SIMILAR ARTICLES:

I Bought Used Voting Machines on eBay for $100 Apiece. What I Found Was Alarming

A Top Voting-Machine Firm Calls for Paper Ballots

Security News This Week: Telegram Says China Is Behind DDoS

Browser Extensions Scraped Data From Millions of People

Security News This Week: Julian Assange Faces Extradition to the US

Security Roundup: Facebook 'Unintentionally' Collected Email Contacts of 1.5 Million Users

Security News This Week: The US Tracked Journalists Reporting on the Migrant Caravan

Google Play Store’s Malware Problem, and More Security News This Week

A Boeing Code Leak Exposes Security Flaws Deep in a 787's Guts

States Need Way More Money to Fix Crumbling Voting Machines

How a 10-Year-Old Desk Phone Bug Came Back From the Dead

Google's Stadia Gaming Service, Election Security, and More News

Security News This Week: A Teen Waltzed Into Mar-a-Lago

Hackers Found a Freaky New Way to Kill Your Car

The Huawei Threat Isn't Backdoors. It's Bugs

Russia Is Going to Up Its Game for the 2020 Elections

A Mystery Agent Is Doxing Iran's Hackers and Dumping Their Code

Cryptocurrency Company Hacks Itself Before Hackers Can Hack It

Hacker Eva Galperin Has a Plan to Eradicate Stalkerware

Turn On Auto-Updates Everywhere You Can

Bluetooth's Complexity Has Become a Security Risk

Political Parties Still Have Cybersecurity Hygiene Problems

WannaCry Hero Marcus Hutchins Won't Go to Jail for Old Hacking Crimes

Microsoft's BlueKeep Bug Isn't Getting Patched Fast Enough

Election Systems Are Even More Vulnerable Than We Thought

Security News This Week: Election Systems Are Way More Vulnerable Than We Thought

Alamy
Hacker summer camp is here again! You know what that means: WIRED is back in Las Vegas for the annual Black Hat and Defcon security conferences, where we’re digging into the latest and greatest hacks on display. First, let’s talk about iPhones. A researcher found it’s possible to break into one just by sending a text message . To help uncover similar vulnerabilities in the future, Apple is handing out new, hacker-friendly iPhones to its favorite security researchers, and paying up to $1.5 million in bug bounties.Moving on to planes. Boeing’s 787 jets might not be very secure , it turns out—Andy Greenberg talked to a security researcher who found multiple serious flaws in the code for one of the plane’s components. (The 787 is distinct from the 737 MAX plane grounded earlier this year, although a recent test flight of that jet had its ups and downs , as WIRED’s transportation desk reports.)That’s not all that’s happening in Vegas. Safecrackers can unlock an ATM in minutes without leaving a trace. Apple pay buttons can make websites less safe. Have you heard of DDOS attacks ? Kindly meet their cousin, the DOS attack . Lily Hay Newman also looked at two very old bugs that have continued to persist, one in desk phones and another in a ubiquitous encryption algorithm . Lastly, check out this very cool fake hospital , where real medical devices get hacked on purpose.Last weekend, a gunman killed 22 people and injured 24 others when he opened fire at a Walmart store in El Paso, Texas. Police are investigating whether he published a white supremacist manifesto to the social media site 8chan shortly before the attack, as several previous mass shooters have this year. Earlier this week, internet infrastructure company Cloudflare pulled its support for 8chan, sending the site offline. Here’s the story of how 8chan came to be , and what scientists say can be done to prevent gun violence .Facial recognition is suddenly everywhere. Should you be worried ? Probably! WIRED also dug into court documents to tell the story of a Pakistani man who allegedly paid AT&T employees more than $1 million to “unlock” two million cellphones. The man has now been extradited to the United States, according to a DOJ indictment unsealed this week.

And there’s more. Every Saturday, we round up the security and privacy stories that we didn’t break or report on in depth, but which we think you should know about nonetheless. Click on the headlines to read them, and stay safe out there.

US Election Systems Left Exposed Online

Election officials have long claimed that crucial voting systems never connect to the internet—and, therefore, that they're safe from hacking. But a group of security researchers told Motherboard this week they found what look like election infrastructure online in 10 states, including swing states like Wisconsin, Michigan, and Florida. The voting systems are made by Election Systems & Software, the top voting machine company in the US. Some of the equipment is used to transmit preliminary results on the night of an election, while other backend systems tabulate the official outcomes. ES&S claims the systems aren't connected to the public internet, but the research demonstrates how little federal election authorities understand about how voting technology actually works.

A Marketing Firm Was Scraping Data From Instagram, Cambridge Analytica–Style

HYP3R was supposed to be one of Instagram’s “preferred marketing partners.” But according to a report in Business Insider, the San Francisco company was siphoning off data to create detailed consumer profiles, which included people’s locations, photographs, and more. Instagram has now taken HYP3R off its platform, and sent the firm a cease and desist notice. HYP3R disputes that it broke any of Instagram’s rules. The social media app, which is owned by Facebook, told Business Insider it also made a product change to prevent other companies from similarly scraping data in the future. But more than one year after the Cambridge Analytica scandal broke, the incident indicates that Facebook still needs to work to stop third parties from taking user data.

This WhatsApp Flaw Lets Hackers Alter Messages

The cybersecurity firm Check Point Software Technologies says it’s identified a series of nasty bugs inside WhatsApp, according to a report in Bloomberg. The firm reportedly found three ways to covertly alter conversations, allowing someone to trick the person they're messaging. In one, which has been fixed, a person could send a fake private message to one member of a group chat disguised as a public message. When the person responded, their message would be shown to the entire group, instead of just the sender. The other two flaws have not been patched. WhatsApp disputes the issues amount to a security vulnerability, and said in a statement to Bloomberg that they’re “merely the mobile equivalent of altering replies in an email thread to make it look like something a person didn’t write.”
  • The weird, dark history of 8chan and its founder
  • 8 ways overseas drug manufacturers dupe the FDA
  • Listen, here’s why the value of China’s yuan really matters
  • A Boeing code leak exposes security flaws deep in a 787
  • The terrible anxiety of location sharing apps
  • 🏃🏽‍♀️ Want the best tools to get healthy? Check out our Gear team’s picks for the best fitness trackers , running gear (including shoes and socks ), and best headphones .
  • 📩 Get even more of our inside scoops with our weekly Backchannel newsletter
  • #security roundup

READ ALSO:

Election Security Is Still Hurting at Every Level

The Russian meddling that rocked the 2016 United States presidential election gave the public a full view of something election officials and advocates have warned about for years: weak voting infrastructure and election systems around the US, and a lack of political will and funding to strengthen them.

The article source: www.wired.com
Tags: security, week, election, reports, report, firm, instagram, company, year, researcher, research, group,