on Friday, and Radical Transparency Group DDoSecrets . released Hundreds of hours of police helicopter surveillance footage. It’s not clear who originally obtained the data, or what that person’s motives were, but the batch shows how broad law enforcement is, and how accurate his cameras are. Privacy advocates also say the incident underscores that authorities aren’t doing nearly enough to protect sensitive data, and have very lax retention policies in place.
In other weather news: For the first time, intelligence officials say a Consumer drones may have tried to disrupt the US power grid. The July 2020 accident occurred at a power substation in Pennsylvania; Equipped with nylon ropes and copper wires, the DJI Mavic 2 quadcopter appears bent on causing a short circuit, but crashes on a nearby surface before reaching its apparent target. Security experts have warned about this possibility for years, and say regulators have not moved fast enough to mitigate the threat.
witnessed this week China’s New Data Privacy Law Take effect, and the repercussions are already starting to emerge. Hey ho! She left the country, citing “increasing challenges in the business and legal environment.” And while the regulations are some of the toughest in the world, the fact that the Chinese have linked them to national security interests—and still give themselves extraordinary access to their citizens’ data—may inspire other countries to take a similarly aggressive stance.
Crypto scammers have used the popularity of Netflix’s success squid game To reap the interest, then pull the rug out on investors to the tune of more than $3 million. The Close the Dark Web Bazaar in the White House earlier this month, but he raised the level of security measures during his short reign. And if you have iCloud +, here’s how to take advantage of all the new security measures You can access it now.
Finally, be sure to take a few minutes this weekend to dive into this how-to story A group of tired parents built their own open source version of their school system app– Just to make the city call the cops on them.
And there’s more! Each week we round up all the security news that WIRED hasn’t covered in depth. Click the headlines to read the full stories, and be safe out there.
The DarkSide ransomware gang She spent a year or so as one of the most prolific groups in an extremely crowded field of criminal hackers, culminating in the Attack on the colony pipeline That caused temporary gas shortages along the east coast. They went dark shortly after that, probably because of all the attention, but they’ll probably re-emerge as a group They called themselves BlackMatter After not too long. Now, the US State Department has offered a reward of up to $10 million to anyone with information that will help them identify or identify the leadership of DarkSide, as well as up to $5 million for advice leading to the arrest or conviction of DarkSide affiliates. over there There is no easy answer to ransomwareBut the pressure on its high-profile perpetrators is at least a start.
Another way to deal with hackers? Docs them! This is the approach taken by Ukraine this week, expelling several members of the Russian hacking group Gamaredon and linking them to the country’s FSB intelligence service. In addition to sharing the names of the hackers, Ukrainian authorities released phone calls discussing their attacks and complaining about their salaries. Ukraine’s Security Service says Gamaredon has carried out more than 5,000 cyber attacks against 1,500 government targets since 2013.
Busy week of government enforcement! The United States this week added four companies linked to cybersecurity to its Entity List, indicating that they are engaged in “activities contrary to the national security or foreign policy interests of the United States.” NSO Group is the most well-known name; spyware company Pegasus malware allegedly used to target journalistsand dissidents and human rights activists around the world. The Israeli company Kandero was accused of the same thing. Russian cybersecurity firm Positive Technologies found itself on the list as well; had a He has already been punished For her support of her homeland’s intelligence services, a charge also brought against Singapore-based consultancy PTE.
This week, Cambridge researchers revealed a bug in the Unicode component that affects most code-compilers, meaning that it has implications for almost all code. The immediate concern is that the bug could be used in a supply chain attack, slipping the vulnerabilities into the kind of foundational code that powers a large number of programs. Some organizations have already pushed the patches, but we all know how it goes.
More great wired stories