67.4 F
Sunday, December 15, 2019


Home Tech

Apple Explains Mysterious iPhone 11 Location Requests


KrebsOnSecurity ran a story this week that puzzled over Apple‘s response to inquiries about a potential privacy leak in its new iPhone 11 line, in which the devices appear to intermittently seek the user’s location even when all applications and system services are individually set never to request this data. Today, Apple disclosed that this behavior is tied to the inclusion of a short-range technology that lets iPhone 11 users share files locally with other nearby phones that support this feature, and that a future version of its mobile operating system will allow users to disable it.

Apple Explains Mysterious iPhone 11 Location Requests 1

I published Tuesday’s story mainly because Apple’s initial and somewhat dismissive response — that this was expected behavior and not a bug — was at odds with its own privacy policy and with its recent commercials stating that customers should be in full control over what they share via their phones and what their phones share about them.

But in a statement provided today, Apple said the location beaconing I documented in a video was related to Ultra Wideband technology that “provides spatial awareness allowing iPhone to understand its position relative to other Ultra Wideband enabled devices (i.e. all new iPhone 11s, including the Pro and Pro Max).

Ultra-wideband (a.k.a UWB) is a radio technology that uses a very low energy level for short-range, high-bandwidth communications of a large portion of the radio spectrum without interfering with more conventional transmissions.

“So users can do things like share a file with someone using AirDrop simply by pointing at another user’s iPhone,” Apple’s statement reads. The company further explained that the location information indicator (a small, upward-facing arrow to the left of the battery icon) appears because the device periodically checks to see whether it is being used in a handful of countries for which Apple hasn’t yet received approval to deploy Ultra Wideband.

“Ultra Wideband technology is an industry standard technology and is subject to international regulatory requirements that require it to be turned off in certain locations,” the statement continues. “iOS uses Location Services to help determine if iPhone is in these prohibited locations in order to disable Ultra Wideband and comply with regulations. The management of Ultrawide Band compliance and its use of location data is done entirely on the device and Apple is not collecting user location data.”

Apple’s privacy policy says users can disable all apps and system services that query the user’s location all at once by toggling the main “Location Services” option to “off.” Alternatively, it says, users can achieve the same results by individually turning off all System Services that use location in the iPhone settings.

What prompted my initial inquiry to Apple about this on Nov. 13 was that the location services icon on the iPhone 11 would reappear every few minutes even though all of the device’s individual location services had been disabled.

“It is expected behavior that the Location Services icon appears in the status bar when Location Services is enabled,” Apple stated in their initial response. “The icon appears for system services that do not have a switch in Settings” [emphasis added].

Now we know more about at least one of those services. Apple says it plans to include the option of a dedicated toggle in System Services to disable the UWB activity in an upcoming update of its iOS operating system, although it didn’t specify when that option might be available.

The one head-scratcher remaining is that the new iPhone seems to check whether it’s in a country that allows UWB fairly frequently, even though the list of countries where this feature is not yet permitted is fairly small, and includes Argentina, Indonesia and Paraguay. A complete list of countries where iPhones can use UWB is here. The principal remaining concern may be that these periodic checks unnecessarily drain the iPhone 11’s battery.

It is never my intention to create alarm where none should exist; there are far too many real threats to security and privacy that deserve greater public attention and scrutiny from the news media. However, Apple does itself and its users no favors when it takes weeks to respond (or not, as my colleague Zack Whittaker at TechCrunch discovered) to legitimate privacy concerns, and then does so in a way that only generates more questions.

Apple Explains Mysterious iPhone 11 Location Requests 2

Tags: apple, iPhone 11, Techcrunch, Ultra Wideband, Zack Whittaker

You can skip to the end and leave a comment. Pinging is currently not allowed.

Ransomware at Colorado IT Provider Affects 100+ Dental Offices


A Colorado company that specializes in providing IT services to dental offices suffered a ransomware attack that is disrupting operations for more than 100 dentistry practices, KrebsOnSecurity has learned.

Multiple sources affected say their IT provider, Englewood, Colo. based Complete Technology Solutions (CTS), was hacked, allowing a potent strain of ransomware known as “Sodinokibi” or “rEvil” to be installed on computers at more than 100 dentistry businesses that rely on the company for a range of services — including network security, data backup and voice-over-IP phone service.

Ransomware at Colorado IT Provider Affects 100+ Dental Offices 3

Reached via phone Friday evening, CTS President Herb Miner declined to answer questions about the incident. When asked about reports of a ransomware attack on his company, Miner simply said it was not a good time and hung up.

The attack on CTS, which apparently began on Nov. 25 and is still affecting many of its clients, comes little more than two months after Sodinokibi hit Wisconsin-based dental IT provider PerCSoft, an intrusion that encrypted files for approximately 400 dental practices.

From talking to several companies hit and with third-party security firms called in to help restore systems, it seems that CTS declined to pay an initial $700,000 ransom demand for a key to unlock infected systems at all customer locations.

