As the so-called Department of Government Efficiency continues to rampage through the U.S. government, through a comprehensive cut to the federal workforce. Many ongoing lawsuits claim that the group has obtained sensitive data in violation of the Watergate-Inspired Privacy Act of 1974 And its activity needs to be stopped. Meanwhile, Doge’s Cybersecurity and Infrastructure Security Bureau this week Obtained access to CISA digital system The organization has Frozen his eight-year-old election security plan Last weekend.
this National Institute of Standards and Technology is also preparing for the firing of about 500 employees this weekThis may have a serious impact on NIST’s cybersecurity standards and software vulnerability tracking efforts. And cuts in US digital services last week Including the head of cybersecurity at the central Veterans Affairs Portal VA.GOVpotentially making VA systems and data more vulnerable without his role.
Many U.S. government departments are now Consider banning TP link routers made in China After the recent radical Chinese digital espionage. (The company denies any connection to the cyber attack.) A wired investigation found Users of Google Ad Technology can target categories that the company’s policies should not be availableincluding people with chronic illness or debt. Advertisers can also target national security “decision makers” and people involved in the development of confidential defense technology.
Google researchers warned this week Hackers bound to Russia have been tricking Ukrainian soldiers who use fake QR codes to inviting signals This exploits a flaw that allows an attacker to monitor target messages. Signal has been released to stop development. How difficult is it to study the hardest to even connect the most connected web users Involuntary intimate images and videos removed from the network.
And more. Every week, we fill in security and privacy news that we don’t cover in depth. Click on the headlines to read the full story. And stay safe.
Running a cryptocurrency exchange is a risky business because it involves victims like Gox, Bitfinex, FTX and many others that can be proven by others. However, no platform has ever bought and sold cryptocurrencies, and a single robbery lost 10 dollars in dollars. The new record belongs to Bybit, which revealed on Friday that the thief cut off its Ethereum-based holdings. According to estimates by cryptocurrency tracking company Elliptic, the hackers totaled $1.4 billion, the largest cryptocurrency theft ever.
Bybit CEO Ben Zhou wrote on X that hackers used “distribution transactions” (probably a spelling error on “masked transactions”) to deceive the exchange, signing the exchange with a password, signing a control smart contract. The code controls a wallet, which holds its stock, holds its stock in its stock. Ethereum. “Don’t worry, all other cold wallets are safe,” Zhou wrote, suggesting that the exchange is still a solvent. “All withdrawals are normal.” Week later added in another note on X that the exchange will be able to make up for losses if True indicates no user will lose their funds.
Theft caused historic hackers such as other historic crypto exchanges, such as Gox and FTX, each losing cryptocurrency, worth hundreds of millions of dollars when the theft was discovered. Even the stolen trophy in the 2016 Bitfinex robbery was worth nearly $4.5 billion at the time when the thief was worth nearly $72 million and most of the funds recovered in 2022 were worth only $72 million at the time of theft. Bybit’s $1.4 billion is a much greater loss through such a measure, and considers that all crypto thefts in 2024 totaled $2.2 billion.
The UK government issued a global privacy alert when it asked Apple to access users’ end-to-end encrypted iCloud data earlier this month. This data is protected by Apple’s advanced data protection feature, which encrypts stored user information, so no one else can decrypt it, not even Apple, except the user. Now, Apple has succumbed to the pressure from the UK to disable the end-to-end encryption feature of iCloud nationwide. Even if it turns off protection, Apple expressed its reluctance in a statement: “Enhanced security of cloud storage with end-to-end heating is more urgent than ever.” “Apple remains committed to our Users provide the highest level of personal data security and hope we can do so in the UK in the future. “Privacy advocates around the world believe this move, along with the UK’s driving force, will undermine the security and privacy of British citizens and make technology Companies are vulnerable to similar surveillance requirements from other governments around the world.
The only thing worse than the scourge of Stalkerware apps is that when these apps are so sure that they also leak information about their victims, they can install malware or other hands-on spies on their phones. Monitor all victims’ actions and communications. Go online. According to security researchers for both applications, due to the security vulnerability of the two applications, Stalkerware Apps Cocospy and Spyic appears to be developed by someone in China and shares the same source code to a large extent, This has allowed data to steal millions of victims. Defects and sharing of information related to TechCrunch. The exposed data includes messages, call logs and photos, and TechCrunch was discovered. In the Karma Twist, it also includes millions of email addresses for registered users of Stalkerware who themselves have installed these applications to monitor victims.
