Security News This Week: A DDoS Attack Wiped Out Andorra’s Internet

Photograph:  Chris J. Ratcliffe/Bloomberg/Getty Images

This week, hacktivism entered a new phase, as a group known as Cyber Partisans used ransomware to disrupt trains in Belarus. The hackers demanded the release of political prisoners and a promise that Belarus Railways wouldn’t transport Russian troops amid mounting tensions in Ukraine. While nation state actors have deployed fake ransomware for political ends before, this appears to be the first large-scale, politically motivated use of an attack method typically reserved for cybercrime.

Google this week backed away from FLoC, its controversial system to replace cookies. Instead, the search and advertising giant will use Topics, a way to determine what broad categories you’re interested based on your browsing history. Google then shares those presumed preferences with websites, who serve you relevant ads. While it’s seen as an improvement over a cookie that follows you around the web, it doesn’t fully allay the concerns privacy advocates have about Google’s dominance of the ad market and its ability to track its users.

Security researcher Ryan Pickren this week disclosed some very bad flaws in Apple’s Safari browser that would have let an attacker take over a Mac’s mic or camera, or access any accounts the victim was already logged into. The vulnerabilities have since been fixed, but it’s the second major Apple bug that Pickren has discovered in the last year, and was severe enough for the company to award a $100,500 bug bounty when he reported it.

And as you work your way through your New Year’s resolutions, carve out a little time to update your account recovery email addresses. Nothing worse that your digital future being reliant on an early-aughts Yahoo! address you lost that password for years ago.

Full article

Scroll to Top