đź“° FTC Takes Action Against Adobe and Executives | Tuesday Times | June 18, 2024

Joses
Joses Member Posts: 68 admin
edited June 20 in General Community

What is Tuesday Times?

Tuesday Times is a weekly Tuesday series where we highlight a handful of recent cybersecurity-related news stories. We'll provide brief summaries of these news stories and link the articles directly, should you want to read more!

Feel free to comment on any of the articles highlighted, or share your own in the comments below!

FTC Takes Action Against Adobe and Executives | Tuesday Times | June 18, 2024

FTC Takes Action Against Adobe and Executives for Hiding Fees, Preventing Consumers from Easily Canceling Software Subscriptions

  • If you've ever had to cancel a service like a gym membership, you know exactly how it feels having to jump through hoops to finally end your subscription, only to end up paying some fee you never knew about. The Federal Trade Commission (FTC) is accusing Adobe of doing this with their subscription plans.
  • According to the Director of the FTC’s Bureau of Consumer Protection, Samuel Levine, "Adobe trapped customers into year-long subscriptions through hidden early termination fees and numerous cancelation hurdles.” The early termination fee (ETF) mentioned charges users 50% of the remaining payments left in the first year of the service.
  • In the federal court complaint filed by the FTC against Adobe, they state that Adobe is aware of user issues with the ETF and that they knowingly make it difficult to cancel subscriptions by having multiple transfers, dropping calls, ending chats, and even continuing to charge after the subscription has been canceled.

Security Bug Enables Anyone to Spoof Microsoft Employee Emails

  • Microsoft continues to stay in the spotlight, but this time for a bug that enables anyone to spoof or impersonate a Microsoft employee via Outlook. This news comes just a week after Microsoft's President, Brad Smith, told the House the company would be prioritizing cybersecurity.
  • Vsevolod Kokorin, the person who found the bug, contacted Microsoft about the security issue but was quickly dismissed after being told they were unable to replicate it. Kokorin then posted this vulnerability on social media where it gathered enough attention for Microsoft to re-open their support ticket.
  • While this bug only affects Outlook accounts, it makes it even more difficult for potential victims to differentiate between a real Microsoft support email and a phishing attempt. This type of situation displays how important it is for companies of all sizes to listen to their customers, especially when discussing potential security risks.

Life360 Says Personal Information Stolen From Tile Customer Support Platform

  • Life360, a large location-based services company, has become the most recent victim of a "criminal extortion attempt." The company received an email from a threat actor who claimed to have Tile customer information.
  • After investigating the incident, Tile found that "The potentially impacted data consists of information such as names, addresses, email addresses, phone numbers, and Tile device identification numbers." This likely comes as a relief to many of the impacted users, considering Life360 actively works with live location data of millions of users every month.
  • According to Security Week, "The attackers reportedly accessed a Tile system using compromised login credentials for an administrator account." As data breaches become an even more common occurrence, it's important to remember that many of these incidents can be mitigated by keeping your cybersecurity workflows up to date and training employees on what they should look out for.