Thomas Terronez, CEO of Iowa-based Medix Dental, said he’s spoken with multiple practices that have been sidelined by the ransomware attack, and that some CTS clients had usable backups of their data available off-site, while others have been working with outside experts to independently negotiate and pay the ransom for their practice only.

Many of CTS’s customers took to posting about the attack on a private Facebook group for dentists, discussing steps they’ve taken or attempted to take to get their files back.

“I would recommend everyone reach out to their insurance provider,” said one dentist based in Denver. “I was told by CTS that I would have to pay the ransom to get my corrupted files back.”

“My experience has been very different,” a dental practitioner based in Las Vegas replied. “No help from my insurance. Still not working, great loss of income, patients are mad, staff even worse.”

There is one aspect of this attack has massively complicated restoration efforts, even at practices that have negotiated paying the ransom demand: Specifically, two sources said that victim several offices were left with multiple ransom notes and encrypted file extensions.

As a result, the decryption key supplied by the attackers only unlocked some of the scrambled files, requiring affected dental practices to expend further time, effort and expense to obtain all the keys needed to fully restore access to their systems.

Gary Salman is CEO of Black Talon Security, a cybersecurity firm based in New York that assisted several CTS clients in the recovery process. Salmon said he wasn’t certain why the attackers chose to operate this way, but that the most likely explanation is that the attackers stand to gain more financially from doing so.

“For one network we recovered that had 50 devices in total, they had to turn in more than 20 ransom notes to fully recover,” Salman said, adding that the attackers may just be hedging against the possibility that different affected practices could save money by sharing the same decryption key. “In the end, [the attackers] are going to walk away with a lot more money than they would have gotten had [CTS] just paid the $700,000.”

Salman said the intruders seem to have compromised a remote administration tool used by CTS to configure and troubleshoot systems at client dental offices remotely, and that this functionality did not require additional authentication on the part of the client before that connection could be established.

“What a lot of these IT services companies do is have active sessions back to every single client computer, so that so when someone from a client calls the IT provider can log right in and resolve any of these issues,” he said.

“Many IT providers will use remote administration services that require a unique [one-time code] that the client has to type in before that remote session is initiated,” Salman continued. “But other [IT providers] don’t want to do that because then it’s harder for them to manage these systems after-hours or when the user is away from their system. But ultimately, it comes down to security versus ease-of-use, and a lot of these smaller businesses tend to move toward the latter.”

Medix’s Terronez said the dental industry in general has fairly atrocious security practices, and that relatively few offices are willing to spend what’s needed to fend off sophisticated attackers. He said it’s common to see servers that haven’t been patched for over a year, backups that haven’t run for a while, Windows Defender as only point of detection, non-segmented wireless networks, and the whole staff having administrator access to the computers — sometimes all using the same or simple passwords.

“A lot of these [practices] are forced into a price point on what they’re willing to spend,” said Terronez, whose company also offers IT services to dental providers. “The most important thing for these offices is how fast can you solve their problems, and not necessarily the security stuff behind the scenes until it really matters.”

Update, Dec. 8, 1:21 p.m. ET: Added additional perspective and details gathered by Black Talon Security.Also, an earlier version of this story incorrectly stated that the ransomware attack began this past week. Multiple source now confirm that the Sodinokibi ransomware was initially deployed in the early morning hours of Monday, Nov. 25, and that many victim dental offices are still turning away patients as a result of ongoing system outages.

Ransomware at Colorado IT Provider Affects 100+ Dental Offices 4

Tags: Complete Technology Solutions ransomware, Herb Miner, Medix Dental, PerCSoft, rEvil, Sodinokibi, Thomas Terronez

You can skip to the end and leave a comment. Pinging is currently not allowed.

CISO MAG Honors KrebsOnSecurity


CISO MAG, a publication dedicated to covering issues near and dear to corporate chief information security officers everywhere, has graciously awarded this author the designation of “Cybersecurity Person of the Year” in its December 2019 issue.

CISO MAG Honors KrebsOnSecurity 5KrebsOnSecurity is grateful for the unexpected honor. But I can definitely think of quite a few people who are far more deserving of this title. In fact, if I’m eligible for any kind of recognition, perhaps “Bad News Harbinger of the Year” would be more apt.

As in years past, 2019 featured quite a few big breaches and more than a little public speaking. Almost without fail at each engagement multiple C-level folks will approach after my talk, hand me their business cards and say something like, “I hope you never have to use this, but if you do please call me first.”

I’ve taken that advice to heart, and now endeavor wherever possible to give a heads up to CISOs/CSOs about a breach before reaching out to the public relations folks. I fully realize that in many cases the person in that role will refer me to the PR department eventually or perhaps immediately.

But on balance, my experience so far is that an initial outreach to the top security person in the organization often results in that inquiry being taken far more seriously. And including this person in my initial outreach makes it much more likely that this individual ends up being on the phone when the company returns my call.

Too often, these conversations are led by the breached organization’s general counsel, which strikes me as an unnecessarily confrontational and strategically misguided approach. Especially if this is also their playbook for responding to random security researchers trying to let the company know about a dangerous security vulnerability, data breach or leak.

