A week later the revelation that Facebook has leaked the data of 500 million users – including phone numbers and other potentially sensitive information – and the company has still not made a full account of what happened. But we managed to find out that the root of the problem was Facebook’s “contact import” feature, and that Facebook had plenty of opportunities to fix that problem before it resulted in attackers getting the data of half a billion people. scraped.
On Thursday, federal agents arrested a 28-year-old Texas man for allegedly making plans to blow up an Amazon data center in Virginia. According to court documents, he had posted alarming messages in the forums on MyMilitia.com, which someone subsequently reported to the FBI. While a worrying incident, domestic terror experts say there is no indication that Big Tech is a more outspoken target than in recent years, despite heightened rhetoric from the far right about alleged censorship.
The encrypted messaging app Signal announced this week that it would integrate the relatively new cryptocurrency MobileCoin. While a payment feature will help Signal keep up with its more complete competitors, the move raised the question of whether Signal piqued regulator interest and overcomplicated a product lauded for its simplicity and ease of use.
As Slack and Discord gained popularity during the pandemic, they have also become more popular among hackers as a way of spreading malware. And as Twitch’s own micro-celebrities become more prominent, the service has put in place an official policy to enforce serious bad behavior that takes place outside of the platform.
The UK wants to stop Facebook’s efforts to expand its end-to-end encryption. Russia may have found a new way to censor the internet, and Twitter is having a hard time. And Duty cheats are increasingly riddled with malware.
Finally, it’s rare to peek into the National Security Agency, but three women involved in cybersecurity in the intelligence community gave WIRED a look at the opportunities and obstacles that have shaped their careers.
And there is more! Every week we collect all the news that WIRED has not covered in depth. Click on the headlines to read the full stories. And stay safe out there.
Remember that Facebook leak? Of course! We just spent a lot of time on it. Not to be outdone, LinkedIn confirmed this week that a treasure for sale on hacker forums includes, in addition to other resources on the Internet, “publicly viewable profile information of members who appear to have been scraped off LinkedIn.” LinkedIn wasn’t hacked (this time!), But instead fell victim to attackers who figured out how to collect widely available user information. Even if it was online already, personal data collected in this way still benefits hackers and phishers, especially those who can use it to build profiles of you for better targeting.
According to the Belgian police, more than 27 tons of cocaine has been seized in Antwerp in the past two months. More interestingly, authorities claim they were initially tipped off for the transmissions after decrypting hundreds of millions of messages sent to the defunct encrypted phone company and Sky ECC network. The Dutch and Belgian authorities had already arrested dozens of people allegedly associated with the drug trade in the aftermath of the Sky cracking.
Two Dutch researchers showed this week that they could remotely control a PC with Zoom without user intervention. Specific details have not been disclosed as Zoom has yet to patch the underlying bugs. The team’s findings earned them $ 200,000 at Pwn2Own, a bi-annual competition for white-hat hackers. “We are working to mitigate this issue with regard to Zoom Chat, our group messaging product,” Zoom said in a statement. “In-session chat in Zoom Meetings and Zoom Video Webinars is not affected by the issue. The attack must also come from an accepted external contact or be part of the same target’s organizational account.”
In these quarantined times, it is normal for personal wine consumption to increase. That hasn’t gone unnoticed by scammers, who are increasingly registering malicious domains targeting oenophiles, according to new research from Recorded Future and Area 1 Security. At its peak in June, malicious domains made up 7 percent of all wine-themed domains registered. Talk about … sour … grapes.
More great WIRED stories