Security News This Week: Thousands of Gun Database Owners Leaked

- Advertisement -


your car data gold mine. Every trip you take produces a wealth of data—from your location to your use of infotainment systems—and car manufacturers are getting better at using that information. One 2019 analysis found that cars can generate up to 25 gigabytes of data per hour. As companies improve their ability to mine this data, your car could be next. national security threat. This week, the Chinese city of Beidaihe banned Tesla electric vehicles from its streets as the country’s Communist Party leaders gather in the area. One possible reason for the ban is that cars can reveal confidential details about China’s most senior figures.

- Advertisement -

Elsewhere, German mobile operators are testing “digital tokens” as a way to display personalized ads on people’s phones. Vodafone and Deutsche Telekom’s TrustPid trial generates pseudo-anonymous tokens based on people’s IP addresses and uses them to demonstrate personalized product recommendations. This move has been likened to “supercookies“, which were previously used to track people without their permission. While Vodafone denies that the system is like supercookies, privacy advocates say it’s too much. “Companies that operate communications networks should neither track their customers nor help others track them,” privacy researcher Wolfie Krystle. said WIRED.

- Advertisement -

In other stories this week, we’ve rounded up the critical June updates for Android, Chrome, Microsoft and more– You must make these updates now. We also reviewed how new ZuoRAT router malware infected at least 80 targets worldwide. And we detail how to use Microsoft Defender on all your Apple, Android and Windows devices.

But that’s not all. We’ve got a rundown of important security news from the week that we haven’t been able to cover ourselves. Click on the headings to read all stories. And stay safe there.

- Advertisement -

The California Guns Database, dubbed the “Firearms Control Panel Portal”, was intended to improve transparency around arms sales. Instead, when new data was added to it on June 27, the update turned out to be disaster. During the planned release of new information, the California Department of Justice made the spreadsheet publicly available on the Internet and disclosed more than 10 years of gun ownership information. The leaked data included the names, dates of birth, gender, race, driver’s license numbers, addresses and criminal histories of people who were granted or denied permits to hide and carry weapons between 2011 and 2021. Over 40,000 CCW permits have been released in 2021; however, the California Department of Justice stated that financial information and social security numbers were not included in the leak.

Although the table was online for less than 24 hours, the initial investigation found that the breach was on a larger scale than originally thought. In a press release released June 29The California Department of Justice said other parts of its gun databases were also “affected”. The breach could have exposed information contained in the Assault Weapons Registry, Handguns Certified for Sale, Dealer Sales Report, Firearm Safety Certificate, and Order to Limit Violence with Firearms. disclosed. In response to the data breach, the Fresno County Sheriff’s Office said it was “worse than previously expected”, and that some of the potentially affected information “came as a surprise to us”.

Indian groups of hackers for hire have been harassing lawyers and their clients around the world for the better part of a decade. A Reuters investigation showed this week. Hacker groups have used phishing attacks to gain access to sensitive legal documents on more than 35 occasions since 2013 and have targeted at least 75 US and European companies, according to the report, which is based in part on a set of 80,000 emails sent by Indian hackers. the last seven years. The investigation details how groups for hire operate and how private investigators take advantage of their ruthless nature. When Reuters released its investigation, Google’s threat intelligence team made public dozens of domains owned by alleged hack-for-hire groups in India, Russia and the United Arab Emirates.

Since 2009, the Chinese hacker group APT40 has been attacking companies, government agencies and universities around the world. According to the security firm, APT40 has hit countries including the US, UK, Germany, Cambodia, Malaysia, Norway and other countries. Mandiant. This week Financial Times the study discovered that students from Chinese universities had been tricked into working for a front company associated with APT40 and were involved in investigating its hacking targets. The newspaper identified 140 potential translators who had applied for a position at Hainan Xiandun believed to be related to APT40 and named in a U.S. Department of Justice indictment in July 2021. People who applied for jobs at Hainan Xiandun were asked to translate confidential US government documents and appear to have been “unwittingly involved in a life of espionage,” according to story.

In 2021, North Korean hackers stole about $400 million in cryptocurrency as part of the country’s efforts to circumvent international sanctions and support its nuclear weapons program. Investigators this week began linking a theft of about $100 million in cryptocurrency from the June 23 Horizon Bridge involving North Korean figures. Blockchain analysis company Elliptic He speaks found “strong indications” that the North Korean Lazarus Group may be linked to the Horizon Bridge hack, and Ellipictic is not the only group that established a connection. The attack is the latest in a series of attacks against blockchain bridges, which have become increasingly common targets in recent years. However, investigators say the ongoing cryptocurrency crash erased millions in value from the crypto heists of North Korea.


Credit: www.wired.com /

- Advertisement -

Stay on top - Get the daily news in your inbox

DMCA / Correction Notice

Recent Articles

Related Stories

Stay on top - Get the daily news in your inbox