[ad_1]
Earlier this week, T-Mobile has confirmed the data breach which affects at least 48 million people, a number that could still rise as the company continues its research. The data set contains particularly sensitive information such as social security numbers, driving license details and said as well as the unique IMEI numbers associated with each phone. Not only that, but most of the victims of the offense committed so far are not even T-Mobile customers; they are former customers or future customers who once applied for credit with the carrier. The group lawsuit has already been filed, although the arbitration clause in the T-Mobile customer agreements could be an obstacle towards the return.
We also saw worrying vulnerabilities in ThroughTek Kalay, a kit for software developers for a platform that feeds tens of millions of video-enabled internet devices. This means baby monitors, security cameras and the like. The researchers showed how attackers can use errors to watch video feeds in real time or close them with denial of service attacks. ThroughTek sent an update in 2018 that provided ways to mitigate the attack, but lacked clear instructions on how or why customers should implement it.
Google also made some changes to Workspace, the first set of cloud-based productivity software known as the G Suite, after showing how weak the 2017 Google Docs worm was against fraudulent platforms. A security researcher has proven this to be the case it is still very possible for a dedicated hacker to abuse the system.
Dozens civil rights groups are armed partly because of Apple’s controversial system that people would use IPhones to help you find material for child sexual abuse. China has long been a propaganda force and more recently he turned his attention to the BBC, attacking several lines of accusation that go against the interests of the country. We did a quick guide how to send disappearance messages in the most popular chat applications.
And there is more! Every week, WIRED didn’t cover all the security news in depth. Click on the titles to read the full story and stay safe away.
It’s been a great month for cryptocurrency theft! It was last week Poly Network, which saw a hacker escape with more than $ 610 million most of the various digital coins before finally returning. Now apparently it’s Liquid’s turn. Japan’s cryptocurrency exchange said this week that its “warm” wallets — connected to the Internet, “cold” versus non-wallets — have been put at risk in a hack that has caused $ 97 million worth of bitcoin, ethereum and other coins. they are stealing. Liquid said it took some assets to cold wallets in response, but the damage was done.
Elliot Carter manages a site called WashingtonTunnels.com, which actually fulfills its name. The “DC Underground Atlas” provides an in-depth look at the underground walkways in the U.S. capital. As you can imagine, this usually draws a steady stream of fans instead of seeing heavy traffic. That is, until a few days earlier the riots took over the US Capitol building. At the time, Carter told NBC affiliate DC he saw an increase in visitors from across the country, many of whom came “from anonymous forums, sites and forums called militias or firearms or using the name of Donald Trump.” Suspicious! Carter reported the activity to the FBI, and a few days later this happened.
The bad news is that hackers endangered the U.S. Census Bureau in January 2020, in an unavoidable and probably embarrassing way. The good news, or at least not so bad, was that those hackers didn’t get close to the actual census results. But the servers gained access thanks to a vulnerability revealed a few weeks earlier by Citrix software company, the day after the proof of the concept of exploitation of this error was published on GitHub. According to the schedule provided by the Office of the Attorney General, the Census Bureau firewall prevented the attackers from communicating with their command and control server after a couple of days, but it took the agency weeks to alleviate the full intrusion.
Apple is taking a hard line against leaks, expanding a team of researchers to minimize the leakage of corporate secrets and minimize impact. It also appears that Apple has hired at least one member of the community that deals with illegal documents and hardware, according to a new report from Motherboard. The informant said he approached Apple rather than the other way around, but eventually rejected their relationship. It’s worth reading for both Apple’s anti-leakage team and even people trying to hunt it down.
More great KABEKO stories
[ad_2]
Source link
