Facebook also did good this week, managing to add safety alerts to its Messenger app to let people know when a scammer or worse might be on the other end of the chat, all without breaking the end-to-end encryption of its Secret Conversations feature . And while researchers concocted a dangerous new amplification technique for distributed denial of service attacks—one that could potentially have crippled large portions of the internet —the affected companies appear to have protected themselves against it before a bad actor got wise. And Chrome took a big step to shut down cryptojacking and other resource-draining ads .
The secure messaging app Telegram was hit with a massive DDoS attack as protests erupted in Hong Kong this week. As protests erupted in the streets of Hong Kong this week, over a proposed law that would allow criminal suspects to be extradited to mainland China, the secure messaging app Telegram was hit with a massive DDoS attack.
We took a look at ShinyHunters , a hacking group that hit over a dozen companies at the beginning of May in search of dark web profit. A hardware wallet is still the safest place to stash your cryptocurrency, but new research is a healthy reminder that they're not infallible . And if you're tired of spam, consider using one of these apps that provides a burner email to duck it.WIRED contributor Garrett Graff took a hard look at Secretary of State Mike Pompeo this week—and how deeply congressman Mike Pompeo would have disapproved of his behavior.
But the country's high court decided in December that blocking access violated its citizens' rights, and this week it was finally restored.This week Mick Baccio left his post over "differences with campaign leadership over how to manage information security," according to a report in the Wall Street Journal.
And there's more. Every Saturday we round up the security and privacy stories that we didn’t break or report on in depth but think you should know about. Click on the headlines to read them, and stay safe out there.Look Out, There's a Covid-19 Excel Phishing Scam on the LooseYep, it's another Covid-19 scam. Microsoft this week detailed a phishing effort that started on May 12. The campaign deploys emails that purport to be from the "John Hopkins Center"—the university's Center for Systems Science and Engineering has maintained a popular Covid-19 tracker—and include an Excel attachment that presents itself as US cases of the disease. If opened, the file downloads a macro and runs NetSupport Manager RAT, a legitimate remote support tool that can be used for nefarious purposes, specifically to download malware on a targeted device. So don't open any Excel files from Johns Hopkins! And if you want to see their Covid-19 map, go ahead and bookmark it.
An Early Build of iOS 14 Has Already LeakedApple keeps unreleased versions of iOS a closely guarded secret; even when an iPhone 4 famously leaked before it launched, the software remained a mystery. But it appears that an early version of iOS 14 has fallen into the hands of the iOS jailbreak community, according to a report this week in Motherboard. There had already been some hints that iOS 14 was out there; Apple news site 9to5Mac reported that it had seen leaked code back in March. But the apparent extent of the leak means hackers have ample time to prod the update for vulnerabilities—which could be trouble when iOS 14 actually launches.9 Million EasyJet Customers Impacted by Data BreachEuropean airline EasyJet revealed this week that a cyberattack had resulted in the personal information of nine million customers being stolen. Over 2,000 victims also had their credit or debit card information accessed, further exposing them to theft or fraud. EasyJet said that "highly sophisticated" hackers were behind the operation, and that it suspects that the target was intellectual property rather than customer data, but it's unclear what it's basing that assessment on.
40 Million Wishbone User Records Leak OnlineAnd another one! Wishbone is a site that lets you make an online poll; this week a hacker put 40 million of its user records for sale on the dark web. ShinyHunters (hello, again!) has taken credit for the breach, which appears to have taken place in January. Shortly after ZDNet first reported the dark web listing, the database leaked as a free download.
- How to sleep when the world is falling apart
- Why humans totally freak out when they get lost
- Silicon Valley rethinks the (home) office
- 26 Animal Crossing tips to up your island game
- Covid-19's scary blood clots aren't that surprising
- 👁 Is the brain a useful model for AI ? Plus: Get the latest AI news
- 💻 Upgrade your work game with our Gear team’s favorite laptops , keyboards , typing alternatives , and noise-canceling headphones