This week we saw some recent results from recent revelations about a major hacking campaign for iOS. Brokers of Point Nar. Zero day exploitation – the kind that companies have yet to patch – began charging more for hacks for Android than for iOS the first time. And Apple finally released a statement that criticized Google's attack characteristics and downplayed the importance of targeted monitoring of at least thousands of iPhone owners.
We have looked at an error in Supermicro hardware that could allow hackers to download a USB attack in practice. Google is rolling out its privacy differential tool to help any company that breaks big data sets get less into your privacy in the process. And speaking of privacy, we detailed the 1
And although it always feels like Jack Dorsey's account has been hacked, it's worth revisiting exactly how it happened. (Twitter closed the text box at the bottom of it this week.) We also looked at the trouble of moderating Jeremy Renner's content. I bet you didn't expect to see that sentence in your life.
And there is more! Each Saturday, we round up stories of security and privacy that we have not breached or reported thoroughly, but which we think you should know. Click on the titles to read them and stay safe there.
Hackers hit US energy utilities with cyberattack
Let's not replay this: There was no eclipse and it's not even clear that this was a specifically targeted attack, But hackers exploited firewall vulnerabilities to cause periodic "blind spots" for network operators in the western United States for about 10 hours on March 5. This is the first time a cyber attack has caused this type of interference – which, again, did not affect the actual flow of electricity – at a US power company. The incident was initially reported in a report by the Department of Energy in April, but only in unclear conditions. A new North American Electricity Security Corporation document described it in more detail, including the type of vulnerabilities that allow hackers to compromise the web portals in question. You do not need to panic specifically about this incident, but given the extent to which Russia and others continue to drill the grid, it is a disturbing reminder that the weaknesses are there.
Database with over 400 million Facebook user numbers Facebook Sat Sat Exposed Online
A security researcher found a database containing 419 million or more phone numbers associated with Facebook accounts, another one in a long string of Facebook, who loses control of the sensitive data you trust. Facebook told TechCrunch that the dataset is "old", which is not particularly useful, for the obvious reason that most people don't change their phone numbers very often.
DMVs Sell Driver Data to Private Buyers
Through public records requests, the motherboard has determined that when you provide your DMV name and address, some of these agencies will sell it to private investigators. Several DMVs have said on their motherboard that they at least do not sell custom photos and social security numbers, which, thank you? But they only sell records for a penny. And all of this is somehow legal! Something else to understand the next time you are about to renew your registration.
Storage of cache name storage applications for pistol scope users
According to court documents disclosed in Forbes, federal investigators requested that Apple and Google provide information about people who downloaded the Obsidian 4 pistol range application. That's at least 10,000 on the Google Play Store alone. This is part of a broader look at potential breaches of gun export regulations, but privacy advocates have raised understandable concerns for the many thousands of completely innocent people who would be caught up in such a vast application.
Killjoy hackers have compromised XKCD forums  The beloved XKCD internet comic recently disrupted its fan forums; 560,000 usernames, email addresses and IP addresses were taken. This makes it a relatively small hack in the grand scheme of things, but still disappointing that someone has chosen this as a goal. XKCD is great, leave it alone!
More Great WIRED Stories