The world of Super Smash Bros. was also thrown into turmoil this week, as dozens of members of the community came forward with allegations of sexual misconduct. Elsewhere, Russian criminal gangs are getting into business email compromise —a fancy term for phishing scams—which can only end well. And hackers are actively exploiting a vulnerability in BIG-IP networking equipment , which will only end worse.It wasn't all bad news. Microsoft seized a bunch of domains tied to BEC activity . The robo-lawyer DoNotPay added a new service that not only unsubscribes you from marketing emails, but signs you up for any class action lawsuits against the company that was spamming you. We also walked through how to passcode-lock any app on your phone .
Security News this Week: Palantir Manual Shows How Law Enforcement Tracks Families. If you happened to buy the Blue Smart hair straightener from Glamorizer—perhaps not even realizing it had Bluetooth capability, because why would it?—then TechCrunch is sorry to report but hackers could totally seize your device, and well, change the temperature of the hot iron remotely, if they wanted to.
And there's more! Every Saturday we round up the security and privacy stories that we didn’t break or report on in depth but think you should know about. Click on the headlines to read them, and stay safe out there.Dark Web Audit Finds 15 Billion Stolen CredentialsIt's no secret that hacker forums on the dark web are teeming with stolen credentials. But a recent audit from security firm Digital Shadows has put a number on just how large a problem that's become. The data loss detection firm found 15 billion login pairs—user names and passwords—stemming from 100,000 breaches. Five billion of those were unique. The survey also details pricing, which varies widely based on how recent the breach is and what type of site it accesses. Financial services and banking passwords, unsurprisingly, command a much higher sum than file sharing or video game accounts. As always, WIRED recommends using a password manager to minimize the fallout when a company coughs up your sign-in info.
Facebook Takes Down Roger Stone's PagesFacebook regularly takes down Pages associated with what it calls coordinated inauthentic behavior from countries like Russia and Iran. This week, though, it turned its attention stateside, taking down dozens of Pages and accounts associated with Donald Trump associate Roger Stone violating the platform's rules. Stone's personal Facebook and Instagram account were included the enforcement effort, along with a bunch of fake ones that promoted Stone's positions across a variety of topics.
15 Months of Fresh Hell Inside Facebook
Cops Are Paying for Access to Data from BreachesMotherboard reports this week that a company called SpyCloud, which sells access to data obtained by criminals in breaches, has marketed its services to law enforcement agencies. The practice would enable police or other government organizations to do an end-around of due process, by potentially collecting data from a huge number of civilians, whether they've been accused of a crime or not, without a warrant.German Police Seize DDoSecrets ServerLate last month, the group DDoSecrets hosted a massive trove of hacked law enforcement data that had been passed to it by someone claiming an affiliation with Anonymous. This week, German authorities seized the web server that hosted the so-called BlueLeaks collection, at the behest of the US government. DDoSecrets remains undeterred, but the site that had hosted BlueLeaks remains down as of press time.
This week, the Chinese firm QiAnXin spotted Russian hackers—possibly affiliated with the groups Sandworm and Fancy Bear —sending phishing emails laced with malicious document attachments to Ukrainian targets.Meanwhile, the Vietnamese security firm VinCSS detected a high volume of novel coronavirus-related phishing emails over the last two weeks attributed to government hackers.
- My friend was struck by ALS. To fight back, he built a movement
- 15 face masks we actually like to wear
- This card ties your credit to your social media stats
- Passionflix and the Musk of Romance
- Live wrong and prosper: Covid-19 and the future of families
- 👁 The therapist is in—and it's a chatbot app . Plus: Get the latest AI news
- 💻 Upgrade your work game with our Gear team’s favorite laptops , keyboards , typing alternatives , and noise-canceling headphones