In brief
A Dutch researcher says he accessed Donald Trump's Twitter account by guessing the password was "maga2020". Victor Gevers says the account was not protected by 2-factor authentication. Not true, said the White House. No evidence, said Twitter. RTL News
The UK data protection regulator has issued guidance on dealing with subject access requests (SARs). Key issues are delays for clarification, excessive requests, and what can be included when charging a fee. ICO
The Covid Symptom Study app has apologised after users received advertisements promoting face masks from Samantha Cameron's fashion label. Huffington Post
Google has removed two extensions from the Chrome Web Store after they were caught siphoning off user data. Nano Adblocker and Nano Defender had been sold earlier this month. Firefox versions aren't affected. ZDNet
Microsoft says the forced installation of web apps was caused by a fault in its Edge browser. It says it's addressing the problem which only affected preview versions of Windows 10. TechRadar
Researchers in Israel say they can eavesdrop remotely on conversations by analysing minute vibrations on the surface of a lightbulb. Wired
Moscow has allocated some $2 million for a new tracking system that will capture unique identifiers from mobile devices in the city. Kommersant
Updates
Microsoft: Two emergency updates for Visual Studio and Windows 10
Apple: Another iOS version (14.1) is rolling out in an effort to fix the many bugs that some unlucky users have been experiencing (including one that prevented zeroes being displayed in Calculator). Unfortunately, the new version reintroduces a problem with changing default apps. There don't appear to be any security fixes in the latest release or if there are, Apple's not saying what they are.
Chrome: Important update that fixes a previously unknown vulnerability that is being actively exploited. Up-to-date version is 86.0.4240.111.
Cisco: Updates for 17 high-severity issues in Adaptive Security Appliance (ASA), Firepower Threat Defense (FTD), and Firepower Management Center (FMC)
Adobe: Another slew of updates, this time for Illustrator, Dreamweaver, Marketo, Animate, After Effects, Photoshop, Premiere Pro, Media Encoder, InDesign and Creative Cloud Desktop.
QNAP: Some versions of QTS (the operating system for its network-attached storage devices) are affected by the Zerologon vulnerability. The issues are fix in the latest version.
VMware: Fixes for six issues affecting ESXi, Workstation, Fusion, Cloud Foundation, and NSX-T products.
Oracle: Another gigantic set of updates (402 of them), including fixes for vulnerabilities that could be exploited remotely without authentication required.
WordPress: A forced security update was used to fix a vulnerability in the widely used Loginizer plugin.
Tails: Version 4.12 addresses several security issues and also updates the Tor browser.