Earlier this week, T-Mobile confirms data breach This affects at least 48 million people, and this number is still likely to rise as the company continues to investigate.This data set contains particularly sensitive information, such as social security numbers, driver’s license details, and It is said that Even the unique IMEI number associated with each smartphone.Not only that, but So far, most of the victims of violations are not even T-Mobile customers; Instead, they are former customers or potential customers who applied for credit from the operator at some point. Although the arbitration clause in the T-Mobile customer agreement may be an obstacle to restitution, a class action lawsuit has been filed.
We also studied a worrying vulnerability in ThroughTek Kalay, a software development kit used to power tens of millions of video IoT devices. This means baby monitors, security cameras, etc.The researchers showed how Attackers can use these vulnerabilities to watch videos in real time Or use a denial of service attack to turn them off. ThroughTek released an update in 2018 that provided ways to mitigate attacks, but did not clearly state how or why customers should implement them.
After the 2017 Google Docs worm showed the platform’s vulnerability to scammers, Google also made certain changes to Workspace (the cloud-based productivity software suite formerly known as G Suite).But a security researcher has proven that it is A dedicated hacker is still very likely to abuse the system.
Dozens Civil rights groups armed Regarding Apple’s controversial system, it will partly use people’s iPhone can help find child sexual abuse materials. China has long been a propaganda power, and recently Turned his attention to the BBC, Various reports of attacks that run counter to national interests.We made a quick guide How to send disappeared messages In the most popular chat application.
there are more! Every week we collect all safety news that WIRED has not covered in depth. Click on the title to read the full story and stay safe there.
This is an important month for cryptocurrency theft!Last week was Poly Network, a hacker absconded more than $610 million Before finally returning most of the digital currency. Now it was Liquid’s turn, obviously. The Japanese cryptocurrency exchange said this week that its “warm” wallets (wallets connected to the Internet, but not “cold” wallets) were compromised in a hack, resulting in approximately $97 million worth of bitcoin, Ethereum and other coins were stolen. Liquid stated that in response, it has transferred some assets to cold wallets, but losses have been caused.
Elliot Carter runs a company called Washington Tunnel Network, Worthy of the name. The “DC Underground Atlas” details the underground passages in the U.S. capital. As you might imagine, this usually attracts a steady stream of fans instead of seeing a lot of traffic spikes.That is, until a few days ago Thugs stormed into the U.S. CapitolAround that time, Carter told NBC branches in the Washington area that he saw a surge in visitors from all over the country, many of whom came from “anonymous message boards, websites and forums named after militias or guns, or used Donald Trump Name.” Suspicious!Carter reported this activity to the FBI, and a few days later This happened.
The bad news is that hackers invaded the U.S. Census Bureau in January 2020, which is preventable and can be a bit embarrassing. The good news, or at least the not-so-bad news, is that the hackers did not get anything close to the actual census results. But because the software company Citrix disclosed a vulnerability a few weeks ago, they did gain access to the server, the day after they published a proof of concept to exploit the vulnerability on GitHub. According to the timetable provided by the Office of the Inspector General, the Census Bureau firewall prevented the attacker from communicating with its command and control server after a few days, but it took the agency several weeks to fully mitigate the intrusion.
Apple has taken the proverbial hard line Leak proof, Deploy an investigation team to minimize the leakage and impact of company secrets. According to a new report from Motherboard, they apparently also recruited at least one community member engaged in illegal Apple files and hardware transactions. The informant said that he contacted Apple, not the other way around, but in the end their relationship deteriorated. It’s worth reading to learn more about Apple’s anti-leakage team and the people they are trying to hunt down.
More exciting connected stories