Apple Pay Support Comes to Qatar

Believe it or not, some countries still don’t have Apple Pay support. We can now count Qatar as one of the countries that does offer support for Cupertino’s digital wallet, after a recent announcement by Qatar bank QNB.

QNB is one of the largest financial institutions in the region and operates a number of subsidiaries in 31 countries, including many neighboring states. While the company announced Apple Pay availability for all customers, it appears the service is currently limited to people living in Qatar.

“We are proud for taking the initiative of bringing Apple Pay to the Qatari market. QNB has a reputation of providing its customers with state-of-the-art technologies,” said Heba Al-Tamimi, general manager at QNB Group’s Retail Banking arm.

Smart Home Cameras, Baby Monitors Affected by Software Bug

A flaw in the ThroughTek “Kalay” network affects millions of IoT devices including smart baby monitors, DVRs, smart cameras, and other products.

this latest vulnerability allows attackers to communicate with devices remotely. As a result, further attacks could include actions that would allow an adversary to remotely control affected devices and could potentially lead to remote code execution.

Due to how the Kalay protocol is integrated by original equipment manufacturers (“OEMs”) and resellers before devices reach consumers, Mandiant is unable to determine a complete list of products and companies affected by the discovered vulnerability.

Mastercard Moves to Phase Out Use of Magnetic Stripe by 2024

Mastercard announced on Monday a plan to phase out usage of magnetic stripes on its cards, and says it is the first payments network to do so.

Based on the decline in payments powered by magnetic stripes after chip-based payments took hold, newly-issued Mastercard credit and debit cards will not be required to have a stripe starting in 2024 in most markets. By 2033, no Mastercard credit and debit cards will have magnetic stripes, which leaves a long runway for the remaining partners who still rely on the technology to phase in chip card processing.

GitHub No Longer Accepts Passwords, Use Security Keys Instead

GitHub will no longer accept passwords when authenticating Git operations and will require the use of strong authentication factors. Yubico also posted about the announcement here, and its 2FA hardware keys are an acceptable solution for GitHub users.

In December, we announced that beginning August 13, 2021, GitHub will no longer accept account passwords when authenticating Git operations and will require the use of strong authentication factors, such as a personal access token, SSH keys (for developers), or an OAuth or GitHub App installation token (for integrators) for all authenticated Git operations on GitHub.com. With the August 13 sunset date behind us, we no longer accept password authentication for Git operations.

(Update) T-Mobile Customer Data for Sale Affecting Over 100 Million People

A person in an online forum is offering data for sale that they claim comes from T-Mobile servers. The carrier says it is investigating the accuracy of this alleged breach.

The data includes social security numbers, phone numbers, names, physical addresses, unique IMEI numbers, and driver licenses information, the seller said. Motherboard has seen samples of the data, and confirmed they contained accurate information on T-Mobile customers.

Update: T-Mobile has issued a statement confirming the breach.

UK Regulator May Force Facebook to Sell Giphy

UK regulator the Competition and Markets Authority (CMA) has said that Facebook may have to sell GiphyThe social media giant rejected the preliminary findings, BBC News reported.

The Competition and Markets Authority provisionally found Facebook owning Giphy “could lead it to deny other platforms access to its Gifs”. The CMA will now consult before making a final conclusion. And if its concerns are confirmed, the [sic] it may require Facebook to sell Giphy. Facebook said the findings were “not supported by the evidence”. Giphy’s vast library of looping short video animations is hugely popular – including among Facebook’s competitors.

Ledger Crypto Wallet Now Supports Staking ETH With Lido

Owners of the Ledger hardware wallet can now stake their ETH through Lido as it transitions to Ethereum 2.0.

By staking ETH with Lido, you don’t need to own 32 ETH to become a network validator. Lido allows users to participate in the network with any amount of ETH. You don’t need to maintain complex infrastructure whilst preserving the liquidity of your ETH. Indeed, for each Ether you’ll stake through LIDO you’ll receive stETH in exchange.

USDC Co-Creator ‘Circle’ Wants to Become a Traditional Bank

Circle, along with Coinbase, operates USD Coin (USDC) a cryptocurrency that has its valued pegged to the US dollar. Coins of this nature are known as stablecoins. Circle has announced its intentions to become a traditional, FDIC-insured bank. Could this pave the way for USDC to become the de facto digital currency of the U.S.? Axios has a good summary.

Circle chief strategy officer Dante Disparte tells Axios that the company hasn’t yet even properly initiated the process of applying to become a bank; it’s just announced its intention to do so. Disparte says they’re willing to do “whatever the policymakers want.”

Top 10 Services That Hackers Target the Most

Software system provider Intact collected data and analyzed it to see which brands hackers are searching for as their next potential hacking targets.

We analysed search intent by digging out the number of searches for terms including ‘how to hack [xyz]’. Although career cybercriminals are likely to use more nefarious means to research and test their hacking processes, Google search data provides an insight into global intent and changing trends.

‘Weedmaps’ Adds In-App Purchases for Cannabis Products

An app called Weedmaps was updated to let customers purchase products directly within the app. It’s a notable move because Apple’s restrictions previously forbade in-app purchases for cannabis.

