If you have heard Rumors this week that Netflix is finally cracking down on password sharing in the United States and other markets, you heard right, but only for now. The company told WIRED that while it plans to announce a limit on account sharing in the next few weeks, nothing has happened yet. Meanwhile, lawmakers in Congress are racing to overhaul systems for handling US government classified data as classified documents continue to appear in the wrong places.
This week we took a close look at a ransomware attack that damaged the digital infrastructure of Hackney Council London. The attack took place more than two years ago, but it was so severe that local authorities are still working on recovery. Meanwhile, a far-flung project is developing prototype real-world pursuit satellites that could someday be used in space battles.
In other military news from the sky, we have covered the situation of the apparent Chinese spy balloon over the US, and the pros and cons of using balloons as espionage tools. And if you’re looking to improve your personal digital security this weekend, we’ve got a roundup of the most important software updates to install right now, including patches for Android and Firefox vulnerabilities.
In addition, there are more. Every week we collect stories that we ourselves have not covered in detail. Click on the headings to read all stories. And stay safe there.
If you are looking for legal software downloads by searching Google, your clicks have become more risky. Spamhaus is a non-profit organization dedicated to tracking spam and malware. speaks he discovered a “massive surge” of malware distributed via Google Ads over the past two months. This includes “malicious ads” that appear to be genuine downloads of tools such as Slack, the Mozilla Thunderbird email client, and the Tor browser. Security firm SentinelOne further identification Several malicious downloaders are distributed through Google Ads, which the researchers collectively named MalVirt. They say that MalVirt loaders are used to distribute malware such as XLoader, which an attacker can use to steal data from an infected machine. Google told Ars Technica in a statement that it is aware of the rise in malicious ads. “Resolving this issue is a critical priority and we are working to resolve these incidents as quickly as possible,” the company said.
The Federal Trade Commission fined for the first time this week Abnormal Notification Rule (HBNR). Online pharmacy GoodRx was ordered pay a $1.5 million fine for allegedly sharing its users’ drug data with third parties such as Meta and Google without informing those users of “unauthorized disclosure” as required by HBNR. The FTC’s enforcement actions followed investigations by Consumer Reports And Gizmodo in GoodRx data exchange practice. In addition to violating HBNR, GoodRx misrepresented its claims of HIPAA compliance, the FTC alleges. GoodRx claims to have corrected the issues underlying the FTC complaint years ago and denies any admission of guilt. “We do not agree with the FTC’s allegations and do not acknowledge any wrongdoing,” a spokesman for Gizmodo said. “Concluding a settlement agreement allows us to avoid the time and cost of lengthy litigation.”
This week, Microsoft announced that it will be disabling the accounts of attackers who successfully pass verification through the Microsoft Cloud Partner Program. Posing as legitimate businesses, the attackers used the verified account status to create malicious OAuth applications. “Apps created by these scammers were then used in a phishing campaign that tricked users into granting permissions to rogue apps,” reads a Microsoft blog detailing the issue. “This phishing campaign targeted a subset of customers primarily based in the UK and Ireland.” The company says the people behind the phishing attacks likely used their access to steal emails, and that it has notified all victims.
Security firm Saiflow researchers this week revealed two vulnerabilities in open source versions of the protocol used by many electric vehicle charging stations, called the Open Charging Point Protocol (OCPP). Using vulnerable instances of the OCPP standard, which is used to communicate between chargers and control software, an attacker could take over a charger, disable groups of chargers, or siphon electricity from a charger for their own use. Saiflow says it is working with electric vehicle charger companies to mitigate the risks of vulnerabilities.
The 37 million customers affected by the recent T-Mobile hack may not be the only ones affected by the hack. This week, Google informed customers of the Google Fi mobile service that the hackers obtained “limited” account information, including phone numbers, SIM serial numbers, and information about their accounts. The hackers did not gain access to payment information, passwords, or message content such as text messages. However, it is possible that the information could be used for SIM spoofing attacks. TechCrunch reports that the intrusion was detected by Google Fi’s “major network provider” who noticed “suspicious activity related to a third-party support system.” The timing of the hack, which happened two weeks after the last T-Mobile hack, suggests they are related.