Neema and Jorge jump into the cyber stories of the week 

Stories: 

https://threatpost.com/google-warns-of-critical-android-remote-code-execution-bug/162756/

https://arstechnica.com/tech-policy/2021/01/whatsapp-users-must-share-their-data-with-facebook-or-stop-using-the-app/

https://wccftech.com/facebook-publishes-newspaper-ads-to-criticize-apples-ios-14-privacy-updates/

Additional Notes: 

 BT issue fixed as implemented in open AOSP based projects: 

https://github.com/search?p=2&q=5d37d17af57c70d7faa459b92e5b1a758a5a8adb&type=Commits

Specifics on the BT PDU that could be abused "RegisterNotification" 

https://www.bluetooth.org/docman/handlers/DownloadDoc.ashx?doc_id=309020

LibExif CVE impacting android media framework: 

https://bugzilla.suse.com/show_bug.cgi?id=1055857

Makernote: 

https://en.wikipedia.org/wiki/Exif#MakerNote_data

LibExif Bug report: 

https://bugzilla.suse.com/show_bug.cgi?id=1055857

AppTrackingTransparency: 

https://developer.apple.com/app-store/user-privacy-and-data-use/

Facebook´s advisory on iOS 14: 

https://www.facebook.com/business/help/331612538028890?id=428636648170202