The SolarWinds Hackers Are Looking for Their Next Big Score

Dark HunTor, an international collaborative law enforcement operation, saw 150 arrests of dark web sellers and the seizure $31.6 million in cryptocurrency and cash, as well as 230 kilograms drugs. This action targeted sellers who were selling their goods on DarkMarket, a dark web marketplace that was shut down by German police in January. Ransomware gangs were still on the loose. The Russian group Grief claimed to have attacked the National Rifle Association this past week. This is just the latest incident in a series of attacks where victims must consider the possible consequences of violating sanctions if their goal is to get out.
Yoti, a British digital identity company, claims its machine-learning-based image analysis tool can accurately predict the age of anyone between 6 and 60. This tool could be used by Yoti to enforce minimum age requirements on platforms and keep children safer online. However, it raises questions about how much surveillance digital technology can cause. A DMCA exemption has been granted to blind and vision impaired individuals. This allows them to create accessible ebooks and break digital rights management protections. The exemption is temporary and advocates will have to fight for it again within three years. They argue that the measure should be permanent.

Google's Pixel 6 Pro and Pixel 6 Pro offer advanced security features thanks to their Tensor CPUs. This is the first Pixel system on a chip to be built by Google. We've collected 11 important settings for Windows security that you should be focusing on. We also have updated recommendations for VPNs if you are looking for reliable ones.

There's more! Every week, we bring you all the security news WIRED hasn't covered in depth. To read the complete stories, click on the headlines. Stay safe out there.

According to Microsoft, the Russian SVR foreign intelligence services hacking group known by Nobelium and Cozy Bear have been targeting a new wave international IT companies embedded within the global supply chain. The group seeks to target key but obscure tech companies, as it did in 2020 with network management company SolarWinds. Microsoft vice president for customer security and trust Tom Burt says Nobelium is targeting managed cloud service providers and tech resellers. Burt claims that Nobelium has been active all summer. The company informed 609 customers between July 1 and Oct 19 that they had been attacked 22,868 more times by the grouproughly the exact same amount of attacks Microsoft received from Cozy Bear over the three preceding years. Burt says, however, that all recent targeted attacks had a success rate of only the single digits.

Burt stated that this activity was another sign that Russia seeks long-term, systematic and consistent access to technology supply chains. He also proposed a mechanism to monitor the future targets of interest to Russia. Spies gonna spy.

On Tuesday, a hacker attacked Iranian gas stations and knocked out nearly every subsidized payment terminal at the pumps. This caused long lines and chaos. Ebrahim Raisi, Iranian president, stated that cyberwar should be a serious concern and that related bodies should not allow the enemy's ominous plans to unfold. Raisi didn't claim responsibility for the attack, and he did not attribute it to anyone. However, he stated that he believed anti-Iranian actors were responsible. Payment terminals were reportedly labelled "cyberattack 644111" during the attack. This refers to a religious hotline operated by Supreme Leader Ayatollah Al Khamenei. In an attack on Iran's railway national, the number "64411", was also found.

Europol announced Friday the arrest of 12 individuals with alleged links in ransomware attacks against corporations and critical infrastructure. This attack apparently affected more than 1,800 people across 71 countries. Eight countries' law enforcement agencies collaborated in the operation and seized $52,000 cash, five luxury cars, and a variety of electronic devices. Ransomware was used in the attacks, including LockerGoga and MegaCortex as well as Dharma.

The data of New Jersey residents who were vaccinated against Covid-19 was exposed by a bug in Docket's medical records app. Two states specifically approved the app which allows people to download a digitally signed copy of their paper vaccination card. Docket allows users to access their immunization records in the same way as other vaccine passports. It can be scanned QR codes or visible cards. This vulnerability allowed anyone to access the QR codes of other users and their personal data. These included names, dates and information about immunizations such as brand and date of vaccination. TechCrunch found the bug Tuesday and notified Docket that day. Docket stated that the bug was fixed by server-level changes within hours. Docket is currently reviewing its logs in order to determine if anyone abused the flaw prior to its disclosure.

Here are more great WIRED stories