Welcome back to ‘This Week in Getting Hacked’—the world’s greatest cybersecurity-related link dump! Each week, we bring you the best news stories from the cybersecurity field, letting you know who’s getting hacked, who’s hacking, what data is leaking, and about what you should take with caution. So strap in, change your password, and let’s find out who’s getting hacked this week!
On to the links…
A Twitter account associated with WikiLeaks—everyone’s favorite “we swear we’re transparent” information source—claims want to publish the financial and familial ties of all Twitter verified users. Since then, the tweet has been deleted, which is good news, considering it’s pretty much doxing hundreds of thousands of people, many of whom probably don’t want that information disclosed.
The account attempted to cover their tracks by claiming that they wanted to just explore influences based on proximity graphs.
Speaking of WikiLeaks, here’s the full US Intelligence Community report of the Russian meddling in US elections. Remember when WikiLeaks only released information about one side and claimed it wasn’t political in nature, despite there being overwhelming evidence of potential conflicts of interest on the eventual winning party that would kind of help their whole “we don’t choose sides, just transparency” thing? Me too. This is the declassified report that was gathered by the US IC, as the classified report shows all the evidence they have, and revealing that would compromise the ways they were able to obtain it.
Keeping on the US election topic, the Homeland Security Secretary Jeh Johnson designated the US election voting infrastructure as critical, saying that recent attempts to influence or manipulate our democratic elections is cause for concern and increased security.
Here’s a quote:
“Given the vital role elections play in this country, it is clear that certain systems and assets of election infrastructure meet the definition of critical infrastructure, in fact and in law…”
That’s pretty cool, and also kinda concerning that we didn’t consider that as an option before today.
What is concerning, however, is that the government may have been paying Best Buy Geek Squad employees as informants to search through computers and other devices you may bring in to be repaired or checked. The information came out in a court case, United States of America v. Mark A. Rettenmaier, where a California resident took his computer to Best Buy because it didn’t start, and the Geek Squad technician found child pornography on the device, and alerted his boss, who was also an FBI informant. The evidence was found via a carving tool, which digs through old and deleted files for certain content, which should not be used when attempting to get a computer to start, as per the customer request. Best Buy has denied their involvement with the FBI.
If you use the AutoFill function on your browser to fill out information fields, there’s a chance you’re giving up your personal info unwittingly, as malicious sites will use hidden text boxes to gather than information.
So, you know, change your password and definitely don’t use AutoFill on your browser.
See you next week!