France Says it is Going Ahead with Digital Tax
France has been complaining that U.S. companies (mostly) have not been paying their fair share of French taxes since they are not selling widgets that delivered in France, so they came up with this digital tax, a 3% tax on digital services delivered in France. They held off for a while trying to get some sort of international tax agreement, but that does not appear to be happening, so they are moving forward with the tax. Only affects companies doing business in France with revenue more than 25 million Euros. Is this the wave of the future? Credit: Cybernews
FCC Chairman Pai to Step Down on Jan 20
Ajit Pai announced that he will step down from the FCC on inauguration day rather than having the new President fire him, which is almost guaranteed. Pai, a former telecom industry lawyer and lobbyist, said that he may try to create some rules in his remaining two months in support of the President’s efforts to hurt Facebook, Twitter and similar companies. Those rules would likely be reversed on the day after inauguration, so it is not clear why he would waste taxpayer money doing that, but that is Washington for you. Credit: CNBC
How Many Phishing Sites?
Since the beginning of this year, Google has flagged 46,000 web sites EACH WEEK as phishing sites. That is over 2 million so far, this year. This is a 20% increase over last year and the year is not over. Hackers can buy as many sites as they want, but, in part, they are looking for “look alike” sites – sites with a zero swapped for an Oh or an “L” swapped for a “1”. But also, they just take over sites with bad security. There is almost no way to track that, but I can say from personal analysis, that there are way more of the second kind than the first kind. Credit: KnowBe4
Docker Malware – Its a Thing
Docker containers are the darling of the development world – light weight and easy to deploy; self contained and OS agnostic, supported in the cloud – everything that developers want.
Three years after the first Docker malware showed up, it is now common. Malware gangs are now targeting Docker and Kubernetes.
Many of the attacks – surprise – are due to misconfigured Docker servers, leaving them exposed to attack. It appears that we in IT never learn. Just because tech is delivered slightly differently, the basics still apply.
To make a point, researchers looked at images publicly available in the Docker Hub. 51% had critical vulnerabilities and 6,500 of the images tested could be considered malicious.
Even Before Dust Settles on Swiss/CIA Deal to Subvert Encryption …. Another One
Even before all of the investigations are complete of the CIA’s compromise of Crypto AG and selling compromised encryption hardware to both our friends and enemies so we could spy on them, another story surfaces. Apparently Crypto AG was not the only one. Now the Swiss media is reporting that the CIA controlled another Swiss crypto company, Omnisec. The Swiss politicians are going crazy and calling for executions in the public square. Stay tuned, but assume your crypto has been compromised. By someone. Credit: Security Week