• December 1, 2021

California Man Stole 620,000 iCloud Photos in Search of Nudes

There’s a lot to worry about in the world today, so apologies in advance for this additional level of existential stress: New research indicates that in the event of a solar superstorm—the kind that hit in 1859—the internet could go down entirely, and take even longer than the power grid to restore. The risk lies primarily in the undersea cables that connect continents, which are inconsistently grounded and rely on components that a geomagnetic surge could disrupt. While solar storms of that magnitude are rare, they do happen—and internet infrastructure has never been tested against it.

anchor
anonymous
are speaking
article
article source
at bing
at yahoo
basics
best site
blog
bonuses
breaking news
browse around here
browse around these guys
browse around this site
browse around this web-site
browse around this website
browse this site
check
check here
check it out
check out here
check out the post right here
check out this site
check out your url
check over here
check these guys out
check this link right here now
check this out
check this site out
click
click for info
click for more
click for more info
click for source
click here
click here for info
click here for more
click here for more info
click here now
click here to find out more
click here to investigate
click here to read
click here!
click here.
click now
click over here
click over here now
click this
click this link
click this link here now
click this link now
click this over here now
click this site
click to find out more
click to investigate
click to read
clicking here
company website
consultant
content
continue
continue reading
continue reading this
continue reading this..
continued
conversational tone
cool training
Get the facts
Related Site
Recommended Reading
Recommended Site
describes it
description
dig this
directory
discover here
discover more
discover more here
discover this

Cheery! Although it admittedly does not get much better from there. Medical devices have a shoddy cybersecurity record as it is, and researchers this week shared details about vulnerabilities in an infusion pump that could let hackers administer extra doses. It’s a complicated attack to pull off, but a less sophisticated version of it could still enable a ransomware attack on a hospital’s network.

A privacy-unfriendly default setting in Microsoft Power Apps—a feature intended to make building web apps a cinch—resulted in the exposure of 38 million records across thousands of organizations. The data included Covid-19 contact tracing information from the state of Indiana, as well as a payroll database from Microsoft itself.

Another iOS “zero-click” attack came to light this week in a report from the University of Toronto’s Citizen Lab. These hacks require no interaction from the victims: no attachments opened, no links clicked. It’s the latest in a string of nation-state surveillance attacks against dissidents that takes advantage of holes in Apple’s iMessage security. There’s plenty that the company could do to make the messaging service safer for its most at-risk victims; the question is how far it’s willing to go.

While geofence warrants—which target anyone within a certain area at a certain time—have long been a concern of privacy advocates, new data released by Google recently shows just how broadly law enforcement has deployed them. The number of geofence warrant requests the company received since 2018 has gone up 10-fold, and they now comprise 25 percent of incoming warrant requests overall.

And there’s more! Each week we round up all the security news WIRED didn’t cover in depth. Click on the headlines to read the full stories, and stay safe out there.

A Los Angeles-area man pleaded guilty this month to four felonies in connection with a scheme that resulted in the theft of over 620,000 iCloud photos and videos from over 300 victims. Rather than a vulnerability in iCloud itself, the perpetrator relied on phishing and social engineering, sending “customer support” emails from Gmail addresses like “applebackupicloud” and “backupagenticloud.” He procured the private files both for his own purposes and by request—denoting photos and videos that contained nudity as “wins”—promoting an “icloudripper4you” service that offered to break into iCloud accounts. He now faces up to 20 years in prison.

The Wall Street Journal this week ran an interview with the purported hacker behind this month’s devastating T-Mobile data breach. In it, the 21-year-old American describes T-Mobile’s security as “awful,” but doesn’t confirm whether he actually sold any of the data he stole and advertised on the dark web. The story goes into detail about the hacker’s background and the state of breaches generally; it’s definitely worth setting aside some time to read through.

The good news is that there’s no sign that any hacker actually abused the latest Microsoft Azure bug. The bad news is that if they had, they would have gained a scary amount of access—read/write privileges that could have let them view, edit, or delete at whim—to every database on the platform. Microsoft has since patched the vulnerability, but it’s a big one to have let slip through in the first place.

Speaking of Microsoft and security! A Razer bug made it a cinch to get system-level privileges on a Windows 10 device through the simple act of plugging in a $20 mouse. Razer said it’s going to fix the vulnerability, but it speaks to broader concerns about similar software that relies on the Windows “plug-and-play” setup.


More Great WIRED Stories

Leave a Reply

Your email address will not be published. Required fields are marked *