Cyber Attacks, Threats, and Vulnerabilities
Hackers Are Targeting the Remote Workers Who Keep Your Lights On (Bloomberg) In July alone, hackers took over the twitter accounts of U.S. politicians, stole terrabytes of coronavirus research and even infiltrated the U.K.’s Premier League soccer clubs. Can they cut off your electricity, too?
New disinformation campaign resembles 2016 Russian election meddling — but is much more sophisticated, FireEye says in new report (Business Insider) Researchers from FireEye said they found a sophisticated disinformation campaign they believe could be directed at disrupting the 2020 US election.
North Korean hackers target defense and aerospace industry in 'Operation North Star' (SiliconANGLE) North Korean hackers are expanding their efforts to break into U.S. defense and aerospace companies in a series of attacks dubbed “Operation North Star.”
For North Korea, phishing with fake job-recruitment emails never gets old (CyberScoop) Give someone an undetected software exploit and they’ll have access to a system for a day, the security researcher The Grugq once said, but teach them to phish and they’ll have “access for life.”
Operation (노스 스타) North Star A Job Offer That’s Too Good to be True? (McAfee Blogs) Executive Summary We are in the midst of an economic slump , with more candidates than there are jobs, something that has been leveraged by malicious
Nation State Attackers Shift to Credential Theft (Infosecurity Magazine) Nation state attackers shift from financial theft and gain to stealing user credentials
Malspam campaign caught using GuLoader after service relaunch (Malwarebytes Labs) We discovered a spam campaign distributing GuLoader in the aftermath of the service's relaunch
Exclusive: China-backed hackers 'targeted COVID-19 vaccine firm Moderna' (Reuters) Chinese government-linked hackers targeted biotech company Moderna Inc, a U.S.-based coronavirus vaccine research developer, this year in a bid to steal data, according to a U.S. security official tracking Chinese hacking.
Kaspersky: New hacker-for-hire mercenary group is targeting European law firms (ZDNet) The Deceptikons group is the second major hacker-for-hire mercenary group exposed this year after Dark Basin.
New Attack Leverages HTTP/2 for Effective Remote Timing Side-Channel Leaks (The Hacker News) Researchers reveal "timeless timing attacks," a new technique that leverages HTTP/2 protocol for effective remote timing side-channel attacks.
Timeless Timing Attacks: Exploiting Concurrency to Leak Secrets over Remote Connections (DistriNet Research Group and New York University Abu Dhabi) To perform successful remote timing attacks, an adversary typically collects a series of network timing measurements and subsequently performs statistical analysis to reveal a difference in execution time.
Vulnerability Allowed Brute-Forcing Passwords of Private Zoom Meetings (SecurityWeek) A vulnerability that Zoom addressed in its web client could have allowed hackers to join private meetings by brute-forcing the passcode
Zoom Flaw Could Have Allowed Hackers To Crack Meeting Passcodes (Threatpost) Zoom has fixed the issue, which stemmed from a lack of checks against incorrect passcode attempts.
Zoom bug allowed attackers to crack private meeting passwords (BleepingComputer) A lack of rate limiting in password attempts allowed potential attackers to crack the numeric passcode used to secure Zoom private meetings as discovered by Tom Anthony, VP Product at SearchPilot.
Servers at risk from “BootHole” bug – what you need to know (Naked Security) We explain the “BootHole” vulnerability – as usual, in plain English and without hype. Find if you’re affected and what to do.
Companies Respond to 'BootHole' Vulnerability (SecurityWeek) Companies affected by the BootHole vulnerability in the GRUB2 bootloader have started issuing advisories
ELD vulnerabilities pose greater risk for cyberattacks (Fleet Owner) According to a private industry notification from the FBI, research into a selection of self-certified ELDs found the devices did “little to nothing to follow cybersecurity best practices and were vulnerable to compromise.”
VPN increasingly being used to penetrate organizations (TechRadar) Attacks on industrial control systems are on the rise
Canadian MSP discloses data breach, failed ransomware attack (BleepingComputer) Managed service provider Pivot Technology Solutions has disclosed that it was the victim of a ransomware attack that resulted with sensitive information being accessed by the hackers.
