Your car is a data gold mine† From your location to your use of infotainment systems, every drive you take delivers a lot of data, and car manufacturers are getting better at using this information. A 2019 analysis found that cars could generate up to 25 gigabytes of data per hour. As companies refine their ability to mine this data, your car could prove to be the next threat to national security. This week, the Chinese city of Beidaihe banned Teslas from the streets as communist party leaders gather in the area. One possible reason for the ban is that the cars could reveal sensitive details about China’s top figures.
Elsewhere, German mobile carriers are testing “digital tokens” as a way to display personalized ads on people’s phones. The trial of TrustPid by Vodafone and Deutsche Telekom generates pseudo-anonymous tokens based on people’s IP addresses and uses them to show personalized product recommendations. The move is compared to “super cookies”, which have previously been used to track people without their consent. While Vodafone denies that the system is related to super cookies, privacy advocates think it is a step too far. “Companies that operate communications networks are not allowed to track their customers or help others track them,” privacy researcher Wolfie Christl told WIRED.
In other stories this week, we’ve rounded up the critical updates from Android, Chrome, Microsoft, and others that came out in June — you should be making those updates now. We also looked at how the new malware for the ZuoRAT router infected at least 80 targets worldwide. And we’ve covered how to use Microsoft Defender on all your Apple, Android, and Windows devices.
But that is not everything. We’ve got a rundown of the week’s big security news that we haven’t been able to hide ourselves. Click on the headlines to read the full stories. And stay safe out there.
California’s weapons database, called the Firearms Dashboard Portal, was intended to: improve transparency around arms sales. Instead, when new data was added to it on June 27, the update turned out to be a disaster† During the planned release of new information, the California Department of Justice made a spreadsheet publicly available online, exposing more than 10 years of information about gun owners. The data breach included the names, dates of birth, genders, races, driver’s license numbers, addresses and criminal histories of people who were granted or denied permits between 2011 and 2021 to conceal and carry weapons. More than 40,000 CCW permits were issued issued in 2021† however, the California Department of Justice said financial information and Social Security numbers were not included in the data breach.
Although the spreadsheet was online for less than 24 hours, an initial investigation appears to indicate that the breach was more widespread than originally thought. In a press release issued on June 29, the California DOJ said other parts of its weapons databases were also “infected.” Information in the assault weapons registry, small arms certified for sale, dealer record of sale, firearms safety certificate and gun violence prohibition order dashboards may have been made public in the breach, the department said, adding that it is investigating what information could have been disclosed. In response to the data breach, the Fresno County Sheriff’s Office said it was “worse than previously expected” and that some of the potentially biased information “came as a surprise to us.”
Indian hacker-for-hire groups have been targeting lawyers and their clients around the world for nearly a decade. Reuters research revealed this week† Hacking groups have used phishing attacks to gain access to confidential legal documents in more than 35 cases since 2013, targeting at least 75 U.S. and European companies, according to the report, which is based in part on a trove of 80,000 emails. sent by Indian hackers over the past seven years. The research describes how hack-for-hire groups work and how private investigators take advantage of their ruthless nature. As Reuters published its research, Google’s Threat Analysis Group made public dozens of domains belonging to alleged hack-for-hire groups in India, Russia, and the United Arab Emirates.
Since 2009, the Chinese hacking group APT40 has been targeting companies, government agencies and universities around the world. APT40 has hit countries including the United States, United Kingdom, Germany, Cambodia, Malaysia, Norway and more, according to security firm. Mandiant† This week, a Financial times research discovered that Chinese university students were tricked into working for a front company linked to APT40 and involved in investigating its hacking targets. The paper identified 140 potential translators who had applied for job openings at Hainan Xiandun, a company allegedly associated with APT40 and called in a lawsuit filed by the US Department of Justice in July 2021. Those who applied for jobs at Hainan Xiandun were asked to translate sensitive US government documents and, according to the story†
In 2021, North Korean hackers stole about $400 million worth of crypto as part of the country’s efforts to lift international sanctions and strengthen its nuclear weapons program† This week, researchers began linking the theft of about $100 million worth of cryptocurrency from Horizon Bridge, on June 23, to North Korean actors. Blockchain Analytics Company Elliptic say it has uncovered “strong evidence” that North Korea’s Lazarus group may be linked to the Horizon Bridge hacking incident — and Ellipictic isn’t the only group made the connection† The attack is the latest in a series against blockchain bridges, which have become increasingly targeted in recent years. However, researchers say the ongoing crypto crash millions in value wiped out of crypto heists in North Korea.