The change comes after Apple opened up the App Store for some cannabis apps. Under the new guidance, licensed cannabis operators fall under the same restrictions (to Apple) as licensed pharmacies allowing apps like Weedmaps, which lists licensed cannabis operators, to offer such services.

DeFi Platform ‘Poly Network’ Hacked, $600 Million in Crypto Stolen

Poly Network is a cross-chain decentralized finance platform and operates on the Binance Smart Chain, Ethereum and Polygon blockchains. It suffered a hack recently in which approximately US$600 million in crypto was stolen.

About one hour after Poly announced the hack on Twitter, the hacker tried to move assets including USDT through the Ethereum address into liquidity pool Curve.fi, records show. The transaction was rejected. Meanwhile, close to $100 million has been moved out of the Binance Smart Chain address in the past 30 minutes and deposited into liquidity pool Ellipsis Finance.

Firefox 91 Update Lets You Fully Erase Your Browser History

Mozilla’s latest update to Firefox, version 91, offers enhanced cookie clearing when a user deletes their browser history.

When you decide to tell Firefox to forget about a website, Firefox will automatically throw away all cookies, supercookies and other data stored in that website’s “cookie jar”. This “Enhanced Cookie Clearing” makes it easy to delete all traces of a website in your browser without the possibility of sneaky third-party cookies sticking around.

FEMA to Test Emergency Alert System on August 11, 2021

On Wednesday, August 11, 2021 FEMA will test its Emergency Alert System as well as the Wireless Emergency Alerts system. It will happen at 2:20 ET.

The Federal Emergency Management Agency, or FEMA, runs the test every year or two to ensure the system is working properly. It’s no small task: A national emergency alert system that can broadcast a message to potentially hundreds of millions of people at any given time is fraught with technological hurdles that require close co-operation from the cell carriers and broadcast networks.

On the iPhone you can see if you have these alerts enabled in Settings > Notifications, and scrolling down to the bottom.

‘Non-Standalone’ 5G Exposes Phones to Stingray Police Surveillance

5G that uses “non-standalone architecture” is rife with security issues and doesn’t protect people from Stingray police surveillance.

Borgaonkar and fellow researcher Altaf Shaik, a senior research scientist at TU Berlin, found that major carriers in Norway and Germany are still putting out 5G in non-standalone mode, which means that those connections are still susceptible to stingrays. The two presented at the Black Hat security conference in Las Vegas last week.

Secure Chat App ‘Signal’ Announces Default Disappearing Messages

Signal, a messaging app that uses end-to-end encryption, introduced a feature to let you have all of your messages disappear by default.

Until now, disappearing messages had to be enabled on a per-conversation basis, but for those who want to take ephemerality to the fullest, Signal now supports the ability to preconfigure all conversations you initiate with a default timer.

We’ve also added the ability to set custom timer durations on your conversations, so that some content can be gone in 60 seconds and others can exist for 18 minutes or 4 weeks.

Google Introduces New Safety Features for Kids and Teens

Google on Tuesday announced new safety features for minors across YouTube, Google Search, Google Play Store, and more.

In the coming weeks, we’ll introduce a new policy that enables anyone under the age of 18, or their parent or guardian, to request the removal of their images from Google Image results. Of course, removing an image from Search doesn’t remove it from the web, but we believe this change will help give young people more control of their images online.

Parallels 17 is First macOS Monterey Virtual Machine Running on Apple Silicon

Parallels 17, the latest version of the software that allows users to work with Apple and Windows operating systems on the same device, is out now. 9to5 Mac has a good breakdown of the latest features.

Software doesn’t stand still and neither do the operating systems. macOS Monterey and Windows 11 will be coming sooner than later and Parallels 17 is ready for them both as a host and a guest. If you need to start testing macOS Monterey for your job but are not ready to run it full time, Parallels 17 lets you run it in a virtual machine today. Parallels worked closely with Apple to optimize the experience of running macOS Monterey in a virtual machine. Parallels 17 shows noticeable speed improvements across the board. Resuming an OS is now 38% faster and OpenGL performs up to six times faster. Apple Silicon Macs report over a 20% performance boost with Windows 10 boot time, improved disk performance, and enhanced DirectX11 support.

Salesforce Joining The Streaming Wars With Service Focussed on Business Users

The latest entrant into the streaming wars is Salesforce. The company’s chief marketing officer Sarah Franklin told Axios about the forthcoming service, which is called…

Salesforce+, which will debut globally during Salesforce’s annual mega-conference Dreamforce in September, is a free service that will feature original programming from Salesforce and eventually, content created by its clients. The content will be available on-demand 24/7, but it will also feature live event programming, starting with Dreamforce. The company has hired around 50 editorial leads to help launch the service, including script writers and broadcast producers. It plans to fill many more editorial roles in the months to come as it builds up its programming slate…For now, Franklin says the company has no plans to sell ads around the content or charge for it. “We’ll measure success by free subscribers and viewership,” she says. It will launch with a sizable amount of paid promotion in September.