Android malware ‘BlackRock’ prowling in cyber space, may steal banking data: CERT-In (The Hindu) The “noteworthy feature” of this malware is that its target list contains 337 applications including banking- and financial applications and also non-financial and well-known commonly used brand name apps on an Android device that focus on social, communication, networking and dating platforms.
Hackers have found a vulnerability in the iPhone that cannot be fixed (Free News) A team of Chinese researchers talked about how to jailbreak iPhones and iPads. They discovered a vulnerability related to the SEP security chip
Cyberpunk 2077 beta? Nah, that's just a phishing scam (Destructoid) Cyberpunk 2077 beta? Nah, that's just a phishing scam
Inductive Automation Ignition 8 (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Inductive Automation
Equipment: Ignition 8
Vulnerability: Missing Authorization
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to gain access to sensitive information.
Mitsubishi Electric Factory Automation Engineering Products (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.3
ATTENTION: Low skill level to exploit
Vendor: Mitsubishi Electric
Equipment: Mitsubishi Electric, Factory Automation Engineering products
Vulnerability: Unquoted Search Path or Element
2. RISK EVALUATION
Successful exploitation of this vulnerability may allow an attacker to obtain unauthorized information, modify information, and cause a denial-of-service condition.
Mitsubishi Electric Multiple Factory Automation Engineering Software Products (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.3
ATTENTION: Exploitable remotely
Vendor: Mitsubishi Electric
Equipment: Mitsubishi Electric, Multiple Factory Automation Engineering Software products
Vulnerability: Permission Issues
2. RISK EVALUATION
Successful exploitation of this vulnerability may enable the reading of arbitrary files, cause a denial-of-service condition, and allow execution of a malicious binary.
Philips DreamMapper (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 5.3
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Philips
Equipment: DreamMapper
Vulnerability: Insertion of Sensitive Information into Log File
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker access to the log file information containing descriptive error messages.
Mitsubishi Electric Factory Automation Products Path Traversal (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 8.3
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: Mitsubishi Electric
Equipment: Mitsubishi Electric, Factory Automation products
Vulnerability: Path Traversal
2. RISK EVALUATION
Successful exploitation of this vulnerability may allow an attacker to obtain unauthorized information, tamper the information, and cause a denial-of-service condition.
Hackers Have Been Using Dogecoin to Deploy Malware for 6 Months & No One Noticed (Cointelegraph) Researchers at Intezer discovered a new malware that relies on the Dogecoin blockchain network to deploy the attack against cloud servers
Twitter hackers used “phone spear phishing” in mass account takeover (Ars Technica) This month's epic breach targeted multiple employees, Twitter says.
()
Twitter says a “phone spear phishing” attack helped hackers - what’s that? (Graham Cluley) What’s a phone spear phishing attack? Twitter shares some more details related to its serious security breach earlier this month which saw celebrity accounts tweeting a cryptocurrency scam.
Garmin outage: Garmin Connect is back UP but some subsystems are DOWN again! (T3) After an alleged ransomware attack, Garmin Connect is slowly coming back online
This Russian hacker is likely behind ransomware attack on Garmin (India Today) Garmin is battling a ransomware attack and is struggling to take control of its networks. Now details emerge of a 33-year-old Russian hacker, Maksim Yakubets, who is likely behind it.
OkCupid: Hackers want your data, not a relationship (ZDNet) Researchers discovered a way to steal the personal and sensitive data of users on the popular dating app.
OkCupid security flaws could have allowed hackers to compromise dating accounts (SiliconANGLE) IAC/Interactivecorp-owned dating service OkCupid has fixed security flaws in its website and apps that could have allowed hackers to access personal data and private messages of the service’s 50 million users.
U.S. Institutions Affected by Blackbaud Cyberattack (Inside Higher Ed) Criminals may have accessed private information from donors to at least 16 U.S. universities as part of a cyberattack on cloud computing company Blackbaud. Hackers were unsuccessful in blocking access to Blackbaud files but did make a copy of a subset of data. Blackbaud paid a ransom to the criminals to destroy this information -- a move that is not encouraged by many law enforcement agencies, as ransom payments are thought to encourage further attacks.
