how do you Smuggling information into the Soviet Union under the nose of the KGB? Of course, create your own encryption system. That’s exactly what saxophonist and music professor Meryl Goldberg did in the 1980s. This week, Goldberg revealed that she used musical scores to hide activists’ names and addresses, as well as meeting details from a rare trip to the Soviet Union. To that end, she made her own encryption system. Each note and mark represents a letter in the alphabet and helps disguise sensitive information. When Soviet officers examined the documents, no suspicion was raised.
Goldberg’s story was retold at the RSA conference in San Francisco this week, and Wired’s Lily Newman has been digging the story. Also from RSA: warns that as ransomware becomes less lucrative, attackers may turn to business email compromise (BEC) scams to make money — BEC attacks are already very lucrative.
Also this week, darknet marketplace AlphaBay is about to complete its journey back to the pinnacle of the online underworld. The original AlphaBay website, which had more than 350,000 listings for products ranging from drugs to cybercrime services, was purged from the dark web in July 2017 as part of a massive law enforcement operation. However, AlphaBay’s second-in-command, an actor named DeSnake, survived the enforcement action and relaunched the site last year. Now AlphaBay is growing rapidly and is about to regain its dominance in darknet markets.
Elsewhere, Apple held its annual Worldwide Developers Conference this week and unveiled iOS 16, macOS Ventura, and some new MacBooks—and the Gear team at WIRED has you covered with everything Apple announced at WWDC.However, there are two great new security features worth mentioning: Apple is replacing passwords with new encryption keys, and it is introducing security checks Help someone in an abusive relationship. Database company MongoDB also held its own event this week, and while it might not be as high-profile as WWDC, MongoDB’s new Queryable Encryption tool could be a key defense against data breaches.
This week we also reported on a Tesla bug that allowed anyone to create their own NFC car key. Disinformation and hate speech are flooding TikTok ahead of Kenya’s election in early August, new research from the Mozilla Foundation finds. Elon Musk reportedly gained access to Twitter’s “fire hose,” raising privacy concerns. We delved into the shocking new evidence televised by the House committee on Jan. 6.
But that’s not all, guys. Every week we round up major security and privacy news that we don’t cover ourselves. Click the link for the full story and stay safe.
Over the past two years, state-backed hackers working on behalf of the Chinese government have attacked dozens of communications technologies, from home routers to large telecom networks.That’s according to the NSA, FBI and Cybersecurity and Infrastructure Security Agency (CISA), which released a security advisory this week Detail “extensive” hacker attack.
Since 2020, China-backed actors have been exploiting well-known software flaws in hardware and integrating infected devices into their own attack infrastructure. According to the US agency, the attack typically consists of five steps. Hackers in China use publicly available tools to scan networks for vulnerabilities. They would then gain initial access through online services, access login details from the system, access routers and replicate network traffic, and finally “steal” victim data.
