Criminal hackers have also continued their extortion rampage related to a breach of the network equipment and firewall maker Accellion . The world of digital chess is in an uproar, and stooping to digital harassment, over accusations from a Twitch and YouTube chess star that an upstart challenger cheated in a match the master lost . And Google researchers developed a proof-of-concept browser exploit to raise awareness about the threat that speculative execution attacks , like those exploiting the infamous “Spectre” vulnerability, still pose to the web three years later.
The privacy-focused Brave browser launched its own search engine this week that's meant to give Google a run for its money without vacuuming up so much user data. And we took another look at the five best password managers to use right now. Now's a good time to brush up on them, especially given that Netflix may be cracking down on sharing passwords .
And there's more! Each week we round up all the news we didn’t cover in depth. Click on the headlines to read the full stories. And stay safe out there.
Sandy Hook Elementary School—as well as tech companies like Tesla and Cloudflare. More than 100 Verkada employees had access to thousands of customers' streams—an additional surprising and likely disturbing revelation for the clients' customers. Tillie Kottman, a hacker who claimed responsibility for the breach, said in a Mastodon post on Friday that officials raided their apartment in Lucerne, Switzerland, and confiscated their electronic devices. The search warrant was apparently related to an alleged hack from last year and not the Verkada breach.
Microsoft-Owned GitHub Takes Down Exchange Server ExploitSecurity researchers warned this week that a full, public proof-of-concept exploit for recently-patched Microsoft Exchange Server vulnerabilities would further roil a hacking frenzy that had already escalated in recent days. On Wednesday, independent security researcher Nguyen Jang uploaded one such exploit on the code repository platform Github. Within hours, Github had removed the post. The incident stoked controversy within the security community, because Microsoft owns both Github and Exchange Server. The idea that a corporate overlord might police content on Github, or otherwise encroach on the open source community, caused major controversy during Microsoft's acquisition of the service."We understand that the publication and distribution of proof-of-concept exploit code has educational and research value to the security community, and our goal is to balance that benefit with keeping the broader ecosystem safe," a Github spokesperson told Motherboard on Thursday. "In accordance with our Acceptable Use Policies, we disabled the gist following reports that it contains proof of concept code for a recently disclosed vulnerability that is being actively exploited."