It may be a new year, but mercenaries, scamsAnd dangerous people Didn't go anywhere by hiding online.
Just one day before the ball drops, The United States Treasury Department said it has been hackedOfficials believe the attackers are an as-yet-unnamed advanced persistent threat group linked to the Chinese government who exploited remote technical assistance created by BeyondTrust to carry out what the Treasury Department described as a “major” breach. Exploited flaws in the software. The company told Treasury on December 8 that attackers stole an authentication key, which ultimately allowed them to access the department's computers. While Treasury says the attackers were only able to steal “a few declassified documents,” new details have already begun to emerge, which we'll explore in detail below.
First UnitedHealthcare CEO Brian Thompson was murdered last month.If you look closely, gun silencers were mostly found in Hollywood movies or in Facebook and Instagram ads. WIRED found someone ran away Thousands of advertisements for “fuel filters” that are, in fact, meant to be used as gun silencers.Which are heavily regulated by US law. Meta, which owns Facebook and Instagram, has since removed many of the ads, but new ads keep appearing. So if you see one, keep scrolling – possessing an unregistered silencer can lead to serious charges.
When an Amber Alert push notification comes to your phone, getting all the information you need to help find a kidnapped child can literally be a matter of life and death. That's a lesson the California Highway Patrol learned this week when it Sent an Amber Alert that linked to a post on X, which people couldn't access unless they were signed inWhile the CHP says it linked to posts on the social network without any problems from 2018 until this week, a spokesperson told WIRED they are now “looking into it”.
If you've added better privacy and security practices to your list of 2025 goals, An easy place to start is your old chat history.You might be surprised how much sensitive information is out there, perhaps forgotten but certainly not lost.
Not only this. Each week, we round up security and privacy news that we haven't covered in depth ourselves. Click on titles to read full stories. And stay safe there.
Apple this week agreed to pay $95 million to settle a class action over alleged spying on its Siri voice assistant. trial, Lopez et al v. Apple Inc.accused Apple of recording people's conversations without their knowledge and sharing that data with third parties to serve ads. The issue arose from Siri's voice-activation function — “Hey, Siri” — which the two plaintiffs say secretly captured conversations, resulting in ads for Nike shoes and Olive Garden. A plaintiff claimed that he was given an advertisement for medical treatment after a conversation with his doctor. Those who qualify as part of the class covered by the settlement, which must be approved by a federal judge in California, could get up to $20 per device for up to five devices. As Reuters reported, the settlement amount amounts to about a nine-hour profit for Apple, which made about $94 billion in the last fiscal year. Under the agreement the company will not admit any wrongdoing.
Recently unsealed court documents revealed that the FBI discovered “the largest seizure of homemade explosives in FBI history” during an allegedly illegal firearm search. According to court records, the explosive arsenal was found in Brad Spafford's Virginia home, where investigators reportedly found more than 150 pipe bombs and other explosive devices. Prosecutors say the FBI found a backpack containing pipe bombs and a grenade-shaped patch with the hashtag #NoLivesMatter — a possible reference to a far-right extremist. “Accelerationist” Group, New York Times reportWhile prosecutors claim Spafford – who allegedly used a photo of US President Joe Biden for target practice – aimed to “bring back political murders”, his lawyer argues he was a harmless “family man”. “is the one who should be released
Following revelations earlier this week that Chinese state-backed hackers broke into the U.S. Treasury in early December, The Washington Post reported Wednesday that the hackers specifically targeted the Office of Foreign Assets Control. The attackers may have been looking for information about the office's possible plans to impose sanctions on Chinese entities. Additionally, Bloomberg informed It was reported Thursday that the attackers targeted the computers of senior Treasury officials, where they were able to access unclassified material. So far, investigators have identified around 100 computers allegedly hacked by the hackers. However, sources told Bloomberg that the attack appears to be more a crime of opportunity than a covert, long-planned operation like China's recent intrusions into U.S. telecom companies.
As China's Treasury hack comes into focus, the impact of its infiltration of US telecommunications companies is still widening. Two days after Christmas, Anne Neuberger, the White House deputy national security adviser for cyber and emerging technologies, held a briefing with reporters in which she raised the number of telecommunications breaches by Chinese hackers, known as Salt Typhoon, to eight. to nine and suggested that at least some of the blame for those violations lay with the companies' own inadequate security. “The reality is that, what we are seeing with respect to the level of cybersecurity implemented in the telecommunications sector is that those networks are not as defensive as they should be to defend against a well-resourced, capable offensive cyber actor like China, ” Neuberger said. He said the hackers had targeted the communication histories of fewer than 100 people — mostly in Washington, D.C., including reportedly President-elect Donald Trump and Vice President-elect J.D. Vance. Neuberger said the spying incident calls for new Federal Communications Commission cybersecurity rules, which he says could have limited the scope of the breaches if they were in place.
Cars collect and transmit as much sensitive location data as any modern digital device, and the privacy flaws of all that tracking are becoming all too apparent. Case in point: A whistleblower warned Germany's Chaos Computer Club and the country's Der Spiegel news outlet that Volkswagen subsidiary Caride had exposed a large portion of the location data of 800,000 electric vehicles online. The leak included cars sold by not only Volkswagen but also other brands including Seats, Audi and Skoda. For Audi and Skoda, that location data was only accurate to within six miles, but Volkswagen and Seats cars could be located to within about four inches. The exposed data has since been secured, but the incident nonetheless shows how far car makers still have to go to rein in their data collection.