Organizations need to “remain vigilant” against ransomware attacks and other cyberthreats, warned the Cybersecurity and Infrastructure Security Agency and FBI Monday. Groups and enterprises need to deploy “multi-factor authentication” for remote access and administrative accounts, and should mandate “strong passwords and ensure they are not reused across multiple accounts,” said the agencies. “Remind employees not to click on suspicious links, and conduct exercises to raise awareness,” they said. “Review and, if needed, update incident response and communication plans that list actions an organization will take if impacted by a ransomware incident.” Though CISA isn't aware of a specific threat, “we know that threat actors don’t take holidays,” said Director Jen Easterly. Cybercriminals “have historically viewed holidays as attractive times to strike,” said FBI Cyber Assistant Director Bryan Vorndran. “We urge network defenders to prepare and remain alert over the upcoming holiday weekend.”

Energous got approval from a European notified body for its 1W WattUp PowerBridge transmitter for over-the-air charging at any distance, it said Friday, following recent FCC approval (see 2110190036). This opens opportunities in Europe for battery-less IoT devices and wearables, said Sanjay Gupta, AirFuel Alliance president.

Nearly six in 10 consumers plan to shop via a mobile device this holiday season, up from 47% last year, and 43% will shop from a computer or laptop, reported Applause Thursday. Some 69% of respondents said they felt comfortable returning to stores; 45% of those plan to spend less than they did in 2020, per an October survey. Of the 91% who plan to shop online, 68% plan to spend the same or more than in 2020. Digital experiences are gaining with shoppers, with 58% using services like curbside pickup, buy online pickup in store and buy online return in store; 66% are more likely to shop a brand that offers omnichannel options. Applause cited “work to be done,” with 24% of shoppers who used curbside pickup reporting problems with finding where to park and having trouble identifying the curbside pickup option on their phone. Price remained the biggest factor for online purchases for 39%. A disruption in checkout is the top reason shoppers abandon e-commerce purchases, it said.

A bipartisan group of state attorneys general is investigating whether Meta violated consumer protection laws by promoting Instagram despite knowledge of the platform’s association with physical and mental health harms, Massachusetts Attorney General Maura Healey (D) announced Thursday. AGs from California, Florida, Kentucky, Massachusetts, Missouri, Nebraska, New Jersey, Tennessee and Vermont joined the investigation. Ohio filed a lawsuit separately (see 2111150052). The new probe targets the “techniques utilized by Meta to increase the frequency and duration of engagement by young users and the resulting harms caused by such extended engagement,” said the office for Missouri's Eric Schmitt (R). "These accusations are false and demonstrate a deep misunderstanding of the facts,” a Meta spokesperson emailed. “While challenges in protecting young people online impact the entire industry, we’ve led the industry in combating bullying and supporting people struggling with suicidal thoughts, self-injury, and eating disorders.”

Top U.S. cable and wireline telcos added about 630,000 net additional broadband subscribers in Q3, in line with Q3 growth in 2018 and 2019 and about 41% of their Q3 2020 growth during the COVID-19 pandemic, Leichtman Research Group said Wednesday. Combined, LRG said, they have about 107.9 million subscribers, about 96% of the market. Cable has about 75.2 million, with 32.7 million at wireline telcos. Cable operators added 590,000 of the 630,000 subs; telcos had about 475,000 net adds via fiber, and about 435,000 non-fiber losses.

The holiday season is also cybercrime season, reported fraud deterrence platform Arkose Labs Tuesday. “Attacks have steadily increased over 2020, becoming more frequent, launching on a larger scale, and initiating with greater sophistication,” it said. It projects that 8 million attacks will occur daily during the 2021 holiday shopping season. Fraud “has a new face” in the form of digital businesses “experiencing a massive surge of fake new accounts,” said Arkose. It detected 560 million malicious attempts on “registration flows last quarter,” four times more than at the beginning of the year, it said: “These fake accounts open the doors to downstream fraud that directly impacts the bottom line of e-commerce firms.” As more customers open digital accounts, “account takeover attempts fueled by large-scale credential stuffing soon follow,” it said. In a credential stuffing attack, cybercriminals funnel stolen user names and passwords through an automated process to try to gain access to online accounts. Arkose said it stopped 3 billion credential stuffing attacks over the past year, nearly double the rate of the previous 12 months.

