After months of scandals around the security camera Ring and itscontroversial partnerships with law enforcement, perhaps it was inevitable that the Amazon-owned company would face a far more common sort of scandal for sellers of internet-connected consumer surveillance devices: They can be hacked. After an extremely creepy incident in which hackers cracked a Ring camera inside a child’s bedroom and used it to talk to three young girls, it’s clear that Ring doesn’t just raise questions over how consumers should share their devices’ surveillance data with the police. It’s also a quintessential example of the broader problem of peopleputting insecure internet-of-things devices into their most private spaces.

And Ring wasn’t the only one caught up in a child surveillance scandal lately. So was Toys “R” Us, which is back after its bankruptcy and stood accused of surveilling children after reports about its use of high-tech sensors to track shoppers around stores. The company behind those sensors, however, claims that the cameras aredesigned not to register people shorter than 4 feet tall.

Meanwhile, another long-running surveillance story—the FBI inspector general’s investigation into the origins of its own Trump-Russia probe and the FISA-enabled monitoring of Trump staffer Carter Page, who was suspected of ties to Russia—concluded in a 500-page report thatexculpated the FBI of any partisan political motivationsin the probe while also pointing out serious flaws in its adherence to legal protocols. Another equally complex surveillance scare is coming to a head, as rural US wireless providers are resisting an FCC proposal toremove all gear from American telecom networks sold by the Chinese firm Huawei, citing spying fears.

Elsewhere in the security world, researchers across half a dozen universities warned that Intel chips are vulnerable to a technique thatfiddles with their voltageto make them spill their most well-protected secrets. And a bitcoin scheme allegedly lured in consumers with promises of a stake in a cryptocurrency mining operation to assemble a$722 million pyramid scheme.

And there’s still more. Every Saturday we round up the security and privacy stories that we didn’t break or report on in-depth but think you should know about nonetheless. Click on the headlines to read them, and stay safe out there.

With tensions still high in Iran after weeks of public protests, hackers published 15 million bank debit card numbers from customers of Iran’s three largest banks on social media this week. The breach impacts almost a fifth of Iran’s total population. Iranian information and telecommunications minister Mohammad Javad Azari Jahromi said that the breach was a result of a rogue contractor who abused financial system access to steal the data and then posted it as part of an extortion scheme. Though a major breach, this explanation would mean that bank systems weren’t actually hacked, but were compromised by someone with legitimate access. Outside analysts suggest, though, that a breach of this scale may have actually been the result of nation-state hacking, targeting Iran during a period of intense instability.

US authorities are investigating former White House and intelligence staffers who conducted espionage and hacking operations for the United Arab Emirates after leaving their US government positions. Reuters has reported previously on the group, known as Project Raven to its American participants and DREAD, or Development Research Exploitation and Analysis Department, in the UAE. The group formed a contract espionage firm in 2008 to help the UAE spy on targets including journalists, dissidents, terrorists, and human rights activists. In some cases, targets Project Raven members spied on were arrested or deported from the UAE and allegedly tortured in their home countries, such as Saudi Arabia. American participants in Project Raven became increasingly concerned that the work they were being asked to do by the Emiratis was

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *