Help Can Finish The Way To Fight SIM-Swap Attacks
A WIRED report found that Google’s geolocation data was used in 45 investigations of Capitol riots and counts. That includes the use of two geofence warrants that enabled the FBI to target the suspects inside the building in a narrow time window on January 6. This is a unique use of geofencing during a unique time; Experts recognize that this may be justified, but worry about a slippery slope, especially the use of geofence warrants exploded in recent years.
In other Google news, Android is also suffering another set of scams. In a campaign dated November, hundreds of malicious apps have entered Google Play and collectively downloaded on more than 10 million devices. Bad apps use a variety of evasive maneuvers to avoid detection, and try to trick users into signing up for a recurring charge. The researchers could not determine how much money they got, but given the number of victims it could be in the hundreds of millions of dollars.
The internet infrastructure company Cloudflare has taken over email security, with two new, free tools designed to protect business customers from phishing and other email scams. the The Senate is shouting again on Facebook, at this time about the mental health of the teenager. And now you can passwordless your Microsoft account, we put together a quick guide for how to do this.
Dune lends itself to many interpretations, but the most compelling it can be as a template for future world conflicts, from Afghanistan to cyberwar. And we look at why a real life James Bond probably won’t use an iPhone. (Or the Nokia he relied on in the movie, for that matter.)
And there is more! Each week we focus on all the WIRED security news not covered in depth. Click on the news headlines to read the full stories, and stay safe there.
SIM-swap attacks, where someone carries your phone number on their device to pass two -factor authentication to your most sensitive accounts, a scourge for many years. This has resulted in cryptocurrency theft, bank accounts being depleted, and getting a social media account. And while there is no simple way to stop them, there really is methods that have not yet been tested in the US. Which is why it’s gratifying that the FCC is finally showing up to pay attention to them; this week the agency said they plan to push carriers to implement more secure authentication before transferring the numbers to a new device. This doesn’t completely solve the problem – especially telephone company employees sometimes actively accomplished the attacks-but it’s been a long time coming.
Russia continues to suppress every aspect of technology in the country, which this week turned out to be a disruptive turn. The country’s law enforcement has reportedly arrested Ilya Sachkov, founder and CEO of the St. Louis -based cybersecurity firm. Petersburg Group-IB. He is accused of working with “foreign intelligence services” to damage Russia’s national interests; the company says he is innocent of all charges. Sachkov faces up to 20 years in prison if convicted.
Security researchers this week showed a mistake in how Visa implemented Apple Pay’s “Express Transit” feature that allowed them to make unauthorized payments without contact from a locked iPhone. . First, they pretended to be a ticket barrier in the transit system using a cheap radio device, to make the iPhone think it was connecting to a legitimate system. Afterwards, they use a so-called relay attack to direct payment messages from the iPhone to a reader they control, allowing them to perform multiple transactions without the need for any biometric verification. . This is an issue that applies especially to stolen iPhones, and Apple indicated in a BBC statement that Visa seems unlikely to fix given the complexity of the attack.
We wrote a lot ransomware around here, and the various damaging effects on society. But so the attacks continue to worsen-Padayon the hospitals are gone—You should have read this for a long time Wall Street Journal reports on the actual human cost. This is a devastating but must read.
More WIRED Stories