At least when there is a C-level security person on the phone when that call comes in I can be relatively sure I’m not going to get snowed on the technical details. While this may be a distant concern for the organization in the throes of responding to a data security incident, the truth is that the first report is usually what gets repeated in the media — whether or not it is wholly accurate or fair.

This year’s CISO MAG awards also honor the contributions of Rik Ferguson, vice president security research at Trend Micro, and Troy Hunt, an expert on web security and author of the data breach search website Have I Been Pwned? More at cisomag.com.

CISO MAG Honors KrebsOnSecurity 6


You can skip to the end and leave a comment. Pinging is currently not allowed.

Patch Tuesday, December 2019 Edition


Microsoft today released updates to plug three dozen security holes in its Windows operating system and other software. The patches include fixes for seven critical bugs — those that can be exploited by malware or miscreants to take control over a Windows system with no help from users — as well as another flaw in most versions of Windows that is already being exploited in active attacks.

Patch Tuesday, December 2019 Edition 7By nearly all accounts, the chief bugaboo this month is CVE-2019-1458, a vulnerability in a core Windows component (Win32k) that is present in Windows 7 through 10 and Windows Server 2008-2019. This bug is already being exploited in the wild, and according to Recorded Future the exploit available for it is similar to CVE-2019-0859, a Windows flaw reported in April that was found being sold in underground markets.

CVE-2019-1458 is what’s known as a “privilege escalation” flaw, meaning an attacker would need to previously have compromised the system using another vulnerability. Handy in that respect is CVE-2019-1468, a similarly widespread critical issue in the Windows font library that could be exploited just by getting the user to visit a hacked or malicious Web site.

Chris Goettl, director of security at Ivanti, called attention to a curious patch advisory Microsoft released today for CVE-2019-1489, which is yet another weakness in the Windows Remote Desktop Protocol (RDP) client, a component of Windows that lets users view and manage their system from a remote computer. What’s curious about this advisory is that it applies only to Windows XP Service Pack 3, which is no longer receiving security updates.

“The Exploitability Assessment for Latest Software Release and Older Software Release is 0, which is usually the value reserved for a vulnerability that is known to be exploited, yet the Exploited value was currently set to ‘No’ as the bulletin was released today,” Goettl said. “If you look at the Zero Day from this month (CVE-2019-1458) the EA for Older Software Release is ‘0 – Exploitation Detected.’ An odd discrepancy on top of a CVE advisory for an outdated OS. It is very likely this is being exploited in the wild.”

Microsoft didn’t release a patch for this bug on XP, and its advisory on it is about as sparse as they come. But if you’re still depending on Windows XP for remote access, you likely have bigger security concerns. Microsoft has patched many critical RDP flaws in the past year. Even the FBI last year encouraged users to disable it unless needed, citing flawed encryption mechanisms in older versions and a lack of access controls which make RDP a frequent entry point for malware and ransomware.

Speaking of no-longer-supported Microsoft operating systems, Windows 7 and Windows Server 2008 will cease receiving security updates after the next decade’s first Patch Tuesday comes to pass on January 14, 2020. While businesses and other volume-license purchasers will have the option to pay for further fixes after that point, all other Windows 7 users who want to stick with Windows will need to consider migrating to Windows 10 soon.

Windows 10 likes to install patches and sometimes feature updates all in one go and reboot your computer on its own schedule, but you don’t have to accept this default setting. Windows Central has a useful guide on how to disable or postpone automatic updates until you’re ready to install them. For all other Windows OS users, if you’d rather be alerted to new updates when they’re available so you can choose when to install them, there’s a setting for that in Windows Update. To get there, click the Windows key on your keyboard and type “windows update” into the box that pops up.

Keep in mind that while staying up-to-date on Windows patches is a good idea, it’s important to make sure you’re updating only after you’ve backed up your important data and files. A reliable backup means you’re probably not losing your mind when the odd buggy patch causes problems booting the system. So do yourself a favor and backup your files before installing any patches.

And as always, if you experience glitches or problems installing any of these patches this month, please consider leaving a comment about it below; there’s a better-than-even chance other readers have experienced the same and may even chime in here with some helpful tips.

Finally, once again there are no security updates for Adobe Flash Player this month (there is a non-security update available), but Adobe did release critical updates for Windows and macOS versions of its Acrobat and PDF Reader that fix more than 20 vulnerabilities in these products. Photoshop and ColdFusion 2018 also received security updates today. Links to advisories here.

Patch Tuesday, December 2019 Edition 8

Tags: Microsoft Patch Tuesday December 2019, Recorded Future

You can skip to the end and leave a comment. Pinging is currently not allowed.

The Great $50M African IP Address Heist


A top executive at the nonprofit entity responsible for doling out chunks of Internet addresses to businesses and other organizations in Africa has resigned his post following accusations that he secretly operated several companies which sold tens of millions of dollars worth of the increasingly scarce resource to online marketers. The allegations stemmed from a three-year investigation by a U.S.-based researcher whose findings shed light on a murky area of Internet governance that is all too often exploited by spammers and scammers alike.

