As states strive Given the far-reaching implications of the U.S. Supreme Court’s June decision to overturn the constitutional right to abortion, WIRED examines the privacy risks posed by widely deployed automated license plate readers as the risk of being sued nationwide for seeking abortions Rising. As civil rights protections and law enforcement powers evolve, researchers highlight the value of end-to-end encryption for digital self-defense anywhere in the world.
Apple this week announced a new protection called iOS 16’s “Lockdown Mode,” which gives users the option to run their phones in a more limited but safer mode if they’re at risk of being targeted by intrusive spyware. New encryption algorithms announced by the National Institute of Standards and Technology designed to be resistant to quantum computers will be difficult to test in any practical sense for years to come, researchers say.
We examine how users can protect themselves from the worst Instagram scams, and review the worst hacks and data breaches of 2022 so far, with more to come.
But that’s not all. Every week we gather news that we don’t break or cover in depth. Click on the title to read the full text. And stay safe outside!
In one of the most widespread and impactful personal data breaches ever, attackers obtained data on nearly 1 billion Chinese citizens from a Shanghai police database and attempted to extort about $200,000 from the department. The treasure trove of data contains names, phone numbers, government ID numbers and police reports. The researchers found that the database itself was secure, but the administrative dashboard was publicly accessible from the open internet, and anyone with basic technical skills could access the information without requiring a password. The scale of the breach is enormous, and it is the first time a Chinese government has been hit on this scale, which is notorious for hoarding vast amounts of data, not only of its own citizens, but of people all over the world. China has been memorably responsible for the violations of the US Office of Personnel Management and the violations of the Equifax credit bureau, as well as many other incidents around the world.
FBI Director Christopher Wray and the head of Britain’s security agency MI5, Ken McCallum, issued a joint warning this week that, as Wray said, China is “a threat to our economy and national security.” the greatest long-term threat.” The two noted that China has conducted extensive espionage around the world and interfered in elections and other political processes. Wray noted that if China moved to seize Taiwan, it would “represent one of the most horrific business disruptions in the world.” MI5’s focus on China has more than doubled since 2019, and there are now seven times as many investigations related to the Chinese Community Party as in 2018, McCallum said. Chinese Foreign Ministry spokesman Zhao Lijian said British officials were trying to “hype up the China threat theory.” He added that MI5 should “abandon the imaginary demons.”
HackerOne, the bug bounty program that manages bug submission and bounty programs for companies, fired an employee this week for stealing vulnerability disclosures submitted through the platform and submitting them to affected companies for personal access Benefit Rewards. HackerOne discovered the scheme after a client company flagged a vulnerability disclosure that was suspiciously similar to one it received from another researcher in June. The rogue employee, new to the company, had access to HackerOne’s platform from April 4 to June 23 and disclosed seven vulnerabilities using stolen research. “This is a clear violation of our values, culture, policies and employment contracts,” HackerOne wrote in an incident report. “We have fired this employee and have further strengthened our defenses to avoid similar situations in the future.”
North Korean hackers have been using little-known Maui ransomware to attack healthcare and public health sectors, the U.S. Cybersecurity and Infrastructure Security Agency, FBI and Treasury Department said in a joint alert this week. They warned that paying such a ransom could violate U.S. sanctions. “North Korean state-sponsored cyber attackers used Maui ransomware in these incidents to encrypt servers responsible for healthcare services, including electronic health records services, diagnostic services, imaging services, and intranet services,” the alert warned. “In some cases, these events have long disrupted services provided by targeted HPH sector organizations.”