Microsoft Seizes Domains From Chinese Group 'NICKEL' Used to Attack Governments

NICKEL is a China-based threat actor that targets governments, diplomatic entities, and NGOs around the world. Microsoft’s Digital Crimes Unit has disrupted their operation.

MSTIC has observed NICKEL actors using exploits against unpatched systems to compromise remote access services and appliances. Upon successful intrusion, they have used credential dumpers or stealers to obtain legitimate credentials, which they used to gain access to victim accounts. NICKEL actors created and deployed custom malware that allowed them to maintain persistence on victim networks over extended periods of time.

WhatsApp Users Can Enable Disappearing Messages by Default

WhatsApp is now letting users turn on disappearing messages for all chats by default.

Prior to Monday’s update, users had to manually enable ephemerality for each new chat with another individual. WhatsApp is additionally also giving users the option to have their messages disappear after 24 hours or 90 days, in addition to the seven-day period it originally introduced the feature with last year.

Apple TV+ Suggests Christmas Viewing

In a new Christmas trailer, Apple TV+ suggests shows and films that it recommends for viewers over the festive period. The content featured includes Swansong, The Morning ShowTed Lasso, and, of course, A Charlie Brown Christmas. All this content is available to subscribers now or will be becoming available shortly.

iPhone 13 And Apple Watch Carrier Rebate Wrangles

A significant number of customers have reportedly found it difficult to get an expected rebate back from carriers on various products, including the iPhone 13 and Apple Watch. One of those was Bloomberg News’s Mark Gurman. In his latest Power On newsletter, he described the issue and the various ways some people had resolved it., which is likely to be useful to others.

My struggles with the rebates process started with the Apple Watch. I had purchased the Apple Watch Series 7, which came out in October, and submitted a request to T-Mobile for its $100 rebate.  Several weeks after my submission, to my surprise, T-Mobile’s promotion website said that my claim was denied because the product wasn’t activated during the promotion window. This, of course, was false. Multiple hourlong phone calls with T-Mobile customer service didn’t resolve the situation, nor did messages sent to the company’s support team over Twitter. Ultimately, the issue was only fixed after talking to T-Mobile at the corporate level. We figured out that my rebate was denied because the fine print of the deal—depending on how you read it—requires the opening of an entirely new phone number.

Verizon Automatically Tracks Your Data in New Update

In a new program called Verizon Custom Experience, the company is automatically opting customers in to track their data. But you can opt out.

A new program innocuously titled the “Verizon Custom Experience” is sold to users as a way for the company to “personalize our communications with you, give you more relevant product and service recommendations, and develop plans, services and offers that are more appealing to you.” To accomplish this, all a Verizon subscriber needs to do is… allow the company access to all the websites you visit, apps you use, as well as see everyone you happen to call and text.

Hundreds of Tor Servers From 'KAX17' Threaten to Deanonymize Users

Security researcher ‘Nusenu’ has uncovered hundreds of Tor servers belonging to an entity tracked as KAX17.

Grouping these servers under the KAX17 umbrella, Nusenu says this threat actor has constantly added servers with no contact details to the Tor network in industrial quantities, operating servers in the realm of hundreds at any given point.

KAX17’s focus on Tor entry and middle relays led Nusenu to believe that the group, which he described as “non-amateur level and persistent,” is trying to collect information on users connecting to the Tor network and attempting to map their routes inside it.

Government Traces Ransomware Payments to Business Address in Moscow

The New York Times writes how the U.S. government has traced ransomware payments to an address in Federation Tower East in Moscow, Russia.

That this high-rise in Moscow’s financial district has emerged as an apparent hub of such money laundering has convinced many security experts that the Russian authorities tolerate ransomware operators. The targets are almost exclusively outside Russia, they point out, and in at least one case documented in a U.S. sanctions announcement, the suspect was assisting a Russian espionage agency.

Prioritizing The Bachelorette — Mac Geek Gab 903

Oftentimes we find ourselves relying upon technology to help maintain family harmony. Listen as John and Dave share a few of your (and their!) examples of just how this can work, and they solve a few problems along the way. If you’re a long-time MGG listener, though, you know that’s not all you get in this episode! Quick Tips and Cool Stuff found are peppered in, as well as a few extra hints and tips from your two favorite geeks. Press play and enjoy learning at least five new things!

