Plenty of non-election news happened this week as well. Customs and Border Protection seized 2,000 OnePlus Buds, claiming they were counterfeit Apple AirPods. Then they doubled down . The Department of Justice charged Chinese hackers with breaking into video game companies in connection with a digital loot fencing scheme. Cloudflare and the Wayback Machine have joined forces to make sure more sites don't ever go down.We took a look at how Gen Z is trying to recruit more poll workers , because the kids truly are all right. And we ran down the safest ways to log into your computer , from strong passwords to biometrics.
The good news is that the so-called Simjacker attack revealed this week by AdaptiveMobile Security doesn't appear to affect the major US carriers.The Treasury Department this week leveled sanctions against three North Korean hacking groups, including the Lazarus Group, a team thought responsible for the 2014 hack of Sony Pictures and other major targets.
And there's more! Every Saturday we round up the security and privacy stories that we didn’t break or report on in depth but think you should know about. Click on the headlines to read them, and stay safe out there.A Billion Devices Are Vulnerable to Yet Another Bluetooth FlawResearchers have disclosed what they call a Bluetooth Low Energy Spoofing Attack, which focuses on the protocol's reconnection process rather than more common pairing vulnerabilities. With BLESA, the Purdue University team found that it could send spoofed data to a vulnerable device, causing various shenanigans. Windows devices aren't affected, and Apple has patched the flaw, but the researches said that Android many IoT devices were still susceptible as of June. Given the prevalence of Bluetooth Low Energy devices, the researchers estimate that billions may be impacted. It's yet another security concern for Bluetooth, whose complexity has made it increasingly harder to secure .
DoJ Unseals a Flurry of Indictments Against Iranian HackersThe Department of Justice this week released not one, not two, but three indictments against alleged Iranian hackers. The actual activity detailed in the charges doesn't come as much of a surprise; it's a lot of the usual spear-phishing and intelligence gathering, with some website defacement thrown in for good measure. The suspects haven't been apprehended, and may not ever be given that they're in Iran. But the DoJ has filed charges with increasing frequency in recent years, hoping to deter them by limiting their travel and exposing their techniques.
A VA Data Breach Affects 46,000 VeteransThe Department of Veterans Affairs this week disclosed that hackers had breached its Office of Finance computer systems and accessed the personal information fo 46,000 veterans. The hackers also appear to have "diverted payments from VA," though the agency declined to share any details in response to a WIRED inquiry earlier this week. The VA will offer credit monitoring services to veterans who may have had their Social Security numbers stolen as part of the hack.
Zerologon Vulnerability Would Have Let Anyone Control an Entire NetworkA recently patched Windows vulnerability would have given attackers who already have a foothold in a network to gain control of the Active Directory, which would have let the hacker run rampant on the system, distributing malware and adding computers as they saw fit. Called "Zerologon," the attack has a critical severity rating from Microsoft, so please patch. Like, yesterday.
- 📩 Want the latest on tech, science, and more? Sign up for our newsletters !
- A Texas county clerk’s bold crusade to transform how we vote
- Meet this year’s WIRED25: People who are making things better
- How to escape from an erupting volcano
- Too many podcasts in your queue? Let us help
- The blurred lines and closed loops of Google Search
- ✨ Optimize your home life with our Gear team’s best picks, from robot vacuums to affordable mattresses to smart speakers