The Great $50M African IP Address Heist 9

There are fewer than four billion so-called “Internet Protocol version 4” or IPv4 addresses available for use, but the vast majority of them have already been allocated. The global dearth of available IP addresses has turned them into a commodity wherein each IP can fetch between $15-$25 on the open market. This has led to boom times for those engaged in the acquisition and sale of IP address blocks, but it has likewise emboldened those who specialize in absconding with and spamming from dormant IP address blocks without permission from the rightful owners.

Perhaps the most dogged chronicler of this trend is California-based freelance researcher Ron Guilmette, who since 2016 has been tracking several large swaths of IP address blocks set aside for use by African entities that somehow found their way into the hands of Internet marketing firms based in other continents.

Over the course of his investigation, Guilmette unearthed records showing many of these IP addresses were quietly commandeered from African businesses that are no longer in existence or that were years ago acquired by other firms. Guilmette estimates the current market value of the purloined IPs he’s documented in this case exceeds USD $50 million.

In collaboration with journalists based in South Africa, Guilmette discovered tens of thousands of these wayward IP addresses that appear to have been sold off by a handful of companies founded by the policy coordinator for The African Network Information Centre (AFRINIC), one of the world’s five regional Internet registries which handles IP address allocations for Africa and the Indian Ocean region.

That individual — Ernest Byaruhanga — was only the second person hired at AFRINIC back in 2004. Byaruhanga did not respond to requests for comment. However, he abruptly resigned from his position in October 2019 shortly after news of the IP address scheme was first detailed by Jan Vermeulen, a reporter for the South African tech news publication Mybroadband.co.za who assisted Guilmette in his research.

KrebsOnSecurity sought comment from AFRINIC’s new CEO Eddy Kayihura, who said the organization was aware of the allegations and is currently conducting an investigation into the matter.

“Since the investigation is ongoing, you will understand that we prefer to complete it before we make a public statement,” Kayihura said. “Mr. Byauhanga’s resignation letter did not mention specific reasons, though no one would be blamed to think the two events are related.”

Guilmette said the first clue he found suggesting someone at AFRINIC may have been involved came after he located records suggesting that official AFRINIC documents had been altered to change the ownership of IP address blocks once assigned to Infoplan (now Network and Information Technology Ltd), a South African company that was folded into the State IT Agency in 1998.

“This guy was shoveling IP addresses out the backdoor and selling them on the streets,” said Guilmette, who’s been posting evidence of his findings for years to public discussion lists on Internet governance. “To say that he had an evident conflict of interest would be a gross understatement.”

For example, documents obtained from the government of Uganda by Guilmette and others show Byaruhanga registered a private company called ipv4leasing after joining AFRINIC. Historic WHOIS records from domaintools.com [a former advertiser on this site] indicate Byaruhanga was the registrant of two domain names tied to this company — ipv4leasing.org and .net — back in 2013.

Guilmette and his journalist contacts in South Africa uncovered many instances of other companies tied to Byaruhanga and his immediate family members that appear to have been secretly selling AFRINIC IP address blocks to just about anyone willing to pay the asking price. But the activities of ipv4leasing are worth a closer look because they demonstrate how this type of shadowy commerce is critical to operations of spammers and scammers, who are constantly sullying swaths of IP addresses and seeking new ones to keep their operations afloat.

Historic AFRINIC record lookups show ipv4leasing.org tied to at least six sizable blocks of IP addresses that once belonged to a now defunct company from Cameroon called ITC that also did business as “Afriq*Access.”

In 2013, Anti-spam group Spamhaus.org began tracking floods of junk email originating from this block of IPs that once belonged to Afriq*Access. Spamhaus says it ultimately traced the domains advertised in those spam emails back to Adconion Direct, a U.S. based email marketing company that employs several executives who are now facing federal criminal charges for allegedly paying others to hijack large ranges of IP addresses used in wide-ranging spam campaigns.

The Great $50M African IP Address Heist 10

Anyone interested in a deeper dive on Guilmette’s years-long investigation — including the various IP address blocks in question — should check out MyBroadband’s detailed Dec. 4 story, How Internet Resources Worth R800 Million (USD $54M) Were Stolen and Sold on the Black Market.

The Great $50M African IP Address Heist 11

Tags: Adconion Direct, AFRINIC, Afriq*Access, Eddy Kayihura, Infoplan, ipv4leasing, ITC, Jan Vermeulen, Mybroadband.co.za, Ron Guilmette, The African Network Information Centre

You can skip to the end and leave a comment. Pinging is currently not allowed.


Cable Girls – Picture: Netflix

Cable Girls is returning for a fifth and final season in 2020. Looking for the latest on Cable Girls (or as it’s known in Spain, Las chicas del cable) season 5 including when it’ll release, what to expect and more? Let’s fill you in.

The series is set to come to an end for its fifth season. Cable Girls has been on Netflix since 2017 and was one of the first full Netflix Originals from the region.

The period drama (which has since been joined by High Seas) is about a group of girls living in Madrid in the early 20th century. It features them in their place of work which is a switchboard in a telecommunications company.