Blackbaud ransomware attack – what should charities do next? (Third Force News) Alison Stone gives advice for organisations who may be worried by the recent cyber attack on the major software provider
Blackbaud : CAMH, Western among Canadian orgs. affected by ransomware attack on Blackbaud | MarketScreener (Market Screener) At least two prominent fundraising organizations in Canada have notified their donors that their personal information may have been compromised in a May ransomware attack.
Ransomware... | July 30, 2020
Information on UNC System donors compromised in May ransomware attack on third-party company (CBS17.com) Information on donors to the University of North Carolina System may have been compromised during a ransomware attack two weeks ago on a third party the system work…
Cyber attack hit Auburn University Foundation vendor (OANow.com) The Auburn University Foundation revealed Monday that one of its vendors was hit with a cyberattack earlier this year.
Alumni details possibly at risk after cyber attack (Otago Daily Times Online News) The personal details of some University of Otago alumni may have been compromised in a cyberattack. The university has been caught up in a security...
Sheffield Hallam University confirms data breach following cyber attack (University of Sheffield) It's one of more than 20 unis and charities affected
A mysterious vigilante is sabotaging one of the world’s most dangerous malware strains (TechRadar India) Emotet malware payloads replaced with animated GIFs
Beshear highlights difficulties keeping up old unemployment system after second data breach (WLKY) Another data breach hit Kentucky's already beleaguered unemployment insurance system amid the ongoing struggle by residents across the state to get the benefits they need.
Security Patches, Mitigations, and Software Updates
Mitsubishi Fixes Path Traversal Issue (ISSSource) Mitsubishi Electric has new versions available to mitigate a path traversal vulnerability in its Factory Automation products, according to a report with CISA.
NETGEAR Decline to Patch Security Flaw in 45 Routers and Modems (ISPreview UK) Back in June it was revealed that around 80 of NETGEARs broadband wireless router(s), modems and other products suffered from a remote code execution
Cyber Trends
Lack of training, career development, and planning fuel the cybersecurity profession crisis (Help Net Security) The top ramifications of the cybersecurity profession crisis include an increasing workload, unfilled open job requisitions, and much more!
Fall in reported malicious attacks sees data breach notifications drop (ARN) Australia has seen a marginal fall in the number of reported data breaches for the last six months, clocking in at 518.
Tanium Report Reveals 85 Percent of Organizations Experienced More Cyberattacks Since the Start of the Pandemic (Dark Reading) Cyber security's comprehensive news site is now an online community for security professionals, outlining cyber threats and the technologies for defending against them.
How IT leaders were unprepared for the security challenges posed by COVID-19 (Tech Republic) The top three challenges cited in a Tanium survey were identifying new computing devices, overwhelmed IT capacity due to VPN requirements, and increased risks from video conferencing.
What COVID-19 means for the data breach landscape: Learnings from confirmed data breaches (Express Computer) The Verizon Business study reviewed 474 data breach incidents from March – June 2020 based on contributor data, publicly disclosed incidents and Verizon’s own observations drawn from its collective years of experience. It focuses on 36 confirmed data breaches which were identified as being related directly to the COVID-19 pandemic
Cyberattacks have decreased as a cause of data loss (ITProPortal) Businesses are spending more on security and feeling confident about defending their perimeters.
Marketplace
Offensive Security Acquires Cybersecurity Training Project VulnHub (SecurityWeek) Information security training and certification provider Offensive Security this week announced the acquisition of VulnHub, an open-source catalog of security training resources
()
Vendor Security Platform Whistic Closes $12 Million (Pulse 2.0) Whistic — a proactive vendor security platform for both buyers and sellers — announced that it has raised $12 million in Series A funding led by Emergence.
Tech Mahindra eyes $1 billion from cyber-security solutions (Hindu Businessline) Partners with Hinduja-backed CyQureX
L3 Technologies Awarded $64 Million NSA Encryption Contract (ClearanceJobs) L3 Technologies Inc., Bristol, Pennsylvania, has been awarded a $64,232,376 firm-fixed-price, indefinite-delivery/indefinite-quantity contract for Telemetry Security Products (TSP) and ancillary services.
Microsoft Now Offers Up To $100,000 Reward to Security Researchers for Finding Bugs in the Windows Insider Preview (Digital Information World) In addition to that, Microsoft also said that it has revamped the program portal to make it convenient for researchers to submit the discovered vulnerabilities.
