What you missed in cybersecurity this week

It’s been a busy week — it’s powerful to keep up with all the cybersecurity news. We’ve collected some of the biggest cybersecurity stories from the week — from TechCrunch and afar — to keep you up to date with the latest hacks, privacy breaches and security stories you need to know.

Facebook now says its password leak affected ‘millions’ of Instagram users

TechCrunch: As all eyeballs were on attorney general William Barr giving his highly anticipated summary of the Mueller report out this week, Facebook was quietly updating a blog post it had published a month earlier, revising up the number of Instagram accounts affected by a years-long bug that stored passwords in plaintext. Facebook admitted that “millions” of accounts were affected and not “hundreds of thousands” as it had first estimated. It wasn’t a coincidence; it was an excellent opportunity for Facebook to bury evil news. CNN’s Donie O’Sullivan named
it the “most cynical” thing
Facebook has done since dropping its report detailing its role in a genocide in Myanmar the day before the U.S. midterm elections.

Utah bans policeman from searching digital data without a warrant

Forbes: Some good news for privacy advocates this week: an enormous Fourth Amendment loophole has been closed in the state of Utah. Previously, state law enforcement only required a subpoena to access someone’s digital content — including emails, pictures, video and audio — from internet and cloud providers. Now, following the introduction of HB 57, the Electronic Information or Data Privacy Act, policeman need a warrant based on probable cause. No more warrantless fishing expeditions allowed.

a mystery agent is doxing Iran’s hackers and dumping their code

Wired: Buried in the news this week was the startling revelation that someone — whose identity isn’t known — has begun spilling the secrets of an iranian hacker faction, known as OilRig or APT34, on a telegram channel, according to Chronicle, Alphabet’s cybersecurity company. It would be a destructive breach of their operational security if true, only a couple of years after the Shadow Brokers stole and published highly classified hacking tools developed by the National Security Agency.

The Weather Channel knocked off the breeze for over a hour

Wall roadway Journal: For over a hour on Thursday, The Weather Channel was brought offline by a ransomware assault. In a tweet, the channel said it restored its live programming after running through its backup systems. The FBI said it was investigating. It’s the latest ransomware incident knocked
a major company — from aluminum maker Norsk Hydro to drinks giant Arizona Beverages.

Mueller report: Hacked elections, encrypted messaging, troll farms and more

TechCrunch: After two years, the exclusive advice’s probe into Russian interference with the 2016 U.S. presidential election is over. TechCrunch covered the tech angles you need to know: from how Russian-backed hackers broke into the Hillary Clinton crusade, how the use encrypted messaging apps hindered the investigation, how successful Russia was in breaking into election systems, and what role its troll factory and disinformation had on the election.

FTC said to want to face-off with Mark Zuckerberg over privacy violations

Washington Post: Now more than ever, Facebook is under the watchful eyeball of the Federal vend Commission. a report this week said the social media giant’s founder Mark Zuckerberg could also be in the agency’s crosshairs. It’s part of an ongoing effort to hold the company accountable since the Cambridge Analytica scandal, following which has been security incident after incident, amid claims of mismanaged consumer data and gross ethical violations.

Cybersecurity tight Verint knocked
by ransomware

ZDNet: Verint, a cybersecurity company, was also knocked
by ransomware this week. Described as an “extreme case of irony,” the company was forced to bring in a third-party security tight to handle the infection. It comes in the same week that Wipro, one of India’s largest outsourcing companies, was knocked
by hackers. The company initially denied the breach, but was challenged by the security reporter Brian Krebs — who broke the news — live on the company’s earnings conference days following the breach. Of course the call was recorded, forcing Wipro’s emperor operating officer Bhanu Ballapuram to come clean.

Security flaw in French government messaging app exposed secret conversations

TechCrunch: And finally, a security flaw was found in the French government’s own encrypted messaging app Tchap immediately after it launched. Security researcher Baptiste Robert created an user account — even though the service is restricted to government officials. The app, which uses the open-source Signal Protocol, inadvertently allowed access to non-government email addresses, exposing the app’s public channels.


Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *