The US Emergency Alert System Has Dangerous Flaws

Police use cryptocurrencies to investigate everything from child abuse to fraud. It may be put to the test in the near future.

This week, we reported on new court filings from the legal team representing Roman Sterlingov, who has been in jail for 15 months and is accused of money-laundering. The defense attorney for Sterlingov claims that the analysis that was used to prove his innocence is flawed.

Microsoft has a bug-hunting team that tries to catch flaws in the company's software before they cause problems for the company's 1 billion users. The new post-quantum cipher failed spectacularly. All the big security updates you need to be on top of from July were listed, as well as the data that Amazon's Ring cameras collect about you.

An attack on Albania's government has the hallmarks of state-sponsored Iranian hacking, which is a notable moment in the history of cyberwar. The hashed passwords were exposed for five years by a mistake on a messaging service.

That is not the only thing. The news we didn't cover is highlighted each week. The full stories can be found below. Stay safe out there.

This is not an exam. The Federal Emergency Management Agency and a security researcher found flaws in the software that could allow an attacker to broadcast false messages. The TV and radio networks that use the software to update their devices have been warned by the FEMA. The system is at risk if patches aren't universally adopted. There is no proof that an attacker has exploited the flaws. We will just have to hope that it stays that way.

It would be bad if one major theft of cryptocurrencies in a week happened. Hundreds of people were able to steal a collective $190 million in cryptocurrencies because of a flaw in the Nomad bridge. If you return 90 percent of the funds you stole, you will be considered a white hat and can keep the remaining 10 percent. The stolen funds have been recovered.

The second hack of the week took place on Tuesday night, with hackers draining around 8,000 "hot" wallets, which are connected to the internet, allowing them to steal around $5 million. The exploit was caused by a bug in software used by several software wallet popular among users of the network.

It is one thing to know what NSO Group can do, but another to see it for yourself. Reporters at Israel's Haaretz got their hands on never-before-seen screenshots of Syaphan, a prototype of NSO's now-infamous Pegasus spyware, which has retained a lot of the look and function of its predecessor. Operators have the ability to access call logs and messages, as well as cameras and microphones, which can be used to spy on people.

A growing number of scandals have been caused by the government's use of software. The general secretary of the prime minister's office and the head of Greece's intelligence service quit yesterday. Their departures follow a complaint filed by the head of the socialist PASOK party, who alleged that his phone had been targeted by a company called Cytrox. The prime minister's office maintains that the resignations and the allegations are unrelated. It said in a statement that neither he nor the government are connected to the matter.

Remember when everyone was angry at DuckDuckGo? The company says that the thing you were angry about has been fixed. DuckDuckGo's privacy browsers allowed some third-party Microsoft tracking scripts, which was discovered by security researcherZachEdwards back in May. DuckDuckGo, which has a partnership with Microsoft, has expanded its 3rd-party tracker loading protection to include 21 more domains, thus blocking the bulk of Microsoft tracking script on websites accessed via its mobile DuckDuckGo Privacy Browser. Advertisers can use the bat.bing.com domain to track clicks from Duck DuckGo. Is it a good one? No, even Duck DuckGo admits that. Privacy improvements over mainstream browsers and search engines are still possible.