Researchers report a vulnerability in the way email clients render content encrypted with the widely used PGP and S/MIME protocols. Jettisoning them, as some advise, is thought by many to be unwise. See their linked comments below for discussion. And, obviously, keep your email clients updated.
The Netherlands will ban Kaspersky products from government networks. Huawei's partnership with Chinese authorities to establish surveillance networks covering Xinjiang province arouses concerns internationally about the company's products. The US Administration's gesture of a lifeline for ZTE draws criticism from those who see ZTE as a security threat, and not merely a sanctions-evader.
Advocacy group Access Now says it's found evidence Turkey's government is using FinFisher spyware tools against dissidents.
The New Scientist reports that the University of Cambridge's Psychometrics Centre culled data from the now notorious Facebook personality quiz, myPersonality, and shared it with hundreds of researchers over a period of four years. Some three-million individuals were affected. The data were poorly secured and imperfectly anonymized. This is the same data collection project whose results were used by now-defunct Cambridge Analytica.
Adobe yesterday patched forty-seven vulnerabilities in Acrobat and Reader. Samsung also patched, stopping six critical bugs in its handsets.
Some welcome good news: researchers at the University of Florida have tested a method of detecting cloned, fraudulent gift cards at the point of sale by the unstable "jitter" cloning introduces. Similar techniques could be applied to cloned ATM cards.
Crooks are phishing for Apple credentials. Their bait is a GDPR "hardening" offer.