[ad_1]
This week, WIRED reported a worrying phenomenon real warships with a false location some cunning strangers. In recent months, dozens of boats have appeared crossing the disputed waters when they were hundreds of miles away. The misinformation came in the form of simulated AIS tracking data, which appears on aggregation sites like MarineTraffic and AISHub. It’s not clear who is responsible, or exactly how they come out, but in the Crimea and other places the game is close to dangerous ashtrays.
As we discuss, this week the partner researchers released a tool into the world that crawls all websites for hanging fruit weakness – think SQL injections and cross-site scripts – and the results are not only public, but searches. This is the second iteration of the system, known as Punkspider; the first was closed after numerous complaints to the host provider. This time a lot of the same criticism remains, leaving Punkspider’s long-term fate uncertain.
Apple announces itself the most important privacy-friendly technology company it is there, and it has done so a lot to protect that reputation. But this week we took a look a major step in consumer privacy where the company makes no decisions: Implement global privacy controls that allow Safari and iOS users to stop most tracking automatically.
Our colleagues in the UK also spoke Cam girl with coconut kitty everyone who has been using digital effects to make themselves on-stream younger. In many ways, this could be the future of adult content, which can only have consequences that Fans Only can have beyond this account.
And there is more. Every week, WIRED didn’t cover all the security news in depth. Click on the titles to read the full story and stay safe away.
The joint advisory agency of the US, UK and Australian law enforcement agencies this week assessed the 30 most exploited vulnerabilities. Perhaps not surprisingly, the list includes the predominance of errors that were made public a few years ago; everyone on the list has a patch available for anyone who wants to install it. But like us written about over and over again, a lot companies are slow to push for updates for all sorts of reasons, the ability to account for resources, knowledge, or the ability to frequently reduce the time required to refresh software. Given how many of these vulnerabilities can affect remote code execution — you don’t want that — hopefully patches will start to become more of a priority.
An app called Doxcy introduced itself as a dice-throwing game, but in fact it gave anyone who downloaded it access to Netflix, Amazon Prime and more content after entering a passcode in the search bar. Apple downloaded the app from the App Store After asking Gizmodo, but you probably shouldn’t install it; it was full of ads and they probably mishandled your data. Ultimately, you better pay for the subscription.
In early July, the Iranian train system suffered a cyber-attack that looked like an elaborate troll; the hackers posted messages on the screens suggesting that travelers be called upon to call Khamenei to the office of Supreme Leader. Although a more in-depth study by security company SentinelOne shows that the malware was a washing machine designed to destroy data rather than just hijack it. The malware, which researchers call Meteor, appears to be due to a new threat actor, lacking some smoothness. Luckily for the one who decides to make the next one.
Last week, Amnesty International and more than a dozen other organizations published a report on how authoritarian governments abused NSO Group spies to spy on journalists and political rivals. Shortly afterwards, the Israeli government visited the offices of surveillance vendors in that country. The NSO Group has repeatedly denied the Amnesty Movement report, but domestic pressure seems to have warmed up after names such as French President Emmanuel Macron appeared on lists of some spyware targets.
Friday’s Justice Department reported Cozy Bear, the hackers behind it SolarWinds hack and other sophisticated espionage campaigns were also included in at least one email account last year in 27 U.S. offices. Eighty percent of the email accounts used at the U.S. Law Offices in New York were put at risk. The campaign probably gave them access to all sorts of sensitive information, which the Russian government is sure to use responsibly.
More great KABEKO stories
[ad_2]
Source link
