Friday, the The radical transparency organization DDoSecrets released hundreds of hours of surveillance video from police helicopters. It is unclear who obtained the data in the first place, or what the motives of this person were, but this treasure trove shows how widespread the “eye in the sky” of law enforcement has become and how high-fidelity its cameras are. Privacy advocates also said that this incident highlights that the authorities have not done enough to protect sensitive data and that the retention policy is too loose.
In other aviation news: Intelligence officials say that a consumer-grade drone may be the first attempt to disrupt the U.S. power grid. The July 2020 incident occurred at a substation in Pennsylvania; the DJI Mavic 2 quadcopter equipped with nylon and copper wires seemed determined to cause a short circuit, but crashed on a nearby roof before reaching an obvious target. Over the years, security experts have warned of this possibility and said that the regulators did not act quickly enough to mitigate the threat.
This week, China’s new data privacy law came into effect, and its impact has already begun to show. Yahoo! The reason for leaving the country was “an increasingly challenging business and legal environment.” Although these regulations are the most stringent in the world, the fact that China associates them with national security interests—and continues to grant itself extraordinary access to citizens’ data—this fact may inspire other countries to adopt similar aggressions. attitude.
Cryptocurrency scammers take advantage of Netflix’s popularity Squid game To arouse interest, and then pull investors to more than 3 million US dollars. The White House Market Dark Web Bazaar closed earlier this month, but raised the bar for security measures during its brief reign. If you have iCloud+, here’s how to take advantage of all the new security measures you can access now.
Finally, be sure to set aside a few minutes this weekend to learn more about the story of how a group of fed up parents built an open source version of their own school system application-but the city government called them to the police.
there are more! Every week we collect all the safety news that WIRED has not covered in depth. Click on the title to read the full story and stay safe there.
It took the DarkSide ransomware group a year or so to become one of the most prolific groups in a very crowded criminal hacking field, eventually attacking the Colonial Pipeline, causing a temporary gas shortage on the East Coast. They went black shortly after that, probably because of all the attention, but it is likely that a group calling themselves BlackMatter reappeared soon after. Now, the US State Department is offering a reward of up to $10 million, rewarding anyone with information that can help them identify or locate the leadership of DarkSide, as well as clues of up to $5 million to reward clues that led to the arrest or conviction of DarkSide affiliates. Ransomware has no easy answers, but putting pressure on its most high-profile perpetrators is at least the beginning.
Another way to deal with hackers? Stop them! This is the approach taken by Ukraine this week, deporting several members of the Russian Gamaredon hacker group and linking them to the country’s FSB intelligence services. In addition to sharing the hacker’s name, the Ukrainian authorities also released phone recordings in which they discussed their attacks and complained about their salary. The Ukrainian Security Agency stated that since 2013, Gamaredon has conducted more than 5,000 cyber attacks against 1,500 government targets.
A busy week for government law enforcement! The United States this week added four cybersecurity-related companies to its list of entities, indicating that they have participated in “activities that violate the interests of US national security or foreign policy.” NSO Group is the most well-known name; the Pegasus malware of this spyware company is said to have been used to target journalists, dissidents and human rights activists around the world. The Israeli company Candiru was also accused of the same crime. Positive Technologies, a Russian cybersecurity company, is also on the list.It had Sanctioned before In order to support the country’s intelligence services, Singapore’s computer security initiative consulting company PTE has also been charged.
Cambridge researchers this week discovered a flaw in a Unicode component that affects most code compilers, which actually means that it affects almost all code. The most pressing problem is that the vulnerability may be used in supply chain attacks to hide the vulnerability in the basic code that supports a large number of programs. Some organizations have already introduced patches, but we all know how this is going.
More exciting connected stories