Elsewhere, we took a look at why two-factor authentication isn’t always the answer —even though it’s still essential in certain situations . We talked you through making your social media posts private when you want them to be. And we detailed how a fleet of click fraud apps snuck past Apple’s vaunted App Store defenses .We also explored technology’s role in the ongoing Hong Kong protests —on both sides—and ran through some quality password manager options .Lastly, set aside some time this weekend to read this in-depth profile of secretary of state Mike Pompeo , who finds himself at—or at least near—the center of the increasingly alarming Ukraine investigation. It’s a doozy.
And there's more! Every Saturday we round up the security and privacy stories that we didn’t break or report on in-depth but which we think you should know about nonetheless. Click on the headlines to read them, and stay safe out there.Rudy Giuliani—lawyer to an embattled president, unlikely proprietor of a cybersecurity firm—managed to butt-dial NBC News reporter Rich Shapiro not once, but twice in the last several weeks. The substance of the three-minute voicemails Giuliani inadvertently left seems inconclusive, although the most recent does include Giuliani's extremely relatable lament that "the problem is we need some money." And sure butt-dialing is a universal experience. But for someone in the middle of, let's conservatively say, several legally dubious narratives to take so little care with his outgoing communications is quite something! Especially given that this seems to be at least a semi-regular occurrence:
Giuliani may be as divisive a character as exists in American politics today, but in the annals of butt-dialing, mark him down as a legend.Adobe Creative Cloud. A security researcher discovered 7.5 million records sitting in an Elastisearch database that was easily accessible online. Adobe reportedly secured the database the same day it was discovered, October 19. No payment information leaked out, and there's no indication that it had been compromised by bad actors. But it still included details like email accounts, what Adobe products in use, member IDs, and when the account was created.
the Red Cross, UNICEF, the UN, and more. It's unclear who's behind the attack, but its goal appears to be breaking into Microsoft and Okta accounts. The scam set up a series of convincing fake websites, and would capture username and password data as entered in real-time. It's not unusual that these groups would be targeted, but the sophistication of the campaign is both impressive and worrying.
Dimitrios Vastakis was the branch chief of White House computer network defense until he resigned earlier this month. And when he did, Axios reports, he left behind a resignation letter that called out just how irresponsible the White House's attitude toward cybersecurity has become. Experienced cybersecurity professionals are being forced out, the letter says, which ultimately makes White House cybersecurity less safe. That's especially concerning given the apparent lack of care given by President Donald Trump in the first place, and the prior elimination of important strategic cybersecurity roles . In other words, don't be surprised if a big White House hack happens—or if it already has.
- Pompeo was riding high—until the Ukraine mess exploded
- Maybe it’s not YouTube’s algorithm that radicalizes people
- The untold story of Olympic Destroyer, the most deceptive hack in history
- Massive, AI-powered robots are 3D-printing entire rockets
- USB-C has finally come into its own
- 👁 Prepare for the deepfake era of video ; plus, check out the latest news on AI
- 🏃🏽♀️ Want the best tools to get healthy? Check out our Gear team’s picks for the best fitness trackers , running gear (including shoes and socks ), and best headphones .