This week we looked exclusively at the chaos that unfolded on Twitter in the hours after the accounts of Elon Musk, Bill Gates and dozens more were hacked. Since then, Twitter has stepped up its internal security – but has it done enough with the election in just over a month?
The Justice Ministry continued the busy month this week, announcing the global arrests of 179 alleged dark network providers in a coordinated effort with Europol. Authorities credited the demolition of the dark Wall Street Market in May last year, leading them to the suspects. Facebook showed some muscle this week as well, dismantling disinformation networks that originate in China, the Philippines and are the most troubling of all Russian military intelligence. And a child̵
We’ve gone through the most important privacy and security features in iOS 14, including new ways to keep apps from looking at your camera or microphone. We explained why using the single sign-on features offered by Google, Facebook, and Apple may not be the safest choice. And we’ve looked at a few Chrome extensions that will reduce all those annoying trackers.
Finally, take some time to calm down and read this story about a scandal that shook the poker world. It will be worth it.
And there is more! Every Saturday, we collect security and privacy stories that we haven’t told or reported in depth, but we think you should know. Click on the titles to read them and beware there.
Windows XP’s failure to die has caused many security issues; Microsoft officially stopped providing updates to the operating system in 2014, which means that any vulnerabilities are largely unresolved on the millions of computers that still use it. The situation was exacerbated this week as Windows XP source code leaked on the Mega file sharing site, troll forum 4Chan and beyond. By combining the source code, hackers can identify potential vulnerabilities, making it easier to create malware against which Microsoft is unlikely to bother defending its zombie operating system. Some reports suggest that the source code has been circulating privately for some time, which could blunt the impact of this broader version. Still, this is not an encouraging development for anyone who hasn’t updated their computer in half a decade.
The publishing company Tribune lasted about a few months and then, cutting budgets and jobs as the pandemic devastated the already threatened newspaper industry. So employees were surprised to find an email in their inbox celebrating their new $ 10,000 bonus. The problem? There was no bonus. This was a phishing test to see who would click. Tribune officials widely condemned the move; hanging false promises of cash to people who have seen colleagues relax and may be worried about their own futures with the company is certainly one way to experience phishing scams, but there were certainly less cruel options . (Or maybe just give each Yubikey next time?)
The name Luxottica may be foreign to you, but you’ve probably heard of at least one of the brands under the umbrella of the monolith of glasses: Oakley, Ray-Ban, LensCrafters and dozens of others. Last weekend, the company suffered a cyber attack that forced it to suspend operations in Italy and China. As of Tuesday, according to a report by BleepingComputer, business has not yet returned to normal. This is simply the latest in the trend of ransomware gangs pursuing goals for “big games” that can afford millions of dollars.
Speaking of which! Russian-speaking ransomware gangs are not usually targeted at Russian business, in part because the boundaries between government funding and profit-making hacking are so blurred. But a group that researchers call OldGremlin is targeting big business there. In fact, it hits banks, manufacturing and other companies exclusively in Russia, according to security company Group-IB. OldGremlin’s methods are not particularly new; they use phishing phishing attacks to create a custom background, which they in turn use to download malware, steal administrator credentials, and then deploy appropriate ransomware. Nothing too crazy! But persecuting Russia so aggressively is certainly one way to stand out.
More great WIRED stories