Tuesday, May 11, 2021

Update your iPhone and iPad now if you haven’t recently

Must read


Believe it or do not, GameStop Stock was not the only story in the world this week. The past few days have also been tumultuous for cybersecurity, especially after revelations that [North Korean hackers targeted security pros](https://www.wired.com/story/north-korea-hackers-target-cybersecurity-researchers/) with a compelling DM campaign. Lots of people have shared screenshots of how they dodged the bullet, but it’s still unclear how many more fell for the trick.

Speaking of falls, an international law enforcement team shot down the famous Emotet botnet this week, arresting two suspected gang members behind her and grabbing servers in the process. Ransomware operators and other bad actors who have used Emotet to distribute their wares will likely switch to other means of distribution, but at least the ‘world’s most dangerous malware’, as Europol called it, has been extinguished for the instant.

These things tend to persist, after all. Take Flash, the software that launched a thousand vulnerabilities. While Adobe killed him last week (for real this time), he will continue to persist and cause problems on some systems for years to come. Another potential problem: Telegram, the messaging app that exploded in popularity as users fled WhatsApp on privacy issues and Talk about his current state of non-existence. While Telegram offers end-to-end encryption, it is not enabled by default and is not available at all for group chats, which may cause some users to expose themselves more than they realize.

Plans for an encrypted federal gun registry also challenged assumptions this week, offering a potential way to balance accountability and privacy for a hot topic. And we watched how Facebook allows advertisers to target military categories, which could have worrying consequences.

Finally, be sure to read the first opus in the serialized novel we run in WIRED this month and the next. This follows a conflict with China in 2034 which is pure fiction, but which seems too close to the real.

And there’s more! Every week, we collect all the news that we haven’t covered in depth. Click on the titles to read the full stories. And stay safe there.

Most iOS updates contain some sort of security patch. But it’s a rarer opportunity for the vulnerabilities they fix to be actively exploited by hackers. This is the case with iOS 14.4, released earlier this week, which fixes not one but three bugs that attackers can use in the wild, according to Apple support. security update. These are not minor issues either; the flaws in question, present in WebKit and the iOS kernel, would have allowed the execution of arbitrary remote code and an elevation of privilege, respectively, which could give a hacker access to your device and its data. Does this mean you have been hacked? Probably not! But there is no sense in risking it when you can protect yourself by already installing the dang update.

Not all data leaks are created equal. In this case, ZDNet 2.28 million users of the MeetMindful dating app had information such as their real names, dating preferences, geolocation, Facebook user IDs and authentication tokens, and the “body details” shared for free download on a hacking forum. According to ZNet, the thread containing the download had been viewed more than 1,500 times on Sunday. Dating profile information is useful not only for identity theft, but also for more aggressive extortion schemes.

Ransomware has exploded lately, with hackers successfully targeting all hospitals at towns at international companies. This week, the DoJ took action against one of the many groups responsible for the scourge, arresting a Canadian who it says used the Netwalker ransomware to shake victims for a total of $ 27.6 million. Unfortunately, Netwalker is ransomware-as-a-service; the federal government arrested a suspected affiliate rather than a core member of the group behind it. Yet progress is progress.

OK, well, it’s been a long week and it’s an interview with a guy who had to use bolt cutters to break free from a chastity belt that a hacker had locked remotely. You deserve it.


More WIRED stories

- Advertisement -spot_img

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisement -spot_img

Latest article