Security News This Week

Ukraine “wiper” malware attacks

Ukraine has been subject to an unprecedented amount of “wiper” malware attacks over the past year, according to multiple cybersecurity firms. Russia has directed more wipers towards Ukraine than at any other point in the cyberwar between the two countries. Fortunately, the newly discovered wipers are less destructive than those previously used, such as NotPetya in 2017, which caused $10 billion in damages globally. The conflict between Russia and Ukraine has also impacted Ukraine’s electric grid, resulting in blackouts and internet outages. To remain online and connected, Ukrainians have started using high-capacity lithium-ion batteries to keep cell phone towers operational during grid attacks.

Mozilla privacy claims

Mozilla researchers found inaccuracies in privacy claims made by app developers on Google Play’s Data Safety labels, contradicting the notion that these labels can be relied upon. Facebook received a “poor” grade from Mozilla, while Google’s YouTube, Gmail, and Google Maps apps were ranked as “needs improvement.” In other news, a server hosting an internal government mailbox system that stored terabytes of internal US military emails was discovered to have been leaking sensitive data to anyone who knew the server’s IP address. An investigation is underway, and while it is unclear if anyone accessed the data while it was available, the incident raises concerns about cybersecurity in government systems. Additionally, Iran has been accused of operating secret torture centers, further highlighting the need for increased vigilance in protecting human rights.

Black sites across Iran

CNN’s investigation published on Tuesday revealed over three dozen black sites across Iran where protesters were brutally tortured. These unofficial detention centers are often located inside government facilities, makeshift jails in warehouses, and even in the basements of mosques. Survivors of torture at these sites reported unprecedented brutality, including electrocutions, nail removal, lashings, beatings, and sexual violence.

These black sites proliferated during the Mahsa Amini uprising last year, which led to scores of death sentences against protesters, and more than 100 protesters have been charged with crimes carrying the death sentence. Despite reaching out to the Iranian government for comment on the allegations of torture in their secret prisons, CNN has not received a response.

Breaking into his bank account using an AI-generated voice

On Thursday, Vice reporter Joseph Cox detailed his experiment on breaking into his bank account using an AI-generated voice. While banks across the US and Europe have implemented “voice verification” technology, Cox’s experiment demonstrates the rare but real possibility of fraudsters exploiting this technology to access bank accounts. Cox used a free voice creation service to spoof his own voice and gained entry into his Lloyds Bank account. The bank is aware of the threat of synthetic voices and is deploying countermeasures.

Go to Source
Author: Dhruv Mehrotra, Andrew Couts

Explore

Connect

Connect with Miss Rumbie

Security News This Week

Ukraine “wiper” malware attacks

Mozilla privacy claims

Black sites across Iran

Breaking into his bank account using an AI-generated voice

Ukraine “wiper” malware attacks

Black sites across Iran

Breaking into his bank account using an AI-generated voice

You’ll Also Love