Amazon handed over Ring videos to police without a warrant. Websites are you A visit reveals (almost) everything about you. Whether you’re looking up health information, reading about trade unions, or researching details about certain types of crime, you can provide a huge amount of details about yourself that a malicious actor can use against you. Researchers this week described a new attack using basic web functions that can unmask anonymous users online. The hack uses common web browser features and CPU functions included in every major browser to analyze whether you’re logged into services like Twitter or Facebook and then identify you.
Table of Contents
Kilnet attacks countries that support Ukraine
Elsewhere, we have detailed how the Russian “hacktivist” group Kilnet attacks countries that support Ukraine but are not directly involved in the war. Killnet has launched DDoS attacks against official government websites and businesses in Germany, the United States, Italy, Romania, Norway and Lithuania in recent months. And this is just one of the many pro-Russian hacktivist groups causing confusion.
We have also seen a new privacy scandal in India where donors to non-profit organizations have their details and information handed over to the police without their consent. We also saw a new “Retbleed” attack that can steal data from Intel and AMD chips. And we took stock of the ongoing January 6 committee hearings and predicted what’s to come.
But that’s not all. Every week we’re surrounded by news that doesn’t break or isn’t covered in depth. Click on headlines to read full articles. And be safe out there!
Amazon-owned security camera company Ring
For years, Amazon-owned security camera company Ring has been cultivating ties with law enforcement. By early 2021, more than Amazon was hit 2,000 partnerships With police and fire departments across the US, authorities have created a massive surveillance network that can request videos to aid investigations. In the UK, the ring is partnered with police forces Give the locals cameras.
This week, Amazon admitted to handing over police footage recorded on Ring cameras without their owners’ permission. such as First reported by Politico, Ring has provided footage to law enforcement officials on at least 11 occasions this year. This is the first time the company has admitted to passing data without consent or a warrant. The move raises further concerns over the ring’s cameras, which have been criticized by campaign groups and lawmakers Invasion of people’s privacy And The ubiquity of surveillance technology. In response, Ring said it does not give anyone “unfettered” access to customer data or video, but can hand over data without permission in an emergency if there is a risk of death or serious harm to a person.
In 2017, the Vault 7 leaks exposed the CIA’s most secretive and powerful hacking tools. Files published by WikiLeaks show how the agency can hack Macs, your router, your TV and other devices. Investigators soon pointed to Joshua Schulte, a hacker in the CIA’s Operations Support Branch (OSB), which was responsible for finding exploits that could be used in the CIA’s missions. Schulte has now been found guilty Leaking Vault 7 files to WikiLeaks and potentially decades in prison. After an earlier mistrial in 2018, Schulte was found guilty of all nine charges against him this week. Weeks before his second trial, The New Yorker published this comprehensive feature Exploring the dark history of Schulte and how the CIA’s OSB operates.
Hackers linked to China, Iran and North Korea are targeting journalists and media outlets, according to new research by a security firm Proof point. In addition to attempts to compromise the official accounts of members of the press, according to Proofpoint, multiple Iranian hacking groups have posed as journalists and tried to trick people into handing over their online account details. The Iranian-linked group Charming Kitten has sent detailed interview requests to its potential hacking targets, and they have also attempted to impersonate multiple Western news outlets. “This social engineering tactic successfully exploits the human desire for identity and is leveraged by APT actors who wish to target academics and foreign policy experts around the world, possibly in an attempt to access sensitive information,” Proofpoint said.
In any company or organization, things go missing from time to time. Usually these are misplaced phones, security passes and occasionally files Left at bus stops by mistake. Losing any of these can create security risks if the devices are unsecured or if confidential information is made public. Less commonly lost are desktop computers—unless you’re the FBI. According to FBI records Acquired by VICE motherboard The agency lost 200 desktop machines between July and December 2021. Also body armor and night-vision scopes were lost or in some cases stolen.
Scams don’t get much wider than this. This week, police in India Fake “Indian Premier League” cricket tournament busted. A group of alleged scammers set up a fake league in Gujarat, western India, and recruited youngsters to play cricket matches, posing as professional teams while broadcasting the matches live for people to bet on. According to police, the group hired a fake commentator, created onscreen graphics showing real-time scores and played crowd noises downloaded from the Internet. To hide the fact that the matches took place on a farm rather than in a large stadium, the video feed only showed close-ups of the action. The police said that this gang was caught while the quarterfinal match was going on. The police believe it to be a gang Potentially running multiple leagues and planning to expand Also for the volleyball league. Match footage is available Worth watching.