It's been nearly two years since Russia's invasion of Ukraine, and as the grim milestone looms and winter drags on, the two nations are locked in a grueling standoff.
If you made some New Year's resolutions related to digital security, check out our rundown of the most significant software updates to install right now, including fixes from Google for nearly 100 Android bugs.
If you're just not quite ready to say goodbye to 2023, take a look back at WIRED's highlights of the most dangerous people on the internet last year and the worst hacks that upended digital security.
23andMe said at the beginning of October that attackers had infiltrated some of its users' accounts and abused this access to scrape personal data from a larger subset of users through the company's opt-in social sharing service known as DNA Relatives.
By December, the company disclosed that the number of compromised accounts was roughly 14,000 and admitted that personal data from 6.9 million DNA Relatives users had been impacted.
Russia's war-and cyberwar-in Ukraine has for years produced novel hybrids of hacking and physical attacks.
Here's another: Ukrainian officials this week said that they had blocked multiple Ukrainian civilians' security cameras that had been hacked by the Russian military and used to target recent missile strikes on the capital of Kyiv.
Ukraine's SBU security service says the Russian hackers went so far as to redirect the cameras and stream their footage to YouTube.
According to the SBU, that footage then likely aided Russia's targeting in its bombardment on Tuesday of Kyiv, as well as the Eastern Ukrainian city of Kharkiv, with more than a hundred drones and missiles that killed five Ukrainians and injured well over a hundred.
In total, since the start of Russia's full-scale invasion of Ukraine in February 2022, the SBU says it's blocked about 10,000 security cameras to prevent them from being hijacked by Russian forces.
Last month, a Russian cyberattack hit the telecom firm Kyivstar, crippling phone service for millions of people across Ukraine and silencing air raid warnings amid missile strikes in one of the most impactful hacking incidents since Russia's full-scale invasion began.
Vitiuk added that the SBU believes the attack was carried out by Russia's notorious Sandworm hacking group, responsible for most of the high-impact cyberattacks against Ukraine over the last decade, including the NotPetya worm that spread from Ukraine to the rest of the world to cause $10 billion in total damage.
Vitiuk claims that Sandworm attempted to penetrate a Ukrainian telecom a year earlier but the attack was detected and foiled.
According to a description of the project Telus posted online, the data collected from the videos would include eyelid shape and skin tone.
In a statement to 404, Google said that the videos would be used in the company's experiments in using video clips as age verification and that the videos would not be collected or stored by Telus but rather by Google-which doesn't quite reduce the creep factor.
The experiment represents a slightly unnerving example of how companies like Google may not simply harvest data online to hone AI but may, in some cases, even directly pay users-or their parents-for it.
Encrypted Messaging App Wickr Is Dead. A decade ago, Wickr was on the short list of trusted software for secure communications.
The app's end-to-end encryption, simple interface, and self-destructive messages made it a go-to for hackers, journalists, drug dealers-and traders in child sexual abuse materials-seeking surveillance-resistant conversations.
After Amazon acquired Wickr in 2021, it announced in early 2023 that it would be shutting down the service at the end of the year, and it appears to have held to that deadline.
Luckily for privacy advocates, end-to-end encryption options have grown over the past decade, from iMessage and WhatsApp to Signal.
This Cyber News was published on www.wired.com. Publication date: Sat, 06 Jan 2024 15:13:04 +0000