Cuba Ransomware Gang Made $43.9 Million in Ransom Payments

The FBI also said it traced attacks with Cuba ransomware to systems infected with Hancitor. This is a malware operation to access Windows machines.

It is also worth mentioning that Cuba is also one of the ransomware groups that gather and steal sensitive files from compromised companies before encrypting their files. If companies don’t pay, the Cuba group will threaten to dump sensitive files on a website they have been operating on the dark web since January this year.

The Struggles Faced by Apple's Hourly Workers

We’ve heard lots recently from Apple whistleblowers like Ashley Gjovick and Cher Scarlett, and the broader #AppleToo movement. But the conversation tends to focus on the company’s corporate staff. The Verge has a very powerful and distressing report, containing allegations about what it’s like for those who work in places like the Apple Store.

Over the past five months, Apple’s hourly workforce has been watching as corporate employees advocate for more pay transparency. Some have organized with employees in Cupertino under the banner #AppleToo, to call for better working conditions. Others are just now beginning to speak out — realizing that the issues their well-compensated corporate colleagues are experiencing could be greatly exacerbated on the frontlines. The Verge spoke with 16 current and former employees on Apple’s retail, support, and sales teams who say their complaints about working conditions and pay have largely been ignored. Some say they are governed more by algorithms and systems than actual managers, making it difficult to get holistic help. All of them note that while they came into the job believing in Apple’s mission, they see a profound breakdown in how the company’s corporate values translate to the frontlines.

Does Spotify Wrapped Prove The Streaming Servince is Better Than Apple Music?

Over on iMore, Joe Wituschek argues that Spotify is better than Apple Music for a lot of reasons, and the recently released Wrapped feature is one of them. He makes some compelling arguments as to why he has given up on Cupertino’s offering. However, I stick with Apple Music because I do think the curation and radio shows (which you can listen to on-demand as a subscriber,) make it worth the money. This is particularly true if you get an Apple One bundle.

Don’t get me wrong, Spotify isn’t without its problems either. Support for the HomePod is still nonexistant and, even though they were able to build an Apple Watch app and cellular streaming to it for a while, it took them YEARS to implement the feature. Apple Music even arguably has some design wins over Spotify with its Now Playing screen and more advanced audio features with Spatial Audio and Lossless Audio. No music streaming service is going to be perfect but, if there ever was one that got as close as possible, it has to be Spotify. The user interface and navigation are clean and easy to understand, the personalized playlists are spot on, and the performance of the app (across mobile and desktop) are really responsive.

Google Working on Own Watch, 2022 Launch Possible

Google is working on a wearable to challenge the Apple Watch, according to a report from Insider, picked up on by The Verge. It could launch as soon as next year. I suspect that such a device, long-awaited by many, will prove popular, but doubt it can displace the Apple Watch.

The watch (codenamed “Rohan”) is being worked on by Google’s Pixel hardware group separately from Fitbit, which Google bought for $2.1 billion earlier this year. According to Insider’s report, the new upcoming Google watch — it’s not clear whether Google will actually be calling it a “Pixel Watch” yet — will serve much the same role as the Pixel phones do for Android: an example for both consumers and hardware partners of what Google’s software is truly capable of when given the right hardware. The device is expected to cost more than a Fitbit and compete more directly with the Apple Watch, according to The Verge’s source.The watch will have basic fitness tracking features, including step counting and a heart rate monitor, with Google also reportedly working on debuting a Fitbit integration into Wear OS (codenamed “Nightlight”) with the new watch when it launches.

Ubiquiti Developer Arrested and Charged With Extortion

Former Ubiquiti employee Nickolas Sharp has been arrested and charged with data theft and extortion.

As alleged, Nickolas Sharp exploited his access as a trusted insider to steal gigabytes of confidential data from his employer, then, posing as an anonymous hacker, sent the company a nearly $2 million ransom demand.