The most recent season, season 4, joined Netflix in August 2019.

What to expect from Cabe Girls season 5

At the end of season 4, the date was September 1931 roughly a year after the explosion and the new regime being installed. Thanks to Dize Minutos, we know that season 5 fast forwards several years and takes place between 1936 and 1939.

Thanks to a press release we know roughly what we can expect story-wise going into season 5.

In this last season and after the tragic and painful death of Angels, one of the hardest episodes in their lives, the girls take very different paths towards what seemed like a promising future. The Spain they knew is divided into two sides, and after years of struggle and progress towards equality, freedom is being lost in a Civil War that will change their destiny, as well as those of their families and those of the new characters that will appear to turn everything upside down. The rights obtained in the democratic period will disappear, women will be expelled from the labour market, and all the girls will find themselves against the ropes.

Despite the difficulties, their lives are destined to intersect and they will have to remain together to face whatever comes ahead. One thing is clear: their friendship will always be above anything else. In a divided society, “Either all or none” will be the motto that will guide their fight for their lost freedom, and that will prove that the most important thing is to have your friends close, because this group of friends would give even their lives to save each other.

Cast members returning for season 5 of Cable Girls

Thanks to Diez Minutos we know of quite a few of the cast members returning.

Returning members include Lidia Aguilar, Ana Fernández, Nadia de Santiago and Ana Polvorosa.

Maggie Civantos will not return in any form for season 5.

When will season 5 of Cable Girls be on Netflix?

Season 5 is set to be the last season as we now know. However, Netflix is set to split the season into two halves.

It’s been confirmed that season 5 of Cable Girls is set to release on Netflix in February 2020. To be precise the first half of season 5 will release on February 14th on Netflix around the world.

Season 5 part 2 will also air at some point in 2020 although an official release date has yet to be announced.

Are you looking forward to the final of Cable Girls on Netflix? Let us know in the comments.

Sex Education


Sex Education 13

Sex Education is returning to Netflix for its second season and is set to arrive on Netflix globally in January 2020. Here’s everything you need to know about season 2 of Sex Education including its release date, cast list, plot lines and more.

Sex Education is a Netflix Original comedy-drama created by Laurie Nunn. Upon release Sex Education has been highlighted already as one of the best shows of 2019, not to mention considered to be one of the best Original Series Netflix has produced.

Through its charm, wit and awkward sexual humor Sex Education found its place in the hearts of many subscribers. It wasn’t long before Netflix announced the series had been renewed, much to the delight of fans everywhere.

In rural Britain, awkward teenager Otis is a social outcast at school along with his gay friend Eric. Social-standing aside, his life is already made awkward by his inappropriate sex therapist mother Jean. A virgin to boot it’s highly ironic that ‘Bad Girl’ Maeve enlists his help in setting up a much needed sexual health therapy for their school.

Season 1 was released on Netflix back in January 2019 and got its season 2 renewal in February 2019.

What to expect from Sex Education Season 2?

There’s plenty for the writers to work with for Sex Education season 2, as many plot threads were left open there’s a lot to discuss.

Jim Howick who plays Mr. Hendricks has revealed in an interview that “there’s quite a few shocks, quite a few twists and it’s still as sharp and sensitive and woke as ever.”

What to expect from Otis in season 2 of Sex Education

First of all, Otis finally found himself a girlfriend in Ola. In the finale Otis even has his first kiss which led to him getting aroused and masturbating for the first time. The next season will explore Otis’ new relationship and explore his new found sexuality further. As Ola is the first girlfriend Otis has had we can expect some hilariously awkward moments.

With the success of Otis’ and Maeve sexual therapy, Otis may found himself with more attention from the ladies. Maybe he’ll actually practice what he preaches with Ola. Regardless Otis takes a lot of pride in helping his fellow students. The more Otis may learn about himself sexually, the better equipped he’ll be during therapy.

Sex Education 14

Sex Education Key Art

What to expect from Maeve in season 2 of Sex Education

Maeve will find herself in a very lonely place. Witnessing Otis and Ola’s kiss just as she was about to admit her feelings to him, visibly upset the young girl. Walking away, Maeve will have to come to terms with the fact that Otis now has a girlfriend. She can’t avoid Otis though thanks to their sexual education business the pair are running in the school. Feeling lonely Maeve may seek out someone to comfort her but they may just lead to more hardship for her.

Plenty of fans want Maeve and Otis together but that would mean he would have to break up with Ola!

Sex Education 15

Emma Mackey as Maeve Wiley – Netflix

What to expect from Eric in Sex Education season 2

To Eric’s surprise, the school bully Adam and he had a very passionate encounter while in detention. Sadly for Eric, Adam is forced to move away to military school, so just as Eric may have found himself a potential partner it has been snatched away from him. On a brighter note, Eric had finally stuck up for himself while he and Adam had a heated confrontation. While Eric may be sad and confused by Adam’s emergence as Bi-sexual, Eric can add this to his confidence and potentially found himself a boyfriend in the next season.

