For months, pirates It targeted Iran’s public infrastructure, hitting everything from trains to gas stations to airlines. It appears to be an escalation in long-running tensions with Israel – which shows how cyber-attacks can have an impact in the real world. In this case, these repercussions are particularly troubling because they are primarily felt by civilians.
In other regional news, spyware from the Israel-based NSO Group was reported to have been found on the phones of nearly a dozen US State Department officials. The victims were either living in Uganda or working on cases related to the country. The incident reveals how weak NSO Group’s justifications for its flagship surveillance product are, although it remains unclear whether anything will curb the near-continuous abuses carried out by authoritarian governments.
Security researchers think they’ve found a better way to spot state-sponsored trolls on Reddit. Malicious apps designed to steal banking information infiltrated the Google Play Store and were downloaded more than 30,000 times before launching. A flaw in the cryptocurrency service MonoX Finance led to hackers getting away with stealing $31 million.
Facebook will require the most vulnerable users to put in two-factor authentication on their accounts. As Android 12 spreads to more devices, we took a look at the privacy settings that you should check right now. And so-called watering hole attacks became more common; We talked through what they are and why they are so insidious.
Finally, all apologies to sport shoesAnd pirates, And War games, but the matrix It is the best pirate movie ever.
And there’s more! Each week we round up all the security news that WIRED hasn’t covered in depth. Click on the titles to read the full stories.
Between October 7 and October 19, a hacker gained access to the network of Planned Parenthood’s Los Angeles website and stole data on 400,000 patients. The organization revealed to victims that the information included not only their name, address and other identifying information, but also details about their procedures and prescriptions. While the news comes the same week the US Supreme Court heard oral arguments in a case involving the controversial Mississippi abortion law, the hack itself appears to have been related to ransomware rather than politically motivated.
We’ve written before about the shortcomings of so-called predictive policing, in which law enforcement uses data to guess where crimes will occur and who will commit them and allocates resources accordingly. This week, a new report from Markup and Gizmodo shows that these systems disproportionately affect black and Latino neighborhoods. It’s a damn deep dive that’s worth your time.
Tor is an invaluable anonymity tool that relies on thousands of proxy servers to route encrypted traffic through them. Despite this, it turns out that a high-end actor was running hundreds of these servers in bad faith. Upon close observation, a researcher suspects that they are trying to gather information about people using the Tor network. The Tor Project removed malicious servers from the network as reported, but at one point the threat actor ran up to 900 simultaneously.
Earlier this year, router manufacturer Ubiquiti suffered a hack that a whistleblower apparently attributed to outside hackers. Now, the indictment from the Department of Justice alleges that the incident was in fact an inside job, and that the whistleblower was in fact the abuser all along. If the allegations hold up, this is an incredibly rude series of actions, and well worth taking a few minutes to inspect.
More great wired stories