Tech results: Amazon, Apple and Facebook earn record profits during pandemic (The Telegraph) Silicon Valley giants Amazon, Apple and Facebook enjoyed a dramatic boom during the worst months of the pandemic, posting rises in quarterly profits last night that will add fuel to claims they are becoming too dominant.
Tech’s biggest companies become richer than ever as pandemic wreaks economic havoc (The Telegraph) Big tech companies stood out from an overall grim economic picture – but will their record results help or hurt them?
Dell hit with new layoffs, says cuts unrelated to COVID-19 (CRN Australia) No word yet if local business is affected.
Huawei's Catherine Chen: Shared Responsibility for a Shared Future (PR Newswire) Huawei Corporate Senior Vice President and Director of the Board Catherine Chen delivered a keynote speech at the online Better World Summit...
Top Philippine telco to launch 5G service with Huawei and Ericsson (Nikkei Asian Review) Move marks another win for embattled Chinese telecom equipment supplier
Portugal telcos won't use Huawei for core 5G networks though no gov't ban (ETTelecom) The three companies who dominate Portugal's mobile phone market said they would not use Huawei [HWT.UL] technology in their core 5G networks despite t..
Products, Services, and Solutions
ZeroFOX, the Global Leader in Digital Risk Protection Services, Pioneers AI-powered Domain Protection (BusinessWire) The first AI-powered enterprise domain protection solution to automate dismantling of adversary killchains is today delivered by ZeroFOX & Intel AI.
WatchGuard Further Expands Secure Wi-Fi Portfolio, the Industry’s Most Powerful Answer to Wireless Threats (WatchGuard Technologies) Company debuts two new secure APs, while study proves WatchGuard WIPS overlay can protect competing Wi-Fi systems from top wireless threats
Morphisec Introduces Updated Product Line of Proactive Endpoint Threat (PRWeb) Morphisec, the leader in Moving Target Defense, today introduced its updated product line of cloud-delivered endpoint threat prevention soluti
()
Qualys Unveils Multi-Vector EDR, a New Approach to Endpoint Detection and Response (PR Newswire) Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of disruptive cloud-based IT, security and compliance solutions, today announced...
Qualys Expands Ivanti Integration, Adds Patch Management for Apple macOS (MSSP Alert) Qualys allows Vulnerability Management Detection Response platform users to leverage Ivanti patch management for Apple macOS systems & various third-party Mac apps.
New infosec products of the week: July 31, 2020 (Help Net Security) The featured vendors this week include: Qualys, Amazon Web Services, McAfee, CyberSaint, Pulse Secure, Sonrai Security and Veritas Technologies.
Technologies, Techniques, and Standards
Keeping the Lights On (NIST) The only thing worse than a pandemic would be a pandemic without power.
Federal, State, Local and Private Sector Partners Conduct Nationwide Exercise to Test Election Day Plans (CISA) This week representatives from the federal government, state and local election officials, private sector election companies, and national political committees participated in the election community’s largest annual exercise to test and refine Election Day response plans. The third Tabletop the Vote, hosted by the Cybersecurity and Infrastructure Security Agency (CISA), took place July 28 – 30 and included 37 states and approximately 2,100 total participants.
Volunteer hacker army bolsters underfunded U.S. election cybersecurity (NBC News) Networks remain "absolutely ripe for a disruptive or destructive attack by a capable adversary," one cybersecurity official said.
Tennessee to test cybersecurity of its next-generation 911 systems (StateScoop) One of the states furthest along in adopting an IP-based 911 system has hired a company to point out the weak points in its 142 emergency call centers.
Council Post: A Cyber Pandemic Could Be Next: Tips To Secure Your Remote Workforce (Forbes) While a cyber pandemic may be inevitable, how we choose to prepare for the next crisis will determine the magnitude of its effects.
Legislation, Policy, and Regulation
A strategic concept for countering Russian and Chinese hybrid threats (Atlantic Council) Tackling hybrid threats, particularly from state actors such as Russia and China, remains one of the greatest challenges for the transatlantic community. This report offers strategic priorities and recommendations to enhance counter-hybrid capabilities against Russia and China.
First-ever EU cyber sanctions hit Russian, Chinese, NKoreans (AP NEWS) The European Union on Thursday imposed its first-ever sanctions over cyberattacks, slapping them on alleged Russian military agents, Chinese cyber spies and organizations including...
