These things do have a tendency to persist, after all. Take Flash, the software that launched a thousand vulnerabilities. While Adobe killed it dead-dead last week (for real this time) it will continue to persist and cause problems on some systems for years to come. Another potential problem-causer: Telegram, the messaging app that has exploded in popularity as users have fled WhatsApp over privacy concerns and Parler over its current state of nonexistence . While Telegram does offer end-to-end encryption, it's not on by default and not available at all for group chats , which may lead some users to expose themselves more than they might assume.
Click on the headlines to read them, and stay safe out there.iOS 14.2 Patches Three Actively Exploited BugsApple released its latest iOS update this week, and while the new emojis it comes with are exciting, you'll also want it to fix a raft of security issues for iPhone and iPad. iOS 14 patches 24 bugs in all, including three reported by Google's elite Project Zero team that are have been actively exploited by hackers.
Plans for an encrypted federal gun registry also challenged assumptions this week, offering a potential way to balance accountability with privacy for a hot-stove topic. And we took a look at how Facebook allows advertisers to target military categories , which could have worrisome consequences.Finally, be sure to read the first installment in the serialized novel we're running in WIRED this month and next. It's follows a conflict with China in 2034 that's pure fiction, but feels all too close to real.
And there's more! Each week we round up all the news we didn’t cover in depth. Click on the headlines to read the full stories. And stay safe out there.Update Your iPhone or iPad! Right Now!Most iOS updates contain some sort of security fix. But it's a more rare occasion that the vulnerabilities they patch are being actively exploited by hackers. That's the case with iOS 14.4, released earlier this week, which addresses not one but three bugs that attackers may be using in the wild, according to Apple's accompanying security update. These also aren't minor issues; the flaws in question, present in WebKit and the iOS kernel, would have allowed arbitrary remote code execution and privilege escalation, respectively, either of which could give a hacker a whole lot of access to your device and its data. Does that mean you've been hacked? Probably not! But there's no sense in risking it when you can protect yourself by installing the dang update already.
Hacker Leaks Data of Over 2 Million MeetMindful Dating App UsersNot all data leaks are created equal . In this case, ZDNet 2.28 million users of the MeetMindful dating app had information like their real names, dating preferences, geolocation, Facebook user IDs and authentication tokens, and "body details" shared as a free download on a hacking forum. According to ZNet, the forum thread that contained the download had been viewed over 1,500 times as of Sunday. Dating profile info is useful not only for identity theft, but also for more aggressive extortion schemes.
The Justice Department Takes Action Against Netwalker RansomwareRansomware has exploded lately , with hackers successfully targeting everything from hospitals to cities to international corporations . The DoJ this week took action against one of the many groups responsible for that scourge, arresting a Canadian man it alleges used Netwalker ransomware to shake down victims for a combined $27.6 million. Unfortunately, Netwalker is ransomware-as-a-service; the feds arrested an alleged affiliate rather than a core member of the group behind it. Still, progress is progress.
And Here's Someone Who Got Locked into His Chastity Belt by a Hacker
OK, well, it's been a long week and this is an interview with a guy who had to use bolt cutters to free himself from a chastity belt that a hacker had locked remotely. You deserve this.
- 📩 The latest on tech, science, and more: Get our newsletters !
- 2034, Part I: Peril in the South China Sea
- Why Instacart is laying off workers as deliveries soar
- Is this a fossilized lair of the dreaded bobbit worm ?
- How to back up your most important emails
- Flash is dead—but not gone
- 🎮 WIRED Games: Get the latest tips, reviews, and more
- 🏃🏽♀️ Want the best tools to get healthy? Check out our Gear team’s picks for the best fitness trackers , running gear (including shoes and socks ), and best headphones
The good news is that the so-called Simjacker attack revealed this week by AdaptiveMobile Security doesn't appear to affect the major US carriers.The Treasury Department this week leveled sanctions against three North Korean hacking groups, including the Lazarus Group, a team thought responsible for the 2014 hack of Sony Pictures and other major targets.