1.9 C
Thursday, December 2, 2021

Someone sneaked a card skimmer into Costco to steal shopper data

This week, safe Google researchers discovered a so-called watering hole attack, which targeted Apple devices in Hong Kong indiscriminately. Hackers invaded media and democratic websites in the region, distributed malware to any visitors via iPhone or Mac, and set up backdoors to allow them to steal data, download files, etc. Google did not attribute the event to any particular participant, but did point out that “the activities and goals are consistent with government-supported participants.” This event echoes the revelation that China has targeted thousands of iPhones in a similar manner in 2019- At the time, this sounded the alarm that iOS security was not as reliable as people thought.

The Department of Justice also announced its most important ransomware enforcement operation to date, arresting a hacker suspected of being connected to the notorious REvil group and confiscating $6.1 million in cryptocurrency from another person. There is still a long way to go to contain the wider ransomware threat, but showing that law enforcement can actually extract the consequences is an important start.

If you notice that TikTok is pushing you to connect more with friends and family — instead of limiting your feeds to talented and charming strangers — then you are not alone. In recent months, the platform has taken some unprecedented measures to figure out who your friends are in real life, which has raised concerns about privacy and whether changes in TikTok will undermine the appeal of social networks.

Finally, at this week’s RE:WIRED conference, we spoke with Jen Easterly, Director of the Cyber ​​Security and Information Security Bureau, and discussed the challenges she and the entire US government face from increasingly complex opponents. After being promoted through the National Security Agency and the Pentagon, Easterly became accustomed to offensive cyber operations. Her current job? Take some defense. She said that it is best with the help of the broader hacker community.

there are more! Every week we collect all safety news that WIRED has not covered in depth. Click on the title to read the full story and stay safe there.

You usually associate card reader attacks (pretending to be a credit card reader to steal your payment information) with ATMs and gas pumps, as long as you think of them. But recently someone placed a card swiping device in Costco warehouses everywhere. According to a report by BleepingComputer, an employee found these interleaved devices during a “routine inspection.” The company has notified people whose credit card information may be stolen. This is a good reminder, please double check where you put the plastic-or stick to NFC for payment.

Earlier this week, Robinhood disclosed a “security incident” in which a hacker used social engineering to access an email list of 5 million people, the full names of 2 million people, and the names, birth dates, and postal codes of 310 people. coding. Motherboard continued to report that the attackers actually accessed internal tools that allowed them to disable users’ two-factor authentication, log them out of their accounts, and view their balance and transaction information. Robinhood stated that customer accounts have not been tampered with, but this does not help much with the fact that they can obviously be tampered with easily.

The spyware manufacturer NSO Group is no stranger to the controversy recently. It was recently included on the list of American entities because it allegedly “developed and provided spyware to foreign governments, which use these tools to maliciously target government officials, journalists, businessmen, and activities.” Homes, scholars, and embassy staff.” Now, researchers from the non-profit organization Frontline Defenders said they found the company’s Pegasus malware on the phones of six Palestinian militants. They could not clearly associate the source of the malware with a specific country or organization, but the incident was only the latest in a series of monitored malware that was used in places where it should not be used clearly.

More exciting connection stories

- Advertisement -spot_img
Latest news
- Advertisement -
Related news
- Advertisement -


Please enter your comment!
Please enter your name here