Hackers Target Porn Site Visitors Using Flash and Internet Explorer


As the presidential election looms, Microsoft said on Thursday that Russia’s military intelligence hackers, often called Fancy Bear or APT28, have targeted more than 200 organizations since September 2019, many of them election-adjacent. The revelation is the latest indication that nation-state hacking groups like Fancy Bear, which also sowed chaos during the 2016 US presidential election, remain a very real threat.

Which makes the whistle-blower complaint of former senior Department of Homeland Security intelligence official Brian Murphy, made public this week, all the more troubling. Murphy alleges that DHS leadership minimized intelligence findings and manipulated reports about Russia’s threat to the 2020 election and other topics, allegedly to align with President Donald Trump’s political agenda. On the topic of inappropriate politicization in US law enforcement and intelligence agencies during the 2016 election, former FBI agent Peter Strzok told WIRED this week, “Everything the FBI did that fall hurt Hillary and helped Trump.”

On Monday, Wikileaks founder Julian Assange began his defense against extradition to the US, which hinges in part on psychiatric assessments that he is at risk for self-harm. And smartwatches for kids are still a total security mess, even after years of warnings from researchers.

If you’re looking this weekend for some easy ways to guard your digital privacy, shore up your WhatsApp settings and consider these privacy-conscious alternatives to Google Maps.

And there’s more. Every Saturday we round up the security and privacy stories that we didn’t break or report on in depth but think you should know about. Click on the headlines to read them, and stay safe out there.

The hacking group dubbed Malsmoke is on a tear, infecting popular porn sites with malicious ads and then using them to infect victims with malware. Researchers from the security firm Malwarebytes say that the attackers have tainted “practically all adult ad networks.” In addition to midrange sites, the group also succeeded at displaying its malicious ads on the xHamster, one of the most popular adult sites in the world. Unfortunately, these types of attempted attacks are not unprecedented on adult content websites, but the campaign, which Malwarebytes has tracked for a few months, is particularly interesting because of the malware being used. Once a victim clicks a malicious ad, they are redirected to a page that attempts to start downloading malware if it can exploit vulnerabilities in Internet Explorer or Flash. Both are classic hacker targets that are being permanently retired in the coming months, in part because of their security issues. These Malsmoke attacks will only impact targets running vulnerable versions of Internet Explorer and Flash, which means they’ll soon be obsolete.

A July memorandum from the US Postal Service Office of Inspector General warned that there were “significant vulnerabilities” in six postal applications for three years, including “sensitive” digital services. The report said that the 12 types of vulnerabilities are well-known bugs that could have easily been exploited by hackers. The findings are not surprising given that US government agencies and affiliates have a truly dismal cybersecurity track record. The USPS told Motherboard this week that it has fixed the vulnerabilities.

The video-conferencing service Zoom announced on Thursday that it has added support for two-factor authentication in its desktop and mobile applications. Previously users could only utilize two-factor account protections on the web. Zoom launched a major initiative in April to overhaul its security offerings, but it has faced controversy even for some of these improvements. For example, Zoom initially said it would only offer end-to-end encryption to users with paid accounts, but after a backlash it reversed course to provide it universally. The expanded two-factor offerings will extend to both free and paid accounts.

Schools around the US have been preparing for delays and closures as a result of the Covid-19 pandemic, but this week schools in Hartford had their first day canceled for a very different reason: ransomware. In addition to impacting schools, the attack also disrupted emergency services like 911 and the police department. The attack began on September 5. Hartford officials were able to recover within a few days, though, and schools (which are running a hybrid model thanks to the pandemic) were open on Wednesday. Hartford invested roughly $500,000 last year to improve its cybersecurity defenses, and officials said that while this did not stop the attack, it did help the city recover quickly.


More Great WIRED Stories



Source link

Three tips to implement Kubernetes with open standards Previous post Three tips to implement Kubernetes with open standards
Blightbound interview: Dungeon-running, Early Access-style Next post Blightbound interview: Dungeon-running, Early Access-style