When you run large application, one bug is enough to put countless people at risk. Such is the case with Diksha, an educational app from India’s Ministry of Education, which has exposed the personal information of about 1 million teachers and millions of students across the country. The data, which included things like full names, email addresses and phone numbers, was publicly available for at least a year, and likely longer, potentially exposing those affected to phishing attacks and other types of scams.
Speaking of cybercrime, the LockBit ransomware gang has been operating under the radar for a long time thanks to their professional work and choice of targets. But over the past year, a series of missteps and dramatic events have brought him into the spotlight, potentially threatening his ability to continue to operate with impunity.
However, encrypting everything on your computer is not only the prerogative of criminals. This week we explained how to secure your files with a digital lock and key on both macOS and Windows. Do you know what is the prerogative of criminals? The money laundering that the Chainalysis report released this week is mainly facilitated by only five crypto exchanges, four of which helped scammers cash out $1.1 billion in 2022.
Billionaires like Elon Musk have reason to rejoice. Flight tracking platform ADS-B Exchange, which provided data for the @ElonJet account that tracked the Tesla CEO’s private jet and Twitter, has sold out. The company is currently owned by privately owned aviation intelligence firm Jetnet. ADS-B fans, including the creator of @ElonJet, are now jumping ship, believing the new owner will likely bow to censorship demands from the likes of Musk and the Saudi royal family.
But that’s not all. Every week we collect stories that we ourselves have not covered in detail. Click on the headings to read all stories. And stay safe there.
As Russia’s disastrous invasion of Ukraine unfolded last year, the Kremlin has also stepped up its crackdown on local and Russian-language media to quell anti-war dissent. The latest victim of the crackdown was, by some standards, Russia’s main independent news site, Meduza. On Thursday, the Russian government added Meduza to its “undesirable organisations” list, effectively outlawing any collaboration or promotion of the news agency. The country’s Prosecutor General went so far as to write in a statement that Meduza “poses a threat to the foundations of the constitutional order and the security of the Russian Federation.”
While Meduza has long been based in Latvia to shield itself from Russian restrictions and reprisals, the new measure makes it a crime for anyone in Russia to work for a news agency, talk to its journalists, post a link to its website, or even simply “like” one of his social media posts. A first violation of these restrictions is a defense against a misdemeanor under Russian law and is punishable by a fine, while a second violation is a criminal offense with a possible penalty of several years in prison.
While prison time is unlikely for those who are not actively involved in the work of a news organization…most violations of the law have so far resulted in a fineMeduza has warned Russians and anyone visiting Russia to be careful and remove social media posts that link to or promote its content. Regardless of how the law is applied, its chilling effects will no doubt be significant, and the draconian ban on Meduza represents another small step in Russia’s long, slow slide into totalitarianism.
The FBI announced this week that it has thwarted the operations of one of the world’s most prolific and destructive ransomware groups known as Hive by taking down its dark website and recovering decryption keys to unlock the systems of victims facing $130 million. general ransom demands. “We hacked the hackers,” US Deputy Attorney General Lisa Monaco told reporters at a press conference. In previous years of its extortion-fuelled cybercrime, Hive has been the victim of more than 80 networks and raised more than $100 million in ransom, according to the FBI. But working with numerous law enforcement agencies, including the federal police in Germany and the Netherlands, the FBI secretly gained access to the group’s systems, monitoring them and eventually disrupting their operations. Despite this victory, no arrests were mentioned in the high-profile statement, suggesting that, as is common with ransomware cases, the Hive hackers are likely in non-extradition countries, out of the reach of Western law enforcement. organs.
The FBI has officially pointed the finger at the usual suspect in the ongoing plague of massive hacks and thefts in the cryptocurrency world: North Korea. In its investigation into a heist that resulted in the theft of $100 million in crypto last year, the Bureau blamed two hacker groups long thought to be affiliated with the Kim Jong-un regime, known as APT38 or Lazarus — the latter of which is sometimes used more broadly. sense. a generic term for several North Korean hacking units. These hackers targeted the Horizon “bridge” owned by American crypto firm Harmony, a system used to transfer one cryptocurrency to another. Bridges are increasingly becoming lucrative targets for thieves who have stolen hundreds of millions of dollars worth of digital currency from them in recent years. In addition to the statement of shame, the FBI also reports that some of the stolen currency was confiscated when hackers tried to launder it, and the agency pointed to crypto addresses where about $40 million of stolen loot is still stored.
If Madison Square Garden didn’t want a lawsuit over its experiment in using facial recognition technology to detect the people it sought to ban from its establishment, it might not have been worth starting with banning lawyers. After it was revealed that MSG used facial recognition to prevent lawyers from several firms involved in litigation against the establishment from attending its events, and then enforced that ban with controversial facial recognition technology, New York Attorney General Letitia James directed the owners MSG letter demanding more information about his surveillance methods. The letter, suggesting the bar on lawyers is meant to discourage people from filing lawsuits against MSG, asks about the reliability of MSG’s facial recognition technology and whether it has safeguards against bias. “Anyone with a ticket to an event should not worry about being wrongfully denied entry because of their appearance,” James wrote in a statement, “and we urge MSG Entertainment to lift this policy.”