Elsewhere we took a look at a data leak at adult cam site CAM4, which exposed 10.88 billion records to the open internet , including names, sexual orientations, payment logs, and email and chat transcripts. The good news is that a relatively very small number of people could actually have been identified by data, and CAM4 says no malicious hackers found it. The bad news is, well, pretty self-evident.Other bad news: A Facebook bug caused popular iOS apps like Spotify and TikTok to crash repeatedly for a couple of hours this week. That's not the end of the world, but it's a reminder of just how far Facebook's reach extends, and how much data it pulls from apps you use even if you don't have a Facebook account. Separately, a new ransomware for hire called LockBit seems poised to cause big headaches on a large scale.
It's not all doom and gloom! GitHub this week took a big step toward securing open source code, rolling out an Advanced Security tool that will automatically spot flaws and exposed credentials.
The secure messaging app Telegram was hit with a massive DDoS attack as protests erupted in Hong Kong this week. As protests erupted in the streets of Hong Kong this week, over a proposed law that would allow criminal suspects to be extradited to mainland China, the secure messaging app Telegram was hit with a massive DDoS attack.
And there's more. Every Saturday we round up the security and privacy stories that we didn’t break or report on in depth but think you should know about. Click on the headlines to read them, and stay safe out there.Zoom Buys Keybase to Score Security CredAs millions of isolated people have flocked to Zoom to connect with socially distanced family, friends, and coworkers, the company has faced criticism for security and privacy shortcomings . And while it's taken steps in the last month or so to shore up its defenses—including signing on some high-profile advisers—its most significant step came this week, when it announced the acquisition of Keybase , a company that specializes in the kind of end-to-end encryption that Zoom has yet to fully implement. It's important to note that Zoom's security posture is not uniquely bad, or even all that concerning for the vast majority of people. But its robust response to public pressures gives it a chance to be one of the most secure video chat platforms out there, assuming it lives up to its promises.
Nest Makes Two-Factor Authentication MandatoryInternet-connected cameras from Nest and Ring have a bit of an ignominious history of hackers breaking into user accounts and scaring the bejeebus out of their owners. For instance: A little over a year ago, a disembodied voice commanded emanated from dozens Nest cams commanding those within earshot to subscribe to PewDiePie's YouTube Channel. These takeovers don't stem from vulnerabilities in the products themselves, but owners reusing passwords, or making them easily guessable. To quash the hostilities, Nest announced this week that it will require two-factor authentication by default, meaning a password alone won't be enough to force your way into someone's account.
A GoDaddy Breach Went Undetected for Six MonthsGoDaddy announced this week that it had suffered a breach affecting 28,000 of its 19 million customers. The attackers gained access to log-in information, but GoDaddy says it has no evidence yet that it used that access to add or modify hosted files. The attack also impacted only hosting accounts rather than primary GoDaddy accounts. The more troubling details in all this might be how long the breach persisted; attackers gained access on October 19 of last year, and weren't discovered until April 23, which amounts to six months of lurking in the system.
Ransomware Hits Europe's Largest Private Hospital ChainAs expected, the ransomware attacks have picked up amid the Covid-19 pandemic. This week, Europe's largest private hospital chain, Fresenius, reported that it had been hit by Snake ransomware, a relatively new strain also known as Ekans that has historically targeted the industrial sector. Fortunately, patient care appears unaffected at this time.
- 27 days in Tokyo Bay: What happened on the Diamond Princess
- To run my best marathon at age 44, I had to outrun my past
- Why farmers are dumping milk, even as people go hungry
- What is fleeceware, and how can you protect yourself ?
- Tips and tools for cutting your hair at home
- 👁 AI uncovers a potential Covid-19 treatment . Plus: Get the latest AI news
- 🏃🏽♀️ Want the best tools to get healthy? Check out our Gear team’s picks for the best fitness trackers , running gear (including shoes and socks ), and best headphones