As the states struggle to grappleWith the wide-reaching implications that the June United States Supreme Court decision has had on the country InverseWIRED looked at privacy concerns in relation to the constitutional right of abortion Automated license plate readers are widely usedAs the risk of being charged with seeking an abortion increases in the country, so does the likelihood of being arrested. Researchers underscored this fact. Digital self-defense value from end-to-end encryptionAs civil rights protections and law enforcement power evolve, there is no shortage of places around the globe.
Apple has announced this week a new protection known as “Lockdown Mode” for iOS 16If they are at high risk of being targeted by invasive spyware, users can choose to have their phone run in a less secure but still more secure mode. Researchers say the National Institute of Standards and Technology announced new encryption algorithms. Refractive to quantum computersIt will be very difficult to test these practical concepts for many years.
That’s not all. Each week we round up the news that we didn’t break or cover in-depth. To read the complete stories, click on the headlines. Keep safe out there
An attacker stole data belonging to almost 1,000,000 Chinese citizens from the Shanghai police database. Then they tried to extort the department of about $200,000. The data contained names, phone numbers as well as government ID numbers. Researchers discovered that the database was secure but that a management dashboard could be accessed from the internet. Anyone with basic technical skills could access the information without requiring a password. The breach’s scale is staggering and is the first of its kind to strike the Chinese government. This country is well-known for its large amounts of data about its citizens and people from all over the world. China is infamously responsible for the breach. United States Office of Personnel Management breachEquifax credit bureau breach, along with many others around the world.
Christopher Wray, FBI director and Ken McCallum chief of UK’s security agency MI5, issued a joint warning that China was, according to Wray, the “biggest and longest-term threat to the United States’ economic and national security.” They noted that China has been involved in extensive espionage and interference in political processes around the globe. Wray said that China could seize Taiwan, which would be “one of most terrible business disruptions the globe has ever seen.” McCallum claimed that MI5’s focus on China has increased more than twice since 2019, and now conducts seven-times as many Chinese Community Party investigations as in 2018. Zhao Lijian, spokesperson of China Foreign Ministry said that British officials are trying to hype up the China threat theory. He stated that MI5 should “cast aside imagined demonics.”
HackerOne, which manages bug bounty programs and rewards companies for vulnerability submissions, fired an employee for stealing vulnerability disclosures and submitting them directly to companies in order to claim the reward. HackerOne discovered the scheme after a customer reported a vulnerability disclosure it thought was similar to one it received from a different researcher in June. HackerOne was accessed by the rogue employee who was new to HackerOne. He made seven vulnerability disclosures using stolen information. “This is a clear violation of our values, our culture, our policies, and our employment contracts,” HackerOne wrote in an incident report. “We have since terminated the employee, and further bolstered our defenses to avoid similar situations in the future.”
In a joint alert, the United States Cybersecurity and Infrastructure Security Agency (Federal Bureau of Investigation) and Treasury Department announced this week that North Korean hackers had been targeting healthcare and public sectors using the Maui ransomware strain. They warned that such ransoms could be in violation of US sanctions. “North Korean state-sponsored cyber actors used Maui ransomware in these incidents to encrypt servers responsible for healthcare services—including electronic health records services, diagnostics services, imaging services, and intranet services,” the alert warns. “In some cases, these incidents disrupted the services provided by the targeted HPH Sector organizations for prolonged periods.”