As they say, fight with far-reaching consequences of the June decision of the Supreme Court of the United States on reverse constitutional right to abortion, WIRED explored privacy risks caused by widespread automatic license plate readers as the risks of being prosecuted for attempting an abortion are rising across the country. And the researchers emphasized end-to-end encryption digital self-protection value anywhere in the world as civil rights and law enforcement evolve.
This week Apple announced a new protection known as “Lock Mode” for iOS 16 this will allow users to use their phone in a more limited but more secure way if they are at risk of being targeted by aggressive spyware. And researchers say new encryption algorithms announced by the National Institute of Standards and Technology, which are designed to resistant to quantum computers will be difficult to test in any practical sense in the coming years.
But that’s not all. Every week we collect news that we have not disclosed or covered in detail. Click on the headings to read all stories. And take care of yourself there!
In one of the largest and most serious personal data breaches of all time, attackers hijacked the data of nearly 1 billion Chinese citizens from a Shanghai police database and attempted to extort about $200,000 from the department. The data heap contains names, phone numbers, government identification numbers, and police reports. The researchers found that the database itself was secure, but the control panel was publicly accessible from the open Internet, allowing anyone with basic technical skills to access the information without a password. The scale of the breach is massive, and this is the first such leak to hit the Chinese government, which is infamous for storing huge amounts of data not only about its citizens, but about people all over the world. China has an invaluable responsibility for US Office of Personnel Violation and the Equifax credit bureau hack, among many others around the world.
FBI Director Christopher Wray and head of British security agency MI5 Ken McCallum issued a joint warning this week that China poses, in Wray’s words, “the biggest long-term threat to our economic and national security.” The couple noted that China has been conducting extensive espionage around the world and interfering in elections and other political processes. Ray noted that if China tries to take over Taiwan, it “would be one of the worst business disruptions the world has ever seen.” McCallum said MI5 has more than doubled its focus on China since 2019 and is now doing seven times more investigations related to the Chinese Community Party than it did in 2018. China’s Threat Theory. He added that MI5 should “exorcise imaginary demons”.
Bug bounty program HackerOne, which manages vulnerability and bounty programs for companies, fired an employee this week for stealing vulnerability disclosures submitted through the platform and sending them to affected companies for personal gain bounty. HackerOne uncovered the scheme when a client company flagged a vulnerability report that looked suspiciously similar to one it received in June from another researcher. The fraudulent employee, who was new to the company, had access to the HackerOne platform from April 4 to June 23 and exposed seven vulnerabilities using stolen research. “This is a clear violation of our values, our culture, our policies, and our employment contracts,” HackerOne wrote in an incident report. “We have since fired the employee and further strengthened our defenses to avoid situations like this in the future.”
The U.S. Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation and the Treasury Department said this week in a joint alert that North Korean hackers have attacked the healthcare and public health sectors with a little-known Maui strain of ransomware. They warned that paying such ransoms could violate US sanctions. “North Korean state-sponsored cyber actors used Maui ransomware in these incidents to encrypt servers responsible for healthcare services, including electronic health record services, diagnostic services, imaging services, and intranet services,” the alert warns. “In some cases, these incidents disrupted targeted organizations in the HPH sector for extended periods of time.”
Credit: www.wired.com /