EU’s First Cyber Sanctions Target Russian, North Koreans, Chinese Attackers (Defense One) The EU singled out perpetrators that attacked British hospitals, Ukranian infrastructure, and the Pyeongchang Olympics.
Chinese and Russian hackers were just sanctioned by Europe for the first time (MIT Technology Review) The European Union imposed its first-ever sanctions for cyberattacks on Thursday, targeting Russian, Chinese, and North Korean groups connected to several major hacking incidents. The action, which includes travel bans and asset freezes on individuals and organizations connected to ransomware and industrial espionage, follow earlier sanctions put in place by the United States. Retaliation for…
New EU sanctions apply to hackers and cyber-attacks – Kuleba (Ukrinform) The European Union's decision to apply sanctions against cyber-attacks will help deter Russian aggressive actions in cyberspace. — Ukrinform.
()
Australia to make Google and Facebook pay for news content (Seeking Alpha) The Australian government said on Friday it plans to give Google and Facebook three months to negotiate with Australian media businesses fair pay for news content.
Op-Ed: Sustaining sovereign innovation for Australia’s cyber-physical interests (Defence Connect) The last month or so has seen unprecedented levels of focus and interest in Australia’s approach to cyber security and the trust we place in data, digital infrastructures and interconnected value an
Estonia’s proposed Huawei restrictions earn Elisa’s ire (Developing Telecoms) The Estonian government has drafted a proposal that would ascribe security credentials to equipment vendors looking to supply 5G technologies.
State Dept.'s Strayer Calls Huawei, Other Firms Growing 5G Threat (Consumer Electronics Daily) A State Department official built the U.S. case against Huawei and other Chinese companies and the threat they pose to 5G and the communications supply chain.
Huawei obsession will cause serious damage to US semiconductor industry: expert (iTWire) The US obsession with Chinese telecommunications equipment vendor Huawei Technologies may be well-intentioned, but could end up seriously harming the country's economy and national security, a senior adviser and trustee chair in Chinese Business and Economics at the Centre for Strategic and Inte...
Why America Is Afraid of TikTok (The Atlantic) The company’s founder says in an interview that he wants it to be “a window” on the world. A Republican senator says it is a “Trojan horse.”
The Big Tech Hearing Proved Congress Isn't Messing Around (Wired) Partisan antics aside, lawmakers on the antitrust subcommittee dished out some serious, probing questions to the CEOs of Amazon, Google, Facebook, and Apple.
The Triumphant Return of Congress (The American Prospect) At Wednesday’s Big Tech hearings, the House Antitrust Subcommittee showed what informed politicians and a real investigation can do.
U.S. lawmakers agree Big Tech has too much power, but what to do about it remains a mystery (CNBC) There was broad agreement among the 15 members of the U.S. House of Representatives antitrust subcommittee that big technology has too much power. Still, that doesn't mean Congress knows what to do about it.
Congress has the goods on Apple, Amazon, Facebook and Google (CNBC) The House Antitrust Subcommittee did a lot of the good and dirty work over the last year, gathering over 1 million documents from Apple, Amazon, Facebook and Google in its antitrust probe against the companies.
The 5 biggest little lies tech CEOs told Congress — and us (Washington Post) No, Google, we’re not really in control of our data. And yes, Facebook, you profit from harmful information.
Cicilline grills Zuckerberg on coronavirus misinformation: This is 'about Facebook's business model' (TheHill) Rep. David Cicilline (D-R.I.), the chairman of the House antitrust subcommittee, on Wednesday confronted Facebook CEO Mark Zuckerberg about the spread of misinformation on the platform, questioning whether the company was doing enough to suppress unfounded claims about the coronavirus pandemic.
Emails show Mark Zuckerberg feared app startups were building faster than Facebook in 2012 (The Verge) Executives agreed "copying is faster than innovating."
Top antitrust Democrat: There's a case to break up Facebook (Axios) Cicilline's subcommittee has been looking into competition issues in the digital space.
Apple in 2011 Considered Collecting a 40% Fee From Some Subscription Apps (MacRumors) Apple once considered taking a 40 percent cut from some subscription apps, according to documents shared today by the House Judiciary Committee (via...
