If it suddenly seems that someone the whole of the More Data BreachesYou might be right. Part of this apparent surge is thanks to The growing popularity of Infostealer malwareThis type of malicious software is being used by cybercriminals to steal more and more login credentials and other sensitive data. The stolen data is then sold on criminal hacker forums, then used to break into the accounts of victims, which can include large companies. This is a good reminder to always remember Enable multi-factor authentication Wherever it is available.
A security researcher disclosed the discovery this week Sensitive information is present in more than a dozen unsecured databases About voters in all counties in Illinois. The data collected by the government contractor includes driver license numbers, Social Security numbers, death certificates and more. While election security has generally improved in recent years, this episode illustrates how difficult it can be to protect all voter data at all times.
The history of confidential FBI informants is long and sordid — and continues. Wired Probe Reports published this week revealed how an informant infiltrated right-wing groups and handed over their secrets to the feds — all while advancing the hateful ideologies he helped inspire A new generation of violent extremists online,
Hacking computers with a laser has always been a rich person’s game – until now. Security researchers Sam Beaumont and Larry “Patch” Trowell are releasing a reportOpen source Ledger hacking tool called Revi LiteIt can be built for just $500, a tiny fraction of the $150,000 price of laser equipment historically used for hardware hacking. The pair will explain the Revi Lite in detail at next week’s Black Hat security conference in Las Vegas. (WIRED will be on the ground for Black Hat and Defcon, Other (There’s a big security conference in Vegas next week, so check back for our full coverage starting Tuesday.)
Ultimately, we Dig into the finer details of OpenAI’s ChatGPT-4o Laying out the privacy wins and pitfalls of generative AI tools.
But that’s not all. Each week, we feature big news stories on security and privacy that we haven’t covered in-depth ourselves. Click on the headlines to read the full stories. And stay safe.
In historic prisoner swap between US and Russia, The Wall Street Journal Reporter Ivan Gershkovich And former Marine Paul Whelan was released from Russian custody on Thursday. The White House said the secret deal, which spanned more than a year, involved 24 prisoners: 16 from Russia to the West and eight from the West to Russia, including two cyber criminals. NBC News report This is possibly the first time the US has released international hackers in a prisoner swap.
The two Russian hackers are Roman Seleznev and Vladislav Klushin. Seleznev was sentenced to 27 years in prison in 2017 for racketeering. According to the US Department of JusticeHe installed malware on point-of-sale system software that allowed him to steal millions of credit card numbers from more than 500 U.S. businesses. In September 2023, Klushin was sentenced to nine years in prison. US prosecutors said It has been described as a “$93 million hack-the-trade conspiracy”.
Meta, the parent company of Facebook and Instagram, will pay $1.4 billion to settle a lawsuit filed by the Texas attorney general, whose office accused the social media giant of illegally capturing the biometric data of millions of Texans. In 2022, the state sued Meta over its implementation of a feature that used facial recognition to suggest people to tag in photos and videos uploaded to Facebook. Prosecutors say the feature, initially called Tag Suggestions, violated a Texas law that makes it illegal for companies to capture and profit from someone’s biometric identifiers without their consent. While Meta did not admit to any wrongdoing as part of the agreement, it is the largest privacy settlement ever obtained by a state, according to Texas Attorney General Ken Paxton’s office.
Microsoft Azure suffered a widespread outage that affected multiple services — including Microsoft 365 products like Office and Outlook — caused by a cyberattack, the tech company revealed on Wednesday. The incident lasted about eight hours on Tuesday and affected “a subset” of customers globally, according to Microsoft’s Azure status history page.
The company described the attack as a distributed denial of service, which is a malicious attempt by hackers to disrupt the operations of a targeted company by flooding its infrastructure with internet traffic. According to PCMagTwo hacktivist groups have claimed responsibility for the incident. Microsoft plans to publish a review of the incident.
