Easy Shield risk control business weekly reported weekly notable security technologies and events, including, but not limited to, content security, mobile security, business security and network security to help businesses be vigilant, avoid these like a small real big, healthy development of the business impact Security Risk.
1, "Children's Personal Information Network Protection Regulations" for public comment
National Internet Information Office (hereinafter referred to as "net letter Office") recently issued a notice on "Children's personal information network protection regulations (draft)" for public comment. The advice is to regulate the use of children to collect personal information and other acts to protect the legitimate rights and interests of children, to create a good environment for the healthy growth of children online, the deadline for comments is 30 June 2019.
Suitable for the draft for minors under 14 years of age, the draft suggested that network operators should set up a dedicated children's personal information protection rules and user agreement, and the establishment of personal data protection officer or designated person responsible for the protection of children's personal information . User Agreement applies to children should be concise, easy to understand, network operators use children's personal information, shall not exceed the agreed scope and purpose.
2, Ministry of Water Resources: *** exercises on network security issues found in interviews with relevant units
Ye Jianchun Vice Minister of Water Resources Ministry of Water Resources on Network Security 2019 *** walkthrough find more problems in the Yangtze River Water Resources Commission, Yellow River Conservancy Commission, the Huaihe River Water Resources Commission, the Haihe River Water Resources Commission, Taihu Basin Authority, Hanjiang Group and other six units network security leaders in charge of collective interviews, asked all units to learn from this exercise, to improve the political stations, the main responsibility for the implementation of sound management system, and actively investigation and rectification, to take effective measures to eliminate safety hazards and improve the ability to prevent, prevent similar problems from happening again. (Ministry of Water Resources website)
3, Facebook or other social media companies face more stringent content regulation in the EU
EU General Counsel June 4 said in a preliminary ruling, Facebook, FB and other social media platforms should be responsible ××× content. For this side of the Atlantic are facing rising regulatory resistance to the US technology giant, this is a new blow. A legal opinion of the Supreme Court of the total European legal adviser Maciej Szpunar announced that if a court ruled that a defamatory statement, the court may order that Facebook and search for similar companies in the company's platform and find these same words. (TechWeb)
4, Apple protecting privacy a big move: the virtual mailbox to help the user logs on to third parties
WWDC 2019 conference, Apple announced a new login mechanism Sign in with Apple, so that third-party applications to authenticate users via Apple ID. Apple claims that this landing mechanism will effectively protect user privacy, prevent users being tracked. The name is the same as other similar log Sign in with Apple's new authentication mechanisms with Facebook and Google offered ways of working, but enhances user privacy protection. (See Snow College)
5, June 2019 Android patch is released: a total of 22 security vulnerabilities repair
Support for all series of Pixel and equipment from other vendors, Google today released June 2019 in Android security patches, fixes a recently discovered security vulnerabilities and fixes various issues. June 2019 The Android security patches including 2019-06-01 and 2019-06-05 two levels of security patches, fixes a total of 22 security holes, covering Android system framework, Linux kernel component, high-pass components (including closed-source ), Media components. (CnBeta)
6, steal *** "Jian Wang 3" virtual currency 6 billion Xishanju: bug has been fixed
June 3, Zhuhai Municipal Public Security Bureau official website released a "Hurricane 2019" Ten cases. Among them, Zhuhai city police successfully destroyed a large *** gang, the gang use *** invasive technology developed by the company's back-end gaming systems, to steal game virtual currency 6 billion of gold, worth about 8.8 million yuan RMB.
After the news release, there are users according to the disclosure of details and photos, which the game is guessing, "Jian Wang 3" (called the "JX Online Triple"). Official says, the game is just a small bug, is now repaired. For more details, including how Xishanju team found that the correlation *** gang initiative and reported to the police, the stolen game virtual currency and other relevant circumstances, do not understand the other side have said, disclose.
7, Apple's limit children's category of advertising and tracking
Apple announced another provision to strengthen the protection of children's privacy, App Store "Children category" applications are no longer allowed to include third-party advertising or analytics tools. Apple updated the application review provisions relating to "child category", a children's categories to help users find specifically designed for children's app, if developers want to enter the "child category", then the app may not provide the app outside links, buying opportunities or other impact on children contents interference. (Solidot)
8, Canva 1.39 million users of data leakage
*** claiming claiming GnosticPlayers of stealing 139 million Australian website Canva of user data. Canva is a very popular graphic design services, Alexa ranking in less than 200. *** stolen data includes user name, real name, email address, city, country information. Canva confirmed that its database was illegally accessed, said it had not found that the account is ***, it has been considered prudent to encourage the user to change the password. (Technology Walker)