Ransomware, which reportedly targeted a critical Iowa grain cooperative and other targets, made headlines this week. WIRED spoke with DeSnake (the former number two on the dark web marketplace AlphaBay) to learn about his reemergence of AlphaBay and its relaunch four years after it was shut down by law enforcement. After the raids, AlphaBay's name was tarnished. DeSnake stated that he was here to rectify the situation.
Groundhog Day was a success, as Apple released iOS 15, its latest mobile operating system. The new OS includes a slew privacy features including detailed information about your apps, a mechanism for blocking email trackers, as well as a VPN-Tor Frankenstein monster called iCloud Private Relay, which protects your browsing activities. WIRED's guide will help you get started and change some settings.
We have tips for setting up your own network-attached storage (NAS) to allow you to store and share files with other devices.
There's more! Every week, we bring you all the security news WIRED hasn't covered in depth. To read the complete stories, click on the headlines. Stay safe out there.
Motherboard shared a letter to Congress that shows the US National Security Agency, Central Intelligence Agency and other members the Intelligence Community use ad-blockers on their networks for security protection. The IC chief information officer stated that the IC implemented network-based ad blocking technologies and used information from multiple layers, including Domain Name System information to block malicious and unwanted advertising content.
An ad blocker can be used to improve your browsing experience. However, the tools also offer defense benefits. An attacker who tries to send malicious ads through unscrupulous advertising networks or taint legitimate-looking advertisements can steal data, sneak malware onto your device, and sometimes exploit web vulnerabilities. The IC regards ads as an unneeded risk and even a threat, indicating that there are long-standing problems in the industry. In recent years, the NSA and Cybersecurity and Infrastructure Security Agency issued guidance advising that ad blocking be used as a security measure. However, the IC was not required to adopt this measure. Its members deployed ad blockers voluntarily.
Rostelecom's security division was able to take down a part of the botnet that was infamous this week thanks to a flaw in the software. Rostelecom was able to sinkhole a portion of the system because of this error. Botnets are a group of infected devices that has been used to coordinate coordinated operations. These platforms are frequently used to launch DDoS attacks. In this scenario, actors send a torrent of junk traffic at the targeted web systems in an effort to overload them.
Meris is the most powerful botnet currently available to cybercriminals. It is believed to consist of approximately 250,000 systems working together. It was used to attack targets in Russia, the United States and the United Kingdom. Rostelecom's partial takedown was significant because Meris attacks can be very powerful and difficult to defeat. A Meris attack against Yandex, the Russian tech giant, broke the record for the largest volumetric DDoS attack. Yandex was able to defend itself against this attack.
European law enforcement officers in Spain and Italy have arrested 106 suspects in connection to a large fraud campaign that ran over many years. The profits were more than $11.7million in the past year. Police said this week that they believe the suspects are connected to an Italian mafia organization. They allegedly launched SIM-swapping attacks and ran phishing scams that included business email compromise scams. This activity is also linked to drug trafficking, and other property-related crimes. The suspects allegedly used a network of money mules to launder stolen funds. Law enforcement also seized 118 bank accounts, SIM cards, credit cards and a whole cannabis plantation as part of the investigation.
Here are more great WIRED stories