A hacker group calling itself Solntsepek, previously linked to the infamous Russian military hacking unit Sandworm, took credit this week for a disruptive attack on the Ukrainian internet and mobile service provider Kyivstar.
Kytch argues in a recent court filing that the email reveals the real reason why, a couple of weeks later, McDonald's sent an email to thousands of its restaurant franchisees claiming safety hazards related to Kytch's ice-cream-machine-whispering device.
WIRED looked at how Microsoft's Digital Crime Unit has refined a strategy over the past decade that combines intelligence and technical capabilities from Microsoft's massive infrastructure with creative legal tactics to disrupt both global cybercrime and state-backed actors.
We dove into the controversy over reauthorization of Section 702 surveillance powers in the US Congress.
Each week, we round up the security and privacy news we didn't break or cover in depth ourselves.
Geofence warrants, which require tech companies to cough up data on everyone in a certain geographic area at a certain time, have become an incredibly powerful tool for law enforcement.
Now, Google has made technical changes to rein in that surveillance power.
The company announced this week that it would store location history only on users' phones, delete it by default after three months, and, if the user does choose to store it in a cloud account, keep it encrypted so that even Google can't decrypt it.
The move has been broadly cheered by the privacy and civil liberties crowds as a long-overdue protection for users.
It will also strip law enforcement of a tool it had come to increasingly rely on.
Geofence warrants were sent to Google to obtain data on more than 5,000 devices present at the storming of the US Capitol on January 6, 2021, but they have also been used to solve far smaller crimes, including nonviolent ones.
In a different sort of technical move to tighten users' data protections, Apple has added new security features designed to make it harder for thieves to exploit users' sensitive data and accounts.
The Wall Street Journal had previously reported on how thieves who merely learned someone's passcode-say, by looking over their shoulder-and then stole their phone could access their online accounts and even make payments to drain their bank balances.
Apple has now created a Stolen Device Protection feature that, when enabled, will require you to use a biometric feature like TouchID or FaceID to access certain accounts and phone features, in addition to the passcode that unlocks the phone.
For the most sensitive features, like changing passwords or passcodes or turning off Find My, Apple will also force you to wait an hour and authenticate again if the phone isn't in a location the user typically frequents.
The group of Chinese hackers known as Volt Typhoon has rung alarm bells across the cybersecurity industry all year with news of its intrusions targeting power grids and other critical infrastructure in the Pacific region and the US. A new report from The Washington Post offers fresh details of the disturbing mix of networks that the group has breached, including a water utility in Hawaii, an oil and gas pipeline, and a major West Coast port.
The hackers haven't actually caused any disruptions, nor have they penetrated the industrial control system side of their targets' networks-the sensitive systems capable of triggering physical effects.
In combination with previous reports of Volt Typhoon's work to plant malware inside electric utilities in the continental US and Guam, the report paints a picture of China's escalating moves to prepare the groundwork for disruption in the event of a crisis, such as an invasion of Taiwan.
The notion that your iPhone or Amazon Echo is quietly listening to your conversations has long been one of the most paranoid suspicions of all technology users-bolstered, of course, by the targeted ads that are often so accurate that they seem to be pulled directly from verbal conversations.
This week, that suspicion finally became more than an urban legend when 404 Media reported on an advertising company actively claiming that it can eavesdrop on conversations via those kinds of devices.
This Cyber News was published on www.wired.com. Publication date: Sat, 16 Dec 2023 14:43:04 +0000