Apple’s “unlawful monopolization” of the iOS apps market enabled the iPhone maker to charge and collect a “supracompetitive” 30% fee from device owners “for each and every one of the billions of iOS apps they have bought since the iPhone’s launch” 13 years ago, alleged a complaint Friday in U.S. District Court in San Francisco that seeks class-action status. “Consumers nationwide have paid hundreds of millions of dollars more for iOS apps than they would have paid in a competitive market.” Apple’s “anticompetitive scheme” generated “enormous supracompetitive profits” for the company, it said. It offers more than 2.22 million apps in the App Store, and iOS device owners “have downloaded apps more than 200 billion times since July 2008,” it said. Apple didn’t comment Monday.

Facebook misled the public on how it controls a proprietary algorithm in an effort to “boost its stock and deceive shareholders,” Ohio Attorney General Dave Yost (R) alleged in a lawsuit announced Monday. Facebook and senior executives violated federal securities laws by “purposely misleading the public about the negative effects its products have on the health and well-being of children and the steps the company has taken to protect the public,” the state argued, citing findings in September news reports and testimony from whistleblower Frances Haugen (see 2110050062). Yost filed the suit for the Ohio Public Employees Retirement System and Facebook investors. CEO Mark Zuckerberg and company executives knew they were making false statements, Yost said in the announcement, citing internal documents showing the company said: "We are not actually doing what we say we do publicly." Sen. Richard Blumenthal, D-Conn., previously called for investigation into securities fraud (see 2110260070). "This suit is without merit and we will defend ourselves vigorously," a Meta spokesperson emailed Monday.

Florida’s social media law violates the First Amendment despite the state’s common-carrier arguments, groups argued Monday in supporting the tech industry’s lawsuit (see 2109220064) in case 21-12355 in the 11th U.S. Circuit Court of Appeals. SB-7072 makes it unlawful for sites to deplatform political candidates and requires sites be transparent about policing, unless the site owns a Florida theme park. Groups filing in support of the Computer & Communications Industry Association and NetChoice included tech and telecom interests, consumer advocates, publishers and media representatives. Filers included CTA, Engine, the Information Technology & Innovation Foundation, Chamber of Progress, TechNet, American Civil Liberties Union, Center for Democracy & Technology, Reporters Committee for Freedom of the Press, Cato Institute, TechFreedom and Authors Guild. The law is “a direct threat to healthy and safe online communities by restricting and penalizing online providers’ efforts to exercise their First Amendment rights to moderate content on their private platforms,” CTA argued with 10 other groups, including ITIF, TechNet and the Progressive Policy Institute. The law would open the door to “direct content regulation,” in service of government policing bias, “on the platforms that millions of Americans now use to get their news,” publisher and news associations wrote. The First Amendment “protects the exercise of editorial discretion, including by speakers that host others’ speech,” said CDT. Slapping the label “common carrier” on something doesn’t make it a reality, said TechFreedom: “Even if it did, common carriers retain their First Amendment rights, and they have much broader discretion to refuse service than SB 7072 allows for.”

Tech companies opposed AT&T’s pursuit from the Office and Engineering Technology of a knowledge database document identifying parameters automated frequency coordination system operators must use within the propagation models required by the FCC. The 6 GHz order didn't "delegate to OET authority to adopt ex ante the AFC system parameters AT&T discusses,” said Apple, Broadcom, Cisco, Google, Hewlett Packard Enterprise, Intel, Meta Platforms, Microsoft and Qualcomm in docket 18-295: “Rather, it expressly left such implementation details to industry. AT&T’s assertion that Commission action is needed now, before the November 30, 2021 submission date for AFC system operator proposals, is doubly wrong. AFC system operator proposals do not depend on the parameters AT&T highlights. These parameters will become relevant at a later stage.”