As the war of Russia In Ukraine, the Ukrainian military has proven resilient and has launched increasingly fierce counterattacks against Kremlin forces. But as the conflict evolves, it is entering the ominous phase of drone warfare. Russia has launched a series of recent attacks using Iranian “suicide drones” that are difficult to defend against. As Russian President Vladimir Putin escalates his rhetoric about the possibility of a nuclear strike and NATO officials watch closely for any signs of movement, we examine what indicators are available to the global community to assess whether Russia is indeed preparing to use nuclear weapons.
Meanwhile, an unbroken string of critical vulnerabilities in Microsoft’s Exchange Server on-premises email hosting service has left researchers raising the alarm that the platform is not getting the development resources it needs and that customers should seriously consider migrating to cloud email hosting. . And new research examines how Wikipedia custodians uncover state-sponsored disinformation campaigns in crowdsourced encyclopedia entries.
If you’re worried about the continued threat of ransomware attacks around the world, researchers pointed out this week that middle-of-the-pack groups like the notorious gang Vice Society are increasing profits and reducing exposure by investing too little in technological innovation. . Instead, they run the most sparse and unremarkable operations to target under-funded sectors such as health care and education. If you’re looking to do something about your personal security, we have a guide to cracking passwords and setting up a “passkey” on Android and Google Chrome.
But wait, there’s more! Each week, we highlight news stories that we haven’t covered in depth ourselves. Click on the headlines below to read the full news. And stay safe out there.
Officials in the United States have long warned of a potential national security threat because the hugely popular social video platform TikTok is owned by a Chinese company, ByteDance. But TikTok has always maintained that it is firewalled between ByteDance and its US userbase. But the material viewed by Forbes It suggests that an internal ByteDance review board, the “Internal Audit and Risk Control Division,” plans to direct TikTok to track the location of certain US users. The group typically focuses on internal, personnel issues, but the US-based individuals are not affiliated with TikTok or ByteDance. “In at least two cases, the internal audit team also planned to collect TikTok data about the location of a US citizen who never had an employment relationship with the company, the material shows. It is not clear from the material whether data about these Americans was actually collected. Forbes wrote
Microsoft said this week that a misconfiguration exposed the data of some potential customers of its cloud services. Researchers at SOCRadar, a threat intelligence firm, disclosed the leak to Microsoft on September 24, and the company immediately shut down the exposure. SOCRadar said in a report that the leaked information spanned 2017 and August of this year. Researchers linked data from more than 65,000 organizations in 111 countries. Microsoft said the disclosed details included names, company names, phone numbers, email addresses, email content and files sent between potential customers and Microsoft or one of its authorized partners. Cloud misconfigurations are a chronic security risk that has led to countless exposures and sometimes breaches.
There are no easy answers to improving the chronic security dumpsterfire created by cheap, unsecured Internet of Things devices in homes and businesses around the world. But after years of problems, countries like Singapore and Germany have found that security labels are being added to internet-connected video cameras, printers, toothbrushes and more. The labels give consumers a better understanding of the protection built into different devices—and encourage manufacturers to improve their practices and earn the Gold Seal. The US took a step in this direction this week. The White House announced a labeling scheme that would be a form of EnergyStar for IoT digital security. The administration held a summit with industry bodies and companies this week to discuss standards and guidelines for the label. “A labeling program to secure such devices will provide American consumers with peace of mind that the technology they bring into their homes is safe and will encourage manufacturers to meet higher cybersecurity standards and retailers to sell secure devices,” National Safety Council spokeswoman Adrian said. Watson said in a statement.
Sources said The Washington Post This week sensitive information related to Iran’s nuclear program and the United States’ own intelligence operations in China were included in documents seized by the FBI this summer at former President Trump’s Mar-a-Lago estate in Florida. “Unauthorized disclosures of specific information in the documents could pose a number of risks, experts say. People assisting U.S. intelligence efforts could be put at risk and collection methods could be compromised,” Post wrote This information could prompt retaliation against the US by other countries.