Employee of U.S. Immigration and Customs Enforcement (ICE) misused law enforcement databases to snoop on their romantic partners, neighbors, and business partners, WIRED is revealed exclusively this week. New data obtained through records requests shows that hundreds of ICE employees and contractors have faced investigations since 2016 for attempting to access medical, biometric and location without permission. The revelations raise further questions about safeguards ICE puts people’s sensitive information on.
Security researchers at ESET found old business routers full of corporate secrets. After purchasing and analyzing old routers, the company found many login details contained in the company’s VPN, hashed root admin passwords, and details about previous owners. The information will make it easy to impersonate the business that originally owned the router. Stick to Account Security: The Race to Replace All Your Accounts password with password is entering a messy new phase. The adoption of new technology faces beginning challenges.
The supply chain breach of 3CX, a VoIP provider that was compromised by North Korean hackers, is in the spotlight, and the attack appears to be… more complicated than initially thought. Google-owned security firm Mandiant said 3CX was initially compromised by a supply chain attack before its software was used to spread further malware.
Also this week, it was reported that the notorious LockBit ransomware gang is Malware development aimed at encrypting Macs. So far, most ransomware has focused on machines running Windows or Linux, not devices made by Apple. If LockBit is successful, it could open a new frontier of ransomware—however, for now, ransomware doesn’t appear to be working.
With the rise of generic AI models, like ChatGPT and Midjourney, we also looked at how you can protection against AI-powered scams. And a hacker who hacked right-wing commentator Matt Walsh’s Twitter account said they do it because they are “bored.“
But that’s not all. Each week, we put together stories that we ourselves don’t report in depth. Click on the title to read the full story. And stay safe out there.
Car thieves are using a variety of small hacking tools—sometimes hidden in Nokia 3310 phones or Bluetooth speakers—to break in and steal vehicles. This week, a report from motherboard details how criminals use controller area network (CAN) injection attacks to steal cars without accessing their keys. Security researchers say criminals must first remove the car’s headlights and then connect the hacking tool to two cables. Once connected, it can send fake messages to cars that look like they came from the car’s wireless key and allow the car to be unlocked and started.
Motherboard reports hacking devices are being sold online and on Telegram channels for between $2,700 and $19,600, a price that can be small when trying to steal luxury cars. Security researchers at Canis Labs details the problem for the first time after a vehicle is stolen using this technique. The ads claim that the tools can work on vehicles made by Toyota, BMW, and Lexus. Security researchers say encrypting traffic sent in CAN messages will help prevent attacks.
In recent years, NSO Corporation’s Pegasus spyware has been used to targeting political leaders, activists and journalists around the worldwith experts describing the technology as powerful as the ability of the most elite hackers. In response to sophisticated spyware, Apple released Lock mode Last year, this added additional security protections to iPhones and limited the success of spyware. Now, new research from the University of Toronto’s Citizen Lab has found that Apple’s security measures are working. Cases reviewed by Citizen Lab show that iPhone running Lock Mode blocked hacking attempts linked to NSO’s software and sends notifications to phone owners. The study found three new “no-click” exploits that could affect iOS 15 and iOS 16, which were already targeted at members of Mexican civil society. Lock mode detected one of these attacks in real time.
Since OpenAI released GPT-4 in March, people were clamoring to get the text generation system. This, perhaps unsurprisingly, includes cybercrime. Analysts at security firm Check Point have discovered a growing market for selling credentials for GPT-4. The company said that since early March, it has seen “an increase in discussion and trafficking of stolen ChatGPT accounts”. This includes criminals exchanging premium ChatGPT accounts and breaking into accounts by guessing email logins and passwords. In theory, these efforts could help people in Russia, Iran, and China access OpenAI’s system, which is currently blocked in those countries.
Russia tried control of internet access and media of Ukraine since Vladimir Putin launched an all-out invasion in February 2022. Sensitive US documents leaked on Discord now show that Russian forces have been testing an electronic warfare system, which is being tested by Russian forces. called Tobol, to disrupt internet connections from Elon Musk’s Starlink satellite system. According to washington articles, Russia’s Tobol system appears to be more advanced than previously thought, although it’s unclear if it will actually disrupt internet connections. Analysts initially believed Tobol was designed for defensive purposes but later concluded that it could also be used for offensive purposes, disrupting signals as they are sent from the ground to satellites orbiting the Earth.
Over the past four years, politicians in the UK have been drafting laws designed to regulate the internet—first under the guise of online harm legislation, which has since been transformed into the Online Safety Bill . It’s a particularly messy process—often trying to tackle a dizzying array of online activity—but its impact on end-to-end encryption is alarming for tech companies. This week, WhatsApp, Signal and the companies behind five other encrypted chat apps signed an open letter says UK plans could effectively ban encryption, helping to keep billions of people’s conversations private and secure. (Only the sender and receiver can view end-to-end encrypted messages; the companies that own the messengers do not have access). “The bill poses an unprecedented threat to the privacy, safety and security of all UK citizens and those with whom they interact around the world, and encourages hostile governments to may seek to draft imitative legislation,” the companies wrote in the letter.
