As civil rights protections and law enforcement powers evolve, researchers underscored the digital self-defense value of end- to-end encryption.
Users will be able to choose to run their phone in a more limited but more secure mode if they are at risk of being targeted with malicious software. The National Institute of Standards and Technology has announced that it will be difficult to test the new ciphers for years to come.
That's not the whole story. We don't break or cover the news in-depth. To read the full story, click on the headline. Staying safe out there is important.
In one of the largest data breeches of all time, attackers grabbed data of almost 1 billion Chinese citizens from a Shanghai police database and tried to extort $200,000 from the department. The data includes names, phone numbers, and government ID numbers. Researchers found that the database was secure, but that the dashboard was open to the public and could be accessed by anyone with basic technical skills. The Chinese government is notorious for having huge amounts of data, not only about its own citizens, but about people all over the world. The United States Office of Personnel Management and the credit bureau Equifax had their data exposed.
"China is the biggest long-term threat to our economic and national security," said Christopher Wray, the director of the FBI. China has interfered in elections and other political proceedings around the globe. One of the worst business disruptions the world has ever seen would be caused by China seizing Taiwan. Since the beginning of the year, MI5 has conducted seven times as many Chinese Community Party-related investigations as it did in the previous year. British officials were trying tohype up the China threat theory. He said that MI5 should rid itself of demons.
HackerOne, which manages vulnerability submission and reward programs for companies, fired an employee for stealing vulnerability disclosures and submitting them to affected companies for personal gain. The scheme was discovered when a customer company flagged a vulnerability disclosure that was suspiciously similar to one it had received in June. A new employee at the company gained access to HackerOne's platform and made seven vulnerability disclosures using stolen research. HackerOne wrote in an incident report that this was a clear violation of the values and culture of the company. We have strengthened our defense to avoid similar situations in the future.
The United States Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation, and Treasury Department said in a joint alert this week that the healthcare and public health sectors have been targeted by North Korean hackers. Paying such ransoms could be against US sanctions. The alert warns that North Korean state-sponsored cyber actors used Maui Ransomware in the incidents to protect healthcare services. Some of the services provided by the HPH Sector organizations were disrupted.