Sex Education 16

Ncuti Gatwa as Eric Effoing – Netflix

What to expect from Lily in Sex Education season 2

She just wants that alien D, oh and to lose her virginity.

Sex Education 17

Tanya Reynolds as Lily Iglehart – Netflix

Who’s in the cast for Sex Education Season 2?

Most of the core cast is expected to return for the second season:

Role Actor Where have I seen/heard them before?
Otis Milburn Asa Butterfield Hugo, Ender’s Game, The Boy in the Striped Pajamas
Maeve Wiley Emma Mackey Badger_Lane
Eric Effoing Ncuti Gatwa Stonemouth, Bob Servant
Jean Milburn Gillian Anderson The X-Files, The Fall, The Last King of Scotland
Adam Groff Connor Swindells VS., The Vanishing, Harlots
Ola Nyman Patricia Allison Les Miserables, Moving On
Jackson Marchetti Kedar Williams-Stirling Shank, Wolfblood, Montana
Aimee Gibbs Aimee Lou Wood N/A
Mr. Groff Alistair Petrie Rogue One, The Bank Job, Victor Frankenstein
Lily Iglehart Tanya Reynolds Delicious, Death in Paradise, Outlander

There is currently no further casting news for Sex Education season 2.

Sex Education 18

First, look at Otis and Eric in the second season of Sex Education – Copyright. Netflix

Online Reaction to Sex Education season 1

The comedy-drama resonated exponentially with subscribers all over the world. It was reported that within the first month of Sex Education‘s release the series was on course to exceed 40 million viewers. Here’s how some fans have reacted to the show receiving a second season.

Sex Education Season 2 Production Status

Official Production Status: Post-Production (Last updated: October 2019)

Filming for Sex Education season 2 wrapped up in September! This was confirmed on the official Netflix UK twitter account with all the cast members taking one big selfie:

Filming wasn’t expected to take too long on the series as there were only eight episodes to film.

Sex Education 19

The pink and blonde are gone!? Also, why are these two in trouble in season 2?… Copyright. Netflix

Sex Education Season 2 Episode Count and Run Times

Like the first season, season 2 will also have 8 episodes. All of the episodes for season 2 will be available to stream on the day of release.

Each episode will have an estimated run time of 45 minutes. That’s six more hilarious hours of cringe-inducing and awkward sexual humor to be enjoyed.

Sex Education 20

What sexual antics will Ola be getting up to this season? – Copyright. Netflix

Sex Education Season 2 Release Date

We’ve known for a while that Netflix would plan to release season 2 of Sex Education in early 2020 but on November 25th, Netflix announced (first via the French Netflix social account) that season 2 of Sex Education would be on Netflix on January 17th, 2020.

Has Netflix released a trailer for Sex Education?

The only trailer we have for season 2 of Sex Education on Netflix is the renewal announcement which clocks in at just under a minute long.

Are you excited for the second season of Sex Education? Let us know in the comments below!


Anne with an E – CBC / Netflix

Anne with an E is returning to Netflix for a third season and if you’re looking for what you can expect from season 3, when it’ll be on Netflix and more, you’ve come to the right place. Here’s what we know about season 3 of Anne with an E.

Just in case you haven’t been keeping up with the show, here’s a little recap so far. Anne with an E is a period drama show based on the early 1900s novel called Anne of Green Gables. The show is known on Netflix as Anne with an E but has also been simply referred to as Anne too. The show is loosely based on the novels while also taking its own initiative to modernize the story and adapt it for a new generation.

Reviews for the first two seasons have been relatively mixed with some wishing it’d have stuck to the books more closely while others have praised some of the directions the show has taken.

It’s important to note that Anne with an E isn’t quite a full Netflix Original. Instead, Netflix owns the international distribution rights to the show.

The third season was announced in August 2018 before CBC had aired season 3 but slightly after Netflix had dropped it onto the streaming service.


Anne with an E renewed for season 3

When will season 2 of Anne with an E be on Netflix Canada?

If you reside in Canada, you’ve been waiting for the latest season of Anne with an E for quite some time. The first season dropped onto Netflix Canada back in January 2018 and we’re not expecting season 2 to drop until closer to the time season 3 begins airing.

What to expect from season 3 of Anne with an E

*Caution: spoilers for the book and series below*

The series has been following the books relatively well thus far. We’re getting towards the end of the first book however with the third season.

This season, Anne will be turning 16 years old so Anne will be slowly becoming a woman dealing with all that doing so entails such as relationships and new discoveries. In addition, Anne is looking to learn more about her birth parents this season too.


Anne with an E season 2 – Netflix

The series will also introduce its first “Indigenous storyline” and characters (as we’ll come onto in a bit) with the town of Green Gables interacting with a camp of the Mi’kmaq nation.

In the original announcement of the third season, it was said that “Season three of the series will introduce characters and stories that will tackle issues including identity, feminism, bullying and gender parity. ”

Some have predicted a big death upcoming in season 3 with Ruby potentially facing a tragic end. Many adaptations in the past have left out some of the more gruesome deaths from their adaptations.

