Alright, so WIRED just dropped their Rogues issue this week, where they decided to get a little wild themselves. Andy Greenberg, a senior correspondent, took a trip down to Louisiana to test out how simple it would be to recreate the 3D-printed gun that authorities claim they found on Luigi Mangione when he was busted for offing UnitedHealthcare’s CEO. Turns out, it was a walk in the park and totally legal. Like, seriously, is this even a surprise anymore?
In more recent news, the US, Europe, and Japan teamed up to squash one of the biggest infostealer malware out there—Lumma. This sneaky malware was out there snatching up sensitive deets from folks worldwide, like passwords, bank info, and even crypto wallet details. Microsoft’s Digital Crime Unit played a role in the takedown, axing about 2,300 URLs that were part of Lumma’s shady infrastructure. And get this, a massive database with over 184 million records got yanked after security whiz Jeremiah Fowler stumbled upon it. This bad boy was loaded with data from big dogs like Amazon, Apple, Google, you name it. The US also nailed 16 Russian peeps for running the DanaBot malware, which they claim was up to all sorts of no-good, from ransomware to espionage. Plus, a webinar spilled the tea on how a big-time venture capitalist helped hook Israel up with Starlink satellite internet after that Hamas fiasco on October 7, 2023.
But wait, there’s more! Every week, we scoop up the security and privacy news that slipped through the cracks. Click on those headlines to dig deeper. And hey, stay safe out there, folks.
So, the US intel gang is cooking up a marketplace where they can buy up personal info that data brokers snag under the guise of marketing. The Intercept spilled the beans on this whole “Intelligence Community Data Consortium” that’s gonna use AI to sift through peeps’ deets. And get this, this data could lead to all sorts of shady stuff like blackmail, stalking, and public shaming. Like, why do they need all this info, right? It’s kinda sketchy if you ask me. Oh, and remember that law the House tried to pass to stop the government from buying up all this “commercially accessible information”? Yeah, the Senate shot that down. Classic.
In a blast from the past, a hacking group called Careto, which means “Ugly Face” or “Mask” in Spanish, was out there doing Spain’s dirty work back in the day. Kaspersky finally confirmed what we all suspected: Careto was like the Spanish government’s bestie, targeting energy companies, research spots, and activists. They were all about Cuba, probably ’cause they were giving a safe haven to some Spanish separatist group that Europe wasn’t feeling. Plus, they had a little Spanish phrase in their malware code that was a dead giveaway. Talk about sneaky stuff.
And hey, Signal is throwing some major shade at Microsoft with a new feature to block their sneaky Recall screenshots. Microsoft’s been keeping tabs on what Windows users are up to, which is a major privacy no-no. So Signal’s using some fancy tech to shut that down. But like, why can’t Microsoft just chill with the spying already? It’s a whole mess, man.
In a not-so-surprising turn of events, Russia’s Fancy Bear hackers were caught red-handed targeting Ukraine. They were all up in tech and logistics firms helping out Ukraine, trying to mess things up. Like, who even does that? And to top it off, they were spying on security cameras at border crossings and military spots. Like, seriously, can’t they just mind their own business for once?
Lastly, the US is pointing fingers at a Russian dude named Rustam Gallyamov for creating some nasty software that raked in millions for ransomware gangs. They even snatched up over $24 million from this guy. The investigation was a big ol’ global effort, involving a bunch of countries and agencies. At least they’re finally cracking down on these cyber crooks, right?