()
US and EU like 'two trains colliding' on privacy says activist Schrems (Computing) Schrems 'pretty much done with waiting' for a resolution to the Facebook privacy case after seven years and five court cases
()
Air Force’s game-changing approach to cloud accreditation (Federal News Network) Nicolas Chaillan, the Air Force’s chief software officer, said the service is testing its cloud native access point approach through Platform One with the F-35 and Ground Based Strategic Deterrent…
Lt. Gen. Stephen Fogarty Unveils Army Cyber Command’s Three-Phase Plan for Information Warfare (Executive Gov) Lt. Gen. Stephen Fogarty, head of Army Cyber Command, outlined a 10-year modernization effort to pre
The Inspector General’s Uphill Battle To Create A Culture For Cybersecurity At The Pentagon (Forbes) Last year the IG called out DoD for buying $32.8 million of vulnerable Chinese IT equipment. Has DoD cleaned up its act?
Pentagon IT shop looks to boost security level on its remote collaboration platform (C4ISRNET) The Defense Department created a secure remote environment for unclassified work to support mass telework brought on by the coronavirus pandemic. Now it may beef up cybersecurity for this technology.
Litigation, Investigation, and Law Enforcement
FBI Internal Probe Finds Errors in FISA Warrants Didn’t Undermine Cases (Wall Street Journal) The FBI said Thursday that errors found in the files of dozens of applications to monitor Americans suspected of having links to foreign intelligence or terrorism didn’t ultimately undermine those applications.
Full DC Circ. To Rehear Michael Flynn Dismissal Fight (Law360) The D.C. Circuit on Thursday granted a federal judge's request to take another look at a divided panel's ruling last month ordering him to immediately end the prosecution of former national security adviser Michael Flynn amid efforts to scrutinize the U.S. Department of Justice's move to throw out the criminal case.
Police Requests for Google Users’ Location Histories Face New Scrutiny (Wall Street Journal) Police officers’ use of a type of warrant to monitor Google users’ locations en masse is facing its first legal and political challenges, as scrutiny of law enforcement tactics grows.
Report Sheds Light on China’s Use of Military-Linked Researchers (Wall Street Journal) Researchers in the U.S. have engaged in extensive collaboration with counterparts affiliated with the Chinese military, potentially boosting China’s potency as a rival, according to a new report.
Google's $2.1 billion Fitbit deal faces EU antitrust probe: sources (Reuters) Google's $2.1 billion bid for fitness tracker maker Fitbit will face a full-scale EU antitrust investigation next week, people familiar with the matter said on Thursday.
China arrests 109 members of Bitcoin’s biggest Ponzi scheme (Decrypt) Authorities in China arrested the alleged architects behind the PlusToken project, bringing an end to the biggest Bitcoin scheme in history.
Chinese Hackers Accused of Targeting Pearson, Accessing Millions of Student Records (Market Brief) Pearson was the unnamed education software company that federal prosecutors said was the victim of Chinese hackers, who last year targeted companies across several industries.
LifeLabs going to court to stop data breach report release (Richmond News) The medical testing company hit in a cyberattack impacting the private data of millions of Canadians is taking B.C. and Ontario privacy commissioners to court to stop full publications of their . . .
Former Marine Sentenced to 9 Years in Russia in Case Criticized as Political (New York Times) Trevor R. Reed was charged with assaulting and endangering the lives of two police officers in a case that some have likened to that of another former U.S. Marine in Russia.
Moroccan journalist detained on espionage, rape charges (MEO) Omar Radi’s colleague says he raped her while she was talking to her fiancé on the phone.
Docs In $5B Facebook-FTC Deal May Need Judge's Scrutiny (Law360) A federal judge suggested Thursday that she will need to get a closer look at documents pertaining to a $5 billion settlement between Facebook Inc. and the Federal Trade Commission before deciding whether to turn them over to Block & Leviton LLP for use in an investor suit.
Split 9th Circ. Dismisses Yelp TCPA Texts Row (Law360) A split Ninth Circuit panel dismissed an appeal of a proposed class action seeking to hold Yelp liable for Telephone Consumer Protection Act violations over texts that Buffalo Wild Wings sent out using Yelp's software, with the majority saying in a Thursday filing there was evidence of intent to "manipulate appellate jurisdiction."