Internet domain behemoth GoDaddy sent employees an email promising a Christmas bonus — that turned out to actually be a computer security test.
Some 500 staffers clicked on the Dec. 14 email from the Arizona-based company that offered a $650 holiday bonus and asked them to fill out a form with their personal information.
“Happy Holiday GoDaddy! 2020 has been a record year for GoDaddy, thanks to you!,” said the message, obtained by Phoenix TV-station KPNX.
“Though we cannot celebrate together during our annual Holiday Party, we want to show our appreciation and share a $650 one-time Holiday bonus!”
Two days later, employees got an email from GoDaddy’s security chief that read: “You are receiving this email because you failed our recent phishing test,” the Copper Courier newspaper reported.
Many social media users raked GoDaddy over the coals, calling the test tone-deaf amid the coronavirus pandemic that’s left millions of Americans financially reeling.
The company on Thursday said it apologized to people who felt the email was “insensitive,” adding it “takes the security of our platform extremely seriously.”
“We understand some employees were upset by the phishing attempt and felt it was insensitive, for which we have apologized,” a spokesman said in a statement.
In this week’s Decrypted, we’re deep-diving into two stories beyond the headlines, including why the breach at cybersecurity giant FireEye has the cybersecurity industry in shock.
THE BIG PICTURE
Google researcher finds a major iPhone security bug, now fixed
What happens when you leave one of the best security researchers alone for six months? You get one of the most devastating vulnerabilities ever found in an iPhone — a bug so damaging that it can be exploited over-the-air and requires no interaction on the user’s part.
The AWDL bug under attack using a proof-of-concept exploit developed by a Google researcher. Image Credits: Ian Beer/Google Project Zero
The vulnerability was found in Apple Wireless Direct Link (AWDL), an important part of the iPhone’s software that among other things allows users to share files and photos over Wi-Fi through Apple’s AirDrop feature.
“AWDL is enabled by default, exposing a large and complex attack surface to everyone in radio proximity,” wrote Google’s Ian Beer in a tweet, who found the vulnerability in November and disclosed it to Apple, which pushed out a fix for iPhones and Macs in January.
But exploiting the bug allowed Beer to gain access to the underlying iPhone software using Wi-Fi to gain control of a vulnerable device — including the messages, emails and photos — as well as the camera and microphone — without alerting the user. Beer said that the bug could be exploited over “hundreds of meters or more,” depending on the hardware used to carry out the attack. But the good news is that there’s no evidence that malicious hackers have actively tried to exploit the bug.
News of the bug drew immediate attention, though Apple didn’t comment. NSA’s Rob Joyce said the bug find is “quite an accomplishment,” given that most iOS bugs require chaining multiple vulnerabilities…
https://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svg00https://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svg2019-09-26 16:28:592019-09-26 16:28:59Microsoft sends another warning: Update Windows now to fix critical security issues – CNN
You may have heard the general mantra that “puns are the lowest form of comedy.” Heathens say that, because puns are great and, if I had my way, there would be a legal requirement to use at least one in every legal document this country produces. They can also be used to lighten up what would otherwise be heavy legal actions. Such is the case with In-N-Out Burger, which decided to respond to what is pretty likely trademark infringement with a pun-laden cease and desist.
We’ll start with the product that was likely infringing on In-N-Out’s trademarks, which itself involves some punnery.
The back and forth banter all started on July 12 when Seven Stills took to Instagram and posted a photo of its soon-to-be-released “barrel aged neopolitan milkshake stout.” The beverage’s logo featured In-N-Out’s famous red palm tree lining, arrow logo and the phrase “In-N-Stout Beer.”
In case you’re wondering just how clearly Seven Stills’ use of In-N-Out’s trade dress was, here is the brewery’s own Instagram post.
A post shared by Seven Stills of SF (@sevenstills) on
In case you’re somehow unaware of In-N-Out’s log and cup design, the In-N-Stout effort above is a very clear play on it:
So, yeah, despite the two companies being in different markets, this sort of use could still cause some kind of confusion and create an impression of affiliation between the two entities. If you really want to argue any of that, I suppose you can, but this is probably trademark infringement.
In-N-Out, which we have criticized in the past for some dodgy trademark behavior, deserves some credit here instead for firing off a cease and desist that certainly didn’t take itself too seriously.
After In-N-Out caught wind of the idea, its legal team crafted a cease and desist letter jam-packed with puns related to beer making.
“Based on your use of our marks, we felt obligated to hop to action in order to prevent further issues from brewing,” part of the letter read.
The C&D actually had way more puns than just those, however. Given the gentle and congenial nature of the C&D, in fact, Seven Stills made a point to post the entire thing to its Instagram account, as well as agreeing to alter its beer’s trade dress to remove In-N-Out’s branding from the can.
We count 9. Can you find them all?
A post shared by Seven Stills of SF (@sevenstills) on
If you can’t see that, it reads:
Dear Seven Sills Brewery & Distillery,
We at In-N-Out Burgers (“In-N-Out”) received multiple reports of your “In-N-Stout Beer” featured on your social media pages. The In-N-Stout Beer label features In-N-Out’s trademarks including our palm tree and arrow logos along with a substantial similarity to In-N-Out’s brand name. Based on your use of our marks, we felt obligated to hop to action in order to prevent further issues from brewing.
In case you are not already aware, In-N-Out owns multiple trademark registrations in these marks. As you may expect, we tap into a lot of effort in protecting our marks, which includes limiting their use by others.
Please understand that use of our marks by third parties ales us to the extent that this could cause confusion in the marketplace or prevent us from protecting our marks in the future. We hope you can appreciate, however, that we are attempting to clearly distill our rights by crafting an amicable approach with you, rather than barrel through this.
Accordingly, we request that you refrain from further use of In-N-Out’s marks by not selling or promoting items featuring our marks, and removing images of “In-N-Stout” and any other items featuring our marks from your website and social media pages. Please contact us as soon as possible, so this does not continue to ferment. Thank you for your time and consideration, and we look froward to resolving this in good spirits.
The lesson here isn’t that there wasn’t some other way to work this out beyond a cease and desist notice. No, the point here is that trademark issues can reach amicable ends if only companies are congenial with one another… and use as many puns as possible.