Who’s returning for season 3 of Anne with an E?

Much of the main cast has been confirmed to be returning for the third season. These include Amybeth McNulty, Geraldine James, R. H. Thomson, Dalila Bela, Corrine Koslo, Lucas Jade Zumann, Aymeric Jett Montaz, Dalmar Abuzeid, Cara Ricketts, Joanna Douglas, Kyla Matthews, Cory Grüter-Andrew, and Miranda McKeon. Directors Norma Bailey, Paul Fox, Amanda Tapping, and Anne Wheeler.

The major casting announcements so far have been Kiawenti:io Tarbell joining the cast and also Brandon Oakes has also been confirmed to join this season too.


Kiawenti:io Tarbell & Brandon Oakes cast

Thanks to some IMDb updates, we also know some other cast and crew that are either debuting or returning.

The two composers of the show, Ari Posner and Amin Bhatia are returning for season 3. Jane Maggs is confirmed to be returning as a writer and producer.

Where is Anne with an E season 3 in production?

Current production status: Finished (last updated: September 2019)

Principal photography which refers to the bulk of the shooting of the show began back in March 2019. That’s also when the new cast members (see below) were announced too.

On March 4th, Moira Walley-Beckett revealed the first draft of episode 301.


Anne with an E season 3 episode 1 script – Moira Walley-Beckett / Instagram

In March on International Women’s Day, Moria Walley-Beckett took to Instagram to celebrate the day with her all-female production team working on season 3. On Instagram, Moira captioned the picture with: “Proud to be working side by side with my all-female production team for Anne with an E!”


Anne with an E writers – Moira Walley-Beckett / Instagram

The most recent update came in the middle of May 2019 when Moria shared that it’s good to be back filming after a couple of weeks break sharing a picture on the set of the new season.


Moira Walley-Beckett / Instagram

When will season 3 of Anne with an E be on Netflix?

Although there’s been nothing official, it is expected that season 3 will be releasing in the final three months of 2019.

The series is set to air in Canada on September 22nd, 2019 and run, as we mentioned above, for 10 episodes. That means the series is due to wrap in late November. We did initially expect the series to either arrive on Netflix in either November or December. In September 2019, however, Netflix revealed that the new series would be coming to Netflix on January 3rd, 2019.

Previous seasons have dropped on Netflix before its CBC airdate although the title remains absent from the September 2019 releases list meaning we’re expecting it to come after its initial run through.

On Netflix itself, it doesn’t give anything away from other than that season 3 is confirmed and is on the way.


Other Anne with an E News

Here are some other bits of news that are related to the show:

  • The show was nominated for a GLAAD award in late March for “Outstanding Kids & Family Programming”
  • Promotion for the third season can be found for the show on bus stops throughout Canada.

There you have it, that’s what we know about season 3 of Anne with an E so far. If you fancy some more reading, go and check out our interview with the composers of the show which we conducted back in 2017.

Also, check out the show’s main stars Amybeth react to some fan animations of some scenes from season 2.


6 Underground – Copyright. Skydance Media, Bay Films and Maximum Effort

Michael Bay and Ryan Reynolds are teaming up for the blockbuster movie, 6 Underground, coming to Netflix by the end of 2019. Here’s everything you need to know about the movie including who’s starring, what it’s about and all the details from set.

6 Underground is one of two massive movies has lined up for the Christmas period this year. It will release around the same time as Netflix’s The Irishman by Martin Scorcese although this particular title has a budget much bigger. It’s aiming to replicate the success of Bright from a couple of years ago in terms of budget and audience.

What’s the movie 6 Underground about?

The movie is an action thriller that is about six billionaires forming an elite vigilante squad after they fake their deaths.

Think of it a bit like The Italian Job mixed with Bad Boys and The Fast and Furious.

Netflix only has one tag for the movie so far and that’s “exciting”.

The movie was first announced in May 2018 and began filming soon after. It comes from the same studio that produced Altered Carbon and Grace and Frankie for Netflix.

Who’s directing 6 Underground for Netflix?

The king of explosions takes the reign of 6 Underground and we’re of course referring to Michael Bay. The sometimes controversial director has an impressive back library with the Transformers library being the obvious go-to but also has had a hand in titles like Bad Boys, Armageddon, and The Purge.


Michael Bay

Who’s starring in 6 Underground on Netflix?

The main star of the movie is undoubtedly Ryan Reynolds. Netflix is reportedly paying the star $27 million for his appearance in this title which makes him one of the highest-paid actors in 2019.

Ryan Reynolds also shared one of the best behind the scenes videos ever. In his true Ryan Reynolds whit, he was talking about how peaceful Italy is while chaos ensues in the background.

Among the other cast members for 6 Underground include:

  • Adria Arjona (Pacific Rift, Good Omens)
  • Mélanie Laurent (Inglorious Basterds, Now You See Me)
  • Ben Hardy (Bohemian Rhapsody, Eastenders)
  • Dave Franco (Neighbors, Now You See Me)
  • Sebastian Roché (The Man In The High Castle, The Young Pope)
  • Corey Hawkins (Straight Outta Compton, BlacKkKlansman)

Picture from on the set of 6 Underground

None of the roles of the characters have been revealed yet but all of the names featured above will likely be the six billionaires.

