Update your iPhone and iPad now if you haven’t recently



[ad_1]

Believe it or no, the GameStop action wasn’t the only story in the world this week. The past few days have also been tumultuous for cybersecurity, especially after revelations that North Korean hackers have targeted security professionals with a compelling DM campaign. Lots of people have shared screenshots of how they dodged the bullet, but it’s still unclear how many more fell for the trick.

Speaking of the fall, an international team of law enforcement agencies destroyed the notorious Emotet botnet this week, arresting two suspected gang members behind it and seizing servers in the process. Ransomware operators and other bad actors who have used Emotet to distribute their wares will likely switch to other means of distribution, but at least the ‘world’s most dangerous malware’, as Europol called it, has been extinguished for the instant.

These things tend to persist, after all. Take Flash, the software that launched a thousand vulnerabilities. While Adobe killed it last week (for real this time), it will continue to persist and cause problems on some systems for years to come. Another potential problem: Telegram, the messaging app that has exploded in popularity as users fled WhatsApp for privacy concerns and Speak for its current state of non-existence. Although Telegram offers end-to-end encryption, it is not enabled by default and is not available for group chats at all, which may cause some users to expose themselves more than they realize. .

Plans for an encrypted federal gun registry also challenged assumptions this week, offering a potential way to balance accountability and confidentiality for a hot topic. And we looked at how Facebook allows advertisers to target military categories, which could have worrying consequences.

Finally, be sure to read the first episode of the serialized novel we’re running in WIRED this month and next. This follows a conflict with China in 2034 which is pure fiction, but which seems too close to the real.

And there’s more! Every week, we collect all the news that we haven’t covered in depth. Click on the titles to read the full stories. And stay safe there.

Most iOS updates contain some sort of security patch. But it’s a rarer opportunity for the vulnerabilities they fix to be actively exploited by hackers. This is the case with iOS 14.4, released earlier this week, which fixes not one but three bugs that attackers can use in the wild, according to the security update provided by Apple. These are not minor issues either; The flaws in question, present in WebKit and the iOS kernel, would have allowed the execution of arbitrary remote code and an elevation of privilege, respectively, which could give an attacker access to your device and its data. Does this mean you have been hacked? Probably not! But there is no sense in risking it when you can protect yourself by already installing the dang update.

Not all data leaks are created equal. In this case, ZDNet 2.28 million users of the MeetMindful dating app had information such as their real names, dating preferences, geolocation, Facebook user IDs and authentication tokens, and the “body details” shared for free download on a hacking forum. According to ZNet, the thread containing the download had been viewed more than 1,500 times on Sunday. Dating profile information is useful not only for identity theft, but also for more aggressive extortion schemes.

Ransomware has exploded in recent times, with hackers successfully targeting everything from hospitals and cities to international corporations. This week, the DoJ took action against one of the many groups responsible for the scourge, arresting a Canadian who it says used the Netwalker ransomware to shake victims for a total of $ 27.6 million. Unfortunately, Netwalker is ransomware-as-a-service; the federal government arrested a suspected affiliate rather than a core member of the group behind it. Yet progress is progress.

OK, well, it’s been a long week and it’s an interview with a guy who had to use bolt cutters to break free from a chastity belt that a hacker had locked remotely. You deserve it.


More WIRED stories

[ad_2]

Source link