Today’s topics include AT&T fighting the government’s opposition to its proposed merger with Time Warner; Intel patching Management Engine vulnerabilities; Microsoft warning of recent spikes in Office threats; and Google tracing users’ locations via cell towers.
AT&T is calling the U.S. Department of Justice antitrust lawsuit filed Nov. 20 to block its proposed $85.4 billion merger with Time Warner wrong and vowed to pursue the case in the courts.
The DOJ filed the lawsuit because it claims the merger “would greatly harm American consumers … [and] would mean higher monthly television bills and fewer of the new, emerging innovative options that consumers are beginning to enjoy.”
However, David R. McAtee II, an AT&T senior executive vice president, called the lawsuit a “radical and inexplicable departure from decades of antitrust precedent.” He claimed the merger would instead “help make television more affordable, innovative, interactive and mobile.”
Intel issued a critical firmware update on Nov. 20 for a set of eight vulnerabilities that impact Intel Management Engine versions 11 and higher and the associated Intel Trusted Execution Engine and Intel Server Platform Services.
The vulnerabilities allow an attacker “to run unsigned code in [the Platform Controller Hub] on any motherboard via Skylake+,” an abstract states from a Black Hat Europe security conference talk scheduled for Dec. 6.
“The main system can remain functional, so the user may not even suspect that his or her computer now has malware resistant to reinstalling of the OS and updating BIOS.” Intel stated that it has “performed an in-depth comprehensive security review … with the objective of enhancing firmware resilience.” Intel has also released a detection tool to help impacted users detect if they are at risk.
In a Nov. 21 advisory, Microsoft’s Office 365 Threat Research team said that they have observed an escalation in the efforts of attackers to infect systems running Office.
“The discovery and public availability of a few Office exploits in the last six months led to these exploits gaining popularity among crimeware and targeted attackers alike,” claimed Microsoft’s security researchers.
“While crimeware attackers stick to payloads like ransomware and info stealers … more sophisticated attackers clearly distinguish themselves by using advanced and multi-stage implants.”
Microsoft singled out four vulnerabilities, all of which have been fixed, but may still linger in organizations that have delayed or are a little behind in their security patches.
Apart from one, attacks based on these exploits “pull the malware payload from remote locations,” which makes it tough to reliably detect malicious code.
Google is downplaying a report that it has quietly been collecting location data from Android devices even when users have disabled location services or haven’t even inserted a SIM card into their phones.
The Quartz online site contended in a Nov. 21 report that since at least the beginning of this year, newer Android phones have been collecting and relaying back to Google addresses of a user’s nearby cellular tower.
While not as granular as GPS data, this data could still help Google triangulate a user’s location with considerable accuracy.
While not denying it collects the data, Google does claim that in order “to ensure messages and notifications are received quickly, modern Android phones use a network sync system that requires the use of Mobile Country Codes and Mobile Network Codes.”
To do this, Android devices need to ping Google’s servers at periodic intervals. Google claims the information was never used to determine an Android device’s location and has also updated its systems to ensure that cell ID information is no longer sent to its servers.