[ad_1]
with main The U.S. spy agency is set to expire at the end of the year and face a showdown in Congress over whether to renew it, according to new internal audit data that shows U.S. Federal Bureau of Investigation (FBI) employees have repeatedly conducted illegal searches. Information collected by the amazing surveillance authority. Agents requested information about journalists, a US congressman and a political party in what the US Department of Justice called a “conflict”.
This week, WIRED spoke with the creator of Sinbad.io, a secret service popular with North Korean hackers and other cybercriminals that has facilitated tens of millions in illegal money laundering. And authorities in the United Kingdom and the United States have published their real-world names, dates of birth, email addresses and photos of seven alleged members of the Conti and Trickbot ransomware groups. The two governments have taken the unusual step of making clear that they see evidence of links between Russian-based cybercriminals and the Kremlin’s intelligence services.
US President Joe Biden said in a speech to the union this week that the US needs a bipartisan effort to “put tougher limits on the personal data that companies collect on all of us.” Reactions in Washington after the speech were promising, but it’s realistic that getting a national privacy law on the books in the United States any time soon will prove too many political landmines to cross. Meanwhile, legal experts told WIRED this week that the US Fair Credit Reporting Act should already limit the amount of information about Americans that data brokers can collect and sell. A new letter to the Consumer Financial Protection Bureau urges the agency to begin enforcing violations.
We look at how Moscow’s vast Smart City initiative, launched with the promise of reducing crime rates, is being used for heavy AI-assisted surveillance in the city during Vladimir Putin’s war in Ukraine. And if you were hoping to delete your Twitter DMs via GDPR requests, the company doesn’t seem to have any plans to comply.
Plus, there’s more. Each week we collect stories that we haven’t delved into ourselves. Click on headlines to read full stories. And stay safe out there.
North Korea’s elite state-sponsored hackers are among the world’s most ruthless—they steal millions of cryptocurrencies every year to evade sanctions and fund the hermit nation’s nuclear programs. A new security warning from US and South Korean officials this week shows just how aggressive the country’s threat actors are. Government-sponsored hackers have used nearly a dozen malware and ransomware to attack hospitals and healthcare systems in South Korea and the United States, according to the US National Security Agency (NSA), the FBI and the Cybersecurity and Infrastructure Security Agency (CISA).
John Hultquist, who heads intelligence analysis at security firm Mandiant; He said the attacks were related. The Andariel team and several hospitals “suffered significant disruption” due to the attack. In some of their activities, the government’s advisory says, the attackers use common vulnerabilities to hide their involvement, use VPNs or virtual private servers to hide their location, and infiltrate networks. The attackers used their own proprietary malware along with ransomware from other groups like Lockbit.
Operators of Chinese bot accounts on Twitter and Facebook have circulated news videos promoting China’s global politics and inaction on gun violence in the US. The message is not new, but there is a different twist to the propaganda: the news in the videos is that one man and one woman are not real. They are AI-generated characters, commonly known as deep fakes. The videos were discovered last year by graphica, a disinformation research firm, which said it was “the first time we’ve seen this in the wild”. The company said it believes the videos were created using a commercial AI video software service and are generally of low quality. None of the videos had more than 300 views.
Researchers from universities in the UK and Ireland have found that leading Android phones in China are hoovering up people’s personal data. Operating systems pre-installed on Xiaomi, OnePlus and Oppo Realme devices are collecting people’s location, call history and profile data before sending it to third parties, according to a study by academics at Edinburgh and Trinity College Dublin. The researchers conducted the study on phones purchased in China and were able to measure the network traffic generated by the devices. In many cases, people write that they are not notified about the data being collected or given the option to opt out. The study reiterates how different privacy laws are in China compared to other parts of the world, and the myriad ways people can be tracked. “The information shared by the global firmware version is mostly limited to device-specific information,” the researchers concluded.
Reddit said on Thursday that hackers had access to its source code after a successful phishing attack compromised an employee’s system credentials. The incident exposed the contract information of hundreds of current and former Reddit employees and contacts. Reddit, owned by WIRED’s parent company Advance Publications, said the incident did not affect user passwords or production systems, but advised users to reset their passwords and ensure two-factor authentication is turned on for their accounts. The company says the lessons it learned after suffering a data breach five years ago helped prevent the most recent incident.
[ad_2]
Source link