteba
  • GPS
  • Halimah DeLaine Prado
  • Microsoft Exchange
  • Netherlands
  • NSO
  • Pegasus Project
  • PII
  • Quantum
  • Royal Hansen
  • Sen. Mark Warner
  • Tehama County
  • TikTok
  • Tom Cotton
  • WhatsApp

Latest Headlines

#AxisOfEasy 283: GoTo’s Data Breach Is Even Worse Than Previously Thought

0 Comments

What Goes Up Also Comes Down: The Heavy Hand of Bubble Symmetry

0 Comments

Here’s How "Prosperity" Ends: Global Bubbles Are Popping

0 Comments

Heretical Thoughts on Orthodoxies

0 Comments

The Race to the Bottom Accelerates

0 Comments

#AxisOfEasy 282: California’s Unprecedented Data Breach Highlights Need For Privacy In Public Safety

3 Comments
  • 1
  • 2
  • 3
  • …
  • 183
  • Next »

Latest comments

#AxisOfEasy 283: GoTo’s Data Breach Is Even Worse Than Previously Thought

0 Comments

What Goes Up Also Comes Down: The Heavy Hand of Bubble Symmetry

0 Comments

Here’s How "Prosperity" Ends: Global Bubbles Are Popping

0 Comments

Heretical Thoughts on Orthodoxies

0 Comments

The Race to the Bottom Accelerates

0 Comments

#AxisOfEasy 282: California’s Unprecedented Data Breach Highlights Need For Privacy In Public Safety

3 Comments
  • 1
  • 2
  • 3
  • …
  • 183
  • Next »

Latest tweets

  • GoTo’s data breach is even worse than previously thought Social Networking Giant Meta Sues Surveillance Firm Voya… https://t.co/08xA2AnxUp4 hours ago
  • RT @StuntPope: Belated addition: If you see this thread and are impacted - reply here after you cancel your billing. Ideally I'd like to…4 days ago
  • RT @StuntPope: At the end of the day it's on me for not noticing, but at least some other people can save themselves $49/month going forwar…4 days ago
  • RT @StuntPope: If you look at @Trustpilot it seems that @CareDotCom's business model is to get you to upgrade to a premium account (you can…4 days ago

Plug into the #AxisOfEasy on....

Enter your email below to receive a concise, insightful weekly briefing

AxisOfEasy Weekly

Enter your email below to receive a concise, insightful weekly briefing and stay informed about cyberthreats and relevant tech happenings.

For the time being you do not have to be an easyDNS member to receive #AxisOfEasy, however when you subscribe we'll send you a $10 coupon in case you ever decide to try out one of our many web services.

  • Channels
    • #AxisOfEasy
    • Metaviews
    • Of Two Minds
    • Venture Crapital
  • Podcast
  • Our Mission
  • Contributors
  • Books

(c) 2017 - 2020 AxisOfEasy Media

  • Channels
    • #AxisOfEasy
    • Metaviews
    • Of Two Minds
    • Venture Crapital
  • Podcast
  • Our Mission
  • Contributors
  • Books