Threat Post

1. Tractors, Pod Ice Cream and Lipstick Awarded CES 2021 Worst in Show

   Expert panel awards dubious honors to 2021 Consumer Electronics Show’s biggest flops, including security and privacy failures.

2. Microsoft Implements Windows Zerologon Flaw ‘Enforcement Mode’

   Starting Feb. 9, Microsoft will enable Domain Controller “enforcement mode” by default to address CVE-2020-1472.

3. Apple Kills MacOS Feature Allowing Apps to Bypass Firewalls

   Security researchers lambasted the controversial macOS Big Sur feature for exposing users' sensitive data.

4. Google Boots 164 Apps from Play Marketplace for Shady Ad Practices

   The tech giant removes 164 more offending Android apps after banning software showing this type of behavior from the store last year.

5. Facebook: Malicious Chrome Extension Developers Scraped Profile Data

   Facebook has sued two Chrome devs for scraping user profile data - including names, user IDs and more.

6. Florida Ethics Officer Charged with Cyberstalking

   Judge bars former Tallahassee city ethics officer from internet-connected devices after her arrest for cyberstalking.

7. Telegram Bots at Heart of Classiscam Scam-as-a-Service

   The cybercriminal service has scammed victims out of $6.5 million and continues to spread on Telegram.

8. Cloud Attacks Are Bypassing MFA, Feds Warn

   CISA has issued an alert warning that cloud services at U.S. organizations are being actively and successfully targeted.

9. Ring Adds End-to-End Encryption to Quell Security Uproar

   The optional feature was released free to users in a technical preview this week, adding a new layer of security to service, which has been plagued by privacy concerns.

10. TikTok Takes Teen Accounts Private

    The company announced accounts for ages 13-15 will default to a strong privacy setting, among other safety measures.