a group of It can be ATMs and POS terminals hacked by a wave of your phone, According to research released this week on the vulnerabilities of NFC card readers. And the Defects in Dell’s bona fide firmware update mechanism It left 128 modern and popular computer models, including high-end devices with added security protection, vulnerable to attacks.
This week, French authorities filed an indictment against four former executives of the surveillance company Nexa Technologies (formerly AMISIS). Alleged complicity in torture and war crimes. The accusations are the result of the company selling spyware to authoritarian regimes in Libya between 2007 and 2014.
at the same time, The notorious antivirus pioneerائد John McAfee died in prisonHe reportedly committed suicide outside Barcelona on Wednesday after a Spanish court ruled that he could be extradited to the United States to face tax evasion charges. The US removed Iranian media sites Raises important questions about the precedents for global freedom of expression.
If you’ve been feeling like Amazon’s been breathing through your neck lately, take some time this weekend Remind yourself of the variety of data the company collects Its users are considering options to protect your private information.
and the The Pentagon has finally released its long-awaited report on UFOs الطائرة. It matters what he says – and what he doesn’t say.
And there’s more. Each week we round up all the security news that WIRED hasn’t covered in depth. Click the headlines to read the full stories, and be safe out there.
The whole point of using a network attached storage device is to have a hard drive where you can backup important data and then access files online while you’re abroad. But unknown hackers turn Western Digital My Book NAS hard drives into nightmare backup tools by endangering users’ devices and then deleting all data from them. My Books is controlled by an app, WD My Book Live, which allows customers to access their data remotely and manage their NAS. But users all over the world are reporting that their devices have been hijacked and wiped. When they try to log in and gain access, the remote administration dashboard displays an “invalid password”. Western Digital said sleeping computer In a statement they are actively investigating the situation. So far, though, victims who lost data have not been so lucky. The devices in question are at least six years old and received their last firmware update in 2015. “Western Digital has determined that some My Book Live devices are being hacked by malware. In some cases, this hack has resulted in a factory reset that appears It erases all the data on the device.” At this time, we recommend that you disconnect your My Book Live from the Internet to protect your data on the device. “
Seven months ago, the former president Donald Trump on Twitter named the latest Director of the Agency for Cyber Security and Infrastructure Security, Chris Krebs, to agree with the intelligence agencies’ conclusion that the 2020 elections were safe against foreign interference. Since then, Krebs has yet to be replaced – even as the US has faced some of the worst cyberattacks on government agencies and critical infrastructure in history, including the SolarWinds intrusions, the mass hacking of Exchange servers by Chinese hafnium hackers, and Ransomware attack on the colonial pipeline. However, US Senator Rick Scott (R-Fla) announced this week that he would block the appointment of a new director of CISA, the eminently qualified Jane Easterly, until Vice President Kamala Harris visits the southern border — postponing the appointment until after the Senate summer. recess. Fellow officials and cybersecurity practitioners, stunned by the highly politicized delay of a critical US national security post, spoke on Twitter. “The cyber threat facing America is very real and very immediate to use the nomination of a top cyber official as hostage for an unrelated political matter,” Senator Angus King (I-Min) said in a statement. “This is an astonishing neglect of duty by Senator Scott,” Alex Stamos, Facebook’s chief executive officer, wrote. “A wonderful summer!”
Crypto exchange Binance announced this week that it has worked with law enforcement to help trace the cryptocurrency used in the operations of the Cl0p ransomware gang, six of whom were arrested by Ukrainian police in Kiev last week. According to Binance, the ransomware operators were also running their own crypto exchange focused on money laundering, helping cash the criminal proceeds of Cl0p hacks as well as those of other groups. In total, the Cl0p gang has laundered at least half a billion dollars, according to Binance and two of the blockchain analytics firms it has worked with, TRM Labs and Crystal. In fact, the six operators arrested last week may represent more of the money laundering component of Cl0p’s operations than the actual hacking team. Despite last week’s arrests, Cl0p added a new company to its list of ransomware victims on Tuesday of this week.
Amazon Web Services announced Friday that it has acquired end-to-end encrypted chat app Wickr. The service offers secure communication and collaboration for individual users as well as businesses, governments, and military clients. Wickr has raised nearly $60 million in funding since its founding in 2012. AWS says it will continue to operate Wickr in its current form and offer the platform to AWS customers. “This gives security-conscious organizations and government agencies the ability to implement critical governance and security controls to help them meet their compliance requirements,” AWS Vice President and Chief Information Security Officer Stephen Schmidt wrote Friday.
More great wired stories