Intel will send out an update to fix a firmware vulnerability that could give a hacker access to business computers or devices that use its Active Management Technology (AMT), Intel Standard Manageability (ISM) or Small Business Technology (SBT), said a news release Friday. Intel, which issued a security advisory about the vulnerability May 1, said it implemented and validated an update to address the issue and is working with computer makers to integrate it into their software, with the update available beginning Monday. Before then, Intel said companies using computers and devices that incorporate AMT, ISM or SBT can download a tool that will analyze a system. If the tool detects the vulnerability or can't determine if a system is at risk, administrators can follow a mitigation guide published with the advisory or they can contact customer support.

When Gmail users received a phishing email impersonating Google Docs they clicked a link in the email that led them to the attacker's application requesting access to their accounts, said Mark Risher, Google director-counter-abuse technology, in a Friday blog post about the spoofing campaign last week. "If the user authorized access to the application (through a mechanism called OAuth), it used the user's contact list to send the same message to more people." Google said it stopped the attack within an hour of detecting it Thursday, and fewer than 0.1 percent of users were affected (see 1705040025). Risher said Google protects users from such attacks via machine learning technology that can detect spam and phishing messages with a 99.9 percent accuracy; "safe browsing" warnings that alert users to dangerous links within Gmail and across more than 2 billion browsers; prevention of suspicious account sign-ins; and email attachment scans for malware. The company, he said, is updating policies and enforcement of OAuth apps and anti-spam systems and expanding monitoring of "suspicious" third-party apps that seek information from users.

Sixty-eight percent of Americans polled in April said access to the internet is a privilege, and 32 percent it's a "human right," according to an online survey of 2,000 people released Thursday by virtual private network provider AnchorFree. Of those who said the internet is a privilege, 42 percent said ISPs should provide safe and secure access; of those who said the internet is a right, 41 percent said government is responsible for secure access. "Neither government nor the private sector is taking responsibility for consumers’ online privacy," said AnchorFree CEO David Gorodyansky in a news release. "It now squarely rests on each individual." Eighty percent are more concerned about online privacy and security now than a year ago, the survey found.

Access Now, which lodged an FTC complaint last week against sex toy maker Svakom Design USA for an internet-enabled vibrator equipped with a camera that could be hacked, said in a Thursday news release the company "seriously though incompletely" responded. A spokesman for the company said in previous emails to us it stopped selling the Siime Eye device and took several actions to improve the device's security -- responses that were similar to what it sent to Access Now (see 1704260007 and 1704270005). Svakom told the group it's launching a new app and considering a full recall of the product, but Access Now said the company didn't "provide enough information about the steps they claim to be taking to evaluate their full impact on user security." It said "companies that deal directly with the most private moments of our lives should take these issues exceptionally seriously." Access Now U.S. Policy Manager Amie Stepanovich said in the release her group is glad the complaint spurred Svakom to take additional actions and hopes "other companies will think twice before bringing insecure products to market."

Google said it stopped a phishing email campaign impersonating Google Docs that was attempting to compromise Gmail users. "We've removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again," said a Wednesday tweet. In a later statement, the company said it resolved the issue about an hour after it first tweeted that it was investigating a phishing email. It said the phishing campaign "affected fewer than 0.1% of Gmail users. While contact information was accessed and used by the campaign, our investigations show that no other data was exposed."

Governments worldwide made 11,247 requests for information on 18,015 Yahoo user accounts for the second half of 2016, the company reported Thursday. Requests declined by about 1,400 from the first six months of last year. Of the 11,247 requests, the U.S. lodged 4,220 -- the most of any country -- for user data on 7,745 accounts. Of those U.S. requests, Yahoo rejected 210, didn't find data for 433 requests, disclosed contents for 900 and disclosed non-content data for 2,677. Non-content data includes: basic subscriber information such as alternate email address, name, location and IP address; login details; billing information; and metadata such as "to," "from" and "date" fields from email headers. Yahoo said it received 0-499 national security letter (NSL) requests on as many accounts. NSLs require companies to disclose information such as names, addresses and length of service of users, said Yahoo.

ICANN is seeking comment on the effectiveness of a revised procedure for handling conflicts between complying with WHOIS domain registration data requirements and global privacy laws, implemented in recent weeks (see 1704190042). ICANN said in a Wednesday news release it's seeking comment on the paper, which opens the review process on the procedure, through June 12. Input will be incorporated into a report and provided to the Generic Names Supporting Organization Council for its review, said ICANN. "Outputs from this assessment and comment process are expected to inform the next periodic review."

Facebook will hire 3,000 people over the next year to review millions of weekly reports it gets about live videos or ones posted later that show crimes, including murders, and suicides, said CEO Mark Zuckerberg in a post Wednesday. The hires to the company's global community operations team will be on top of the current 4,500 employees, he said. "These reviewers will also help us get better at removing things we don't allow on Facebook like hate speech and child exploitation," said Zuckerberg. "We'll keep working with local community groups and law enforcement who are in the best position to help someone if they need it -- either because they're about to harm themselves, or because they're in danger from someone else." The company is building better tools that make it easier for users to report problems and enable reviewers to determine violations more quickly and to report them more easily to law enforcement, he added. "Just last week, we got a report that someone on Live was considering suicide. We immediately reached out to law enforcement, and they were able to prevent him from hurting himself," he said. "In other cases, we weren't so fortunate."

Voxx is combining its vehicle security, remote start and telematics group with the advanced driver assistance systems (ADAS) unit to form the new vehicle safety, security and convenience group, said the company in a Tuesday announcement. The new unit will be headed by Joe Dentamaro, vice president-vehicle safety, security and convenience, and Shane Wilson, who headed the ADAS group, will take on the new position of assistant vice president, said the company. Dan Bisceglia was promoted to product manager and will relocate to Voxx’s Troy, Michigan, facility, which also houses OEM engineering and the product test unit. Over time, the company will expand the group to include field applications technicians and trainers, it said.

IAC/InterActiveCorp's HomeAdvisor and Angie's List will combine into a new public company called ANGI Homeservices, they announced. The deal is expected to close in 4Q subject to approvals from regulators and Angie's List stockholders, they said Monday. The brands will be maintained. Angie's List first received an unsolicited bid from IAC in November 2015 (see 1511120017).