We’ve also had some on-set photos with some of the cast members:

Where was Six Underground filmed?

Filming took place in three different countries with those being the United States specifically California. Lots of filming took place in Italy with Rome, Puglia, and Tuscany all listed as filming locations. Finally, some of the filming took place in the United Arab Emirates.

The filming for Six Underground actually wrapped up in December 2018. That means Netflix has been specifically lining this movie up for the winter of 2019 for quite some time.

You can see some of the fast-paced car scenes taking place in Florence, Italy. The filming looks to have taken place in Italy throughout the last few months of 2018.

Thanks to the production being on the streets of Itlay there are literally hundreds of snaps available on social media that people managed to snap during the filming in 2018.

When will 6 Underground be on Netflix?

6 Underground is now scheduled to arrive on Netflix worldwide on December 13th, 2019.

If the worldwide wasn’t a hint, then we’ll say it flatly that 6 Underground is going to be available to all regions with Netflix.

Everything else we know about 6 Underground

  • It’s been shot in 4K so expect the explosions and car sequences to be extra crisp
  • It is Michael Bay’s first movie for any streaming service
  • The movie had a giant budget of $150 million making it the most expensive in Netflix’s history. Its previous records were with The Irishman ($120M) and Bright ($90-$100M)

Are you looking forward to the release of 6 Underground? Let us know in the comments below!


Here’s the release schedule for Netflix Originals for the next few months.

  • December 13th, 2019

  • 6 Undergroundon Netflix
    6 Underground

    Type: Movie

    Meet a new kind of action hero. Six untraceable agents, totally off the grid. They’ve buried their pasts so they can change the future.

    Watch Trailer Read Preview

  • December 20th, 2019

  • The Two Popeson Netflix
    The Two Popes

    Type: Movie

    Behind Vatican walls, the traditionalist Pope Benedict and the reformist future Pope Francis must find common ground to forge a new path for the Catholic Church.

  • December 24th, 2019

  • Lost in Spaceon Netflix
    Lost in Space (Season 2)

    Type: TV Series

    The Robinson family was going into space to fight for a chance for humanity. Now they are fighting to live long enough to find a way home.

  • Carole & Tuesdayon Netflix
    Carole & Tuesday (Part 2)

    Type: TV Series

    The anime music series.

  • December 26th, 2019

  • Youon Netflix
    You (Season 2)

    Type: TV Series

    A clever bookstore manager relies on his savvy Internet know-how to make the woman of his dreams fall in love with him.

  • December 30th, 2019

  • Alexa & Katieon Netflix
    Alexa & Katie (Season 3 – Part 1)

    Type: TV Series

    Alexa is very attentive to her customer’s requests, but soon realizes that prostitution has limited long term career potential. She meets Tony, a scriptwriter who is writing a piece on …

  • January 3rd, 2020

  • Anne with an Eon Netflix
    Anne with an E (Season 3)

    Type: TV Series

    A coming-of-age story about an outsider who, against all odds and numerous challenges, fights for love and acceptance and for her place in the world.

    Read Preview

  • January 10th, 2020

  • AJ and the Queenon Netflix
    AJ and the Queen (Season 1)

    Type: TV Series

    Ruby Red, a down-on-her-luck drag queen traveling across America, develops an unlikely sidekick named AJ.

  • January 17th, 2020

  • Sex Educationon Netflix
    Sex Education (Season 2)

    Type: TV Series

    A teenage boy with a sex therapist mother teams up with a high school classmate to set up an underground sex therapy clinic at school.

    Read Preview

  • January 24th, 2020

  • Chilling Adventures of Sabrinaon Netflix
    Chilling Adventures of Sabrina (Part 3)

    Type: TV Series

    As her 16th birthday nears, Sabrina must choose between the witch world of her family and the human world of her friends. Based on the Archie comic.

  • January 31st, 2020

  • Bojack Horsemanon Netflix
    Bojack Horseman (Season 6 – Part 2)

    Type: TV Series

    BoJack Horseman was the star of the hit television show “Horsin’ Around” in the ’80s and ’90s, now he’s washed up, living in Hollywood, complaining about everything, and wearing colorful sweaters.

  • February 12th, 2020

  • To All the Boys: P.S. I Still Love Youon Netflix
    To All the Boys: P.S. I Still Love You

    Type: Movie

    Sequel to the 2018 smash hit To All the Boys I’ve Loved Before

  • February 14th, 2020

  • Cable Girlson Netflix
    Cable Girls (Season 5 – Part 1)

    Type: TV Series

    The first half of the Spanish period drama.

    Read Preview

  • April 3rd, 2020

  • Money Heiston Netflix
    Money Heist (Part 4)

    Type: TV Series

    A group of unique robbers assault the Factory of Moneda and Timbre to carry out the most perfect robbery in the history of Spain and take home 2.4 billion euros.

  • Follow threeblocksaway | styleandeasy