Overnight Hillicon Valley — Apple issues security update against spyware vulnerability

Overnight Hillicon Valley — Apple issues security update against spyware vulnerability
© HECTOR RETAMAL/AFP via Getty Images

Today is Monday. Welcome to Hillicon Valley, detailing all you need to know about tech and cyber news from Capitol Hill to Silicon Valley. Subscribe here: thehill.com/newsletter-signup.

Apple made waves in the cybersecurity space Monday by issuing a set of emergency security updates for many of its products following the discovery of a new security vulnerability that enables the download of spyware technology without the user clicking on anything. 

Meanwhile, the White House announced President BidenJoe BidenUN meeting with US, France canceled over scheduling issue Schumer moves to break GOP blockade on Biden's State picks GOP Rep. Cawthorn likens vaccine mandates to 'modern-day segregation' MORE will nominate privacy advocate Alvaro Bedoya to the Federal Trade Commission to fill a seat set to be vacated since the president nominated a Democratic commissioner to lead the Consumer Financial Protection Bureau.

Follow The Hill’s cyber reporter, Maggie Miller (@magmill95), and tech team, Chris Mills Rodrigo (@millsrodrigo) and Rebecca Klar (@rebeccaklar_), for more coverage.

Let’s jump in.

Don’t ignore the security update today 

An iPhone on a laptopApple on Monday released a series of emergency security updates following the discovery of a vulnerability that allowed Israeli company NSO Group to infect Apple products with spyware.

Major concern: The vulnerability, discovered by researchers at Citizen Lab, applied to Apple iOS, MacOS and WatchOS products, and was described by the researchers as a “zero-day zero-click exploit” targeted against iMessage.

Apple released security updates for each of the products on Monday after Citizen Lab disclosed the vulnerability to the company last week, with Apple noting in the update that it was “aware of a report that this issue may have been actively exploited.”

The New York Times first reported the discovery of the vulnerability on Monday.

Citizen Lab researchers discovered the vulnerability while examining the phone of a Saudi Arabian activist that had been known to be infected with an NSO Group spyware program. The vulnerability discovered by the researchers targeted the Apple image rendering library, enabling NSO Group to remotely infect and exploit the targeted devices. 

“This spyware can do everything an iPhone user can do on their device and more,” John-Scott Railton, a senior researcher at Citizen Lab, told The New York Times Monday. 

Familiar name: This is far from the first time that products from NSO Group, and the company itself, have come under fire for allegations of human rights and privacy abuses. 

Read more about the update here.


Take a seat

The Federal Trade Commission building in Washington, D.C., is seen on June 18.

President Biden will nominate privacy advocate Alvaro Bedoya for a seat on the Federal Trade Commission (FTC), the White House announced Monday. 

Bedoya’s background: Bedoya, a Georgetown Law professor and the founding director of the school's Center on Privacy & Technology, will be filling a spot set to be vacated since Biden nominated Commissioner Rohit ChopraRohit ChopraSenate advances Biden consumer bureau pick after panel logjam Overnight Hillicon Valley — Apple issues security update against spyware vulnerability Privacy advocate to be nominated for seat on Federal Trade Commission MORE to lead the Consumer Financial Protection Bureau. 

Before Bedoya founded the privacy center, he served as the first chief counsel to the Senate Judiciary Subcommittee on Privacy, Technology and the Law. 

The nomination comes as the FTC continues to take aim at tech giants and their market power. 

A warm welcome: Anti-monopoly group American Economic Liberties Project cheered Bedoya’s nomination to the FTC. 

“Bedoya has spearheaded important research into surveillance and shined a light on the ways this technology is used to exploit and endanger communities of color. As a commissioner, we expect him to be an aggressive advocate against corporate concentration and monopoly,” executive director Sarah Miller said in a statement. 

FTC Chair Lina KhanLina KhanHillicon Valley — Presented by Xerox — Democrats press FTC to resolve data privacy 'crisis' Democrats ask FTC to fix data privacy 'crisis' Overnight Hillicon Valley — Scrutiny over Instagram's impact on teens MORE, another Biden nominee to the commission, congratulated Bedoya on his nomination. 

“Alvaro’s expertise on surveillance and data security and his longstanding commitment to public service would be enormously valuable to the Commission as we work to meet this moment of tremendous need and opportunity. I wish him the very best in his confirmation process,” Khan said in a statement.

Read more here.



New York Gov. Kathy HochulKathy HochulStates, cities grapple with critical school bus driver shortage Google to purchase Manhattan building for .1 billion Zeldin says he's in remission after treatment for leukemia MORE (D) called on Facebook to "clean up the act" on abortion misinformation on Monday, as part of her state’s response to Texas’s "fetal heartbeat" abortion ban. 

The new governor said at a briefing that New York is sending a letter to Facebook on Monday requesting the social media giant’s assistance in “a war against misinformation” about abortion, as well as COVID-19 vaccines.  

“I'm asking Facebook starting today to help clean up the act, help us wage a campaign of truth and not lies, with respect to what is going on in Texas and what is going on here in the state of New York because misinformation spreads like wildfire,” she said.

Read more here.


District of Columbia Attorney General Karl Racine (D) on Monday expanded the antitrust lawsuit he filed against Amazon in May, accusing the e-commerce giant of locking first-party sellers into anti-competitive agreements.

The amended complaint filed in D.C. Superior Court alleges that Amazon has required wholesalers to guarantee the company will make a minimum profit when buying and reselling goods.

“Amazon has continued to use its dominant position as an online marketplace to rig the system, leading to higher prices for consumers and less competition among online marketplaces,” Racine said. 

The initial lawsuit filed by Racine in May had focused on Amazon’s treatment of third-party sellers.

Read more here.


A new report recommends that the federal government prioritize plans to enact stronger transparency requirements and other measures for tech platforms in an effort to combat polarization on social media.

The report released Monday by the NYU Stern Center for Business and Human Rights argues that tech platforms have failed to "self-regulate sufficiently" and calls for government intervention.

The authors cite the Jan. 6 riot at the U.S. Capitol as an example of social media contributing to political polarization in a way that manifests in real-world harm.

"We’re not just talking about political polarization just in the abstract, but it has these very specific consequences which we are seeing basically eroding aspects of democracy and civil relationships among people and trust in institutions and so forth,” said Paul Barrett, the deputy director of the NYU Stern Center for Business and Human Rights and one of the authors of the report.

Read more here



The Federal Election Commission (FEC) has ruled that Twitter did not break election laws in October when it blocked users from sharing links to a New York Post story about President Biden's son, Hunter Biden, according to The New York Times.

The Times, citing a document it obtained outlining the decision, reported Monday the FEC said Twitter's actions in blocking the spread of the article were made with valid commercial reason — not a political purpose — making them legal.

It said the company “credibly explained” that stopping the spread of the article, which was based on an email retrieved from the hard drive of a laptop that was said to belong to Hunter Biden, was a commercial decision in line with existing policies that pertain to hacked materials.

Read more here.



An op-ed to chew on: How social media fuels US political polarization--what to do about it

Lighter click: The cat’s meow

Notable links from around the web:

Revolt Of The Delivery Workers (The Verge / Josh Dzieza)

Texas wanted to be the tech haven of the U.S. Its new abortion bill and other measures are causing workers to rethink their move (The Washington Post / Danielle Abril and Gerrit De Vynck)

Facebook Says Its Rules Apply to All. Company Documents Reveal a Secret Elite That’s Exempt. (The Wall Street Journal / Jeff Horwitz)


One last thing: Pump the brakes

Attorney General <span class=Merrick GarlandMerrick GarlandBipartisan senators to hold hearing on 'toxic conservatorships' amid Britney Spears controversy DOJ sues to block JetBlue-American Airlines partnership Texas sues Biden administration over guidance on transgender worker rights MORE addresses reporters at the Department of Justice in Washington, D.C., on Thursday, August 5, 2021 to announce an investigation of the City of Phoenix and the Phoenix Police Department for civil rights practices." width="645" height="363" data-delta="4" />

A group of more than 150 professors from Stanford University signed an open letter to U.S. Attorney General Merrick Garland last week asking that he get rid of the Department of Justice's (DOJ) "China Initiative" which was started by former Attorney General Jeff SessionsJefferson (Jeff) Beauregard SessionsOvernight Hillicon Valley — Apple issues security update against spyware vulnerability Stanford professors ask DOJ to stop looking for Chinese spies at universities in US Overnight Energy & Environment — Democrats detail clean electricity program MORE.

While acknowledging that it is important for the U.S. to address concerns of intellectual property theft and economic espionage, the Stanford educators wrote in their letter that the program has since "deviated significantly from its claimed mission."

The professors stated that the China initiative is "harming the United States’ research and technology competitiveness and it is fueling biases that, in turn, raise concerns about racial profiling."

They pointed out that the program disproportionately targets researchers with Chinese origins, choosing to investigate them not based on evidence, but simply for having a connection to China.

Read more here.


That’s it for today, thanks for reading. Check out The Hill’s technology and cybersecurity pages for the latest news and coverage. We’ll see you Tuesday.