Thomas Ricker
1 password less.
A new setting allows your 1Password vault to automatically unlock alongside your Mac or PC. It’s part of three new security presets rolling out now to individual and family plans — biz plans coming soon.
Security
Cybersecurity is the rickety scaffolding supporting everything you do online. For every new feature or app, there are a thousand different ways it can break – and a hundred of those can be exploited by criminals for data breaches, identity theft, or outright cyber heists. Staying ahead of those exploits is a full-time job, and one of the most lucrative and sought-after skills in the tech industry. All too often, it’s something up-and-coming companies decide to skip out on, only to pay the price later on.
Dominic Preston
Jess Weatherbed
Firefox upgrades its anti-tracking features.
The browser is now better at blocking “fingerprinters” that gather information about your system to ID you, even after clearing cookies or using private browsing. Mozilla says the improvements almost halve the number of Firefox users tracked by fingerprinting, preventing websites from obtaining details about hardware specifications, touchscreen support, and dock or taskbar dimensions.
Facing waves of cuts, reassignments, and rampant politicization, CISA is staring down a diminished role in US cyber defenses.
Lauren Feiner
Stevie Bonifield
A pair of ransomware negotiators have been indicted for running their own ransomware attacks.
The DOJ is charging two former ransomware negotiators at DigitalMint, along with a former incident response manager at Sygnia, for allegedly hacking and attempting to extort at least five US-based companies using ALPHV/BlackCat ransomware, as reported by the Chicago Sun-Times. The “rogue” trio allegedly got a $1.2 million ransom from one victim. DigitalMint and Sygnia say they are cooperating with the investigation.
Robert Hart
Jess Weatherbed
Andrew Liszewski
Dominic Preston
Nintendo got hacked.
But it doesn’t sound too worried about it. Last week the Crimson Collective group claimed to have accessed the company’s servers, but Nintendo told Japan’s Sankei Shimbun that no personal or business information appears to have leaked, with the breach seemingly limited to website servers.
Jess Weatherbed
Dominic Preston
The $2 million bug.
Apple has updated its bug bounty program, doubling the top reward to $2 million, plus bonuses that could take payouts over $5 million, for “exploit chains that can achieve similar goals as sophisticated mercenary spyware attacks.” Apple says that’s “the largest payout offered by any bounty program” it’s aware of.
Jay Peters
An update from Discord on its customer service data breach.
Discord updated its press release to name the third-party vendor that was compromised:
This was not a breach of Discord, but rather a breach of a third party service provider, 5CA, that we used to support our customer service efforts.
The breach may have leaked government IDs of 70,000 users.
Terrence O'Brien
Crisis averted: Asahi starts shipping Super Dry again.
Japan’s weekend is saved now that shipments of Asahi Super Dry have resumed following a ransomware attack that shutdown Japan’s most popular brewery last week. (Russian-speaking hacking group Qilin claimed responsibility.) There were concerns that the nation’s supply could evaporate in just a few days, but things are slowly returning to normal:
Asahi Breweries resumed production at all six of its domestic factories from October 2 and partial shipments of Asahi Super Dry has resumed. Beginning October 15, partial shipments of products including Asahi Draft Beer and Asahi Dry Zero will also resume, as part of ongoing recovery efforts.
Update on System Disruption Due to Cyberattack (3rd) | Newsroom|ASAHI GROUP HOLDINGS
[Asahi Group Holdings, Ltd.]
Jess Weatherbed
Emma Roth
Gmail’s end-to-end encryption for organizations now works across email providers.
With this update, Gmail users with client-side encryption can send E2EE emails to people using other providers, like Outlook. The recipient will receive a notice about the encrypted message, and can view it using a guest Gmail account.
This feature is only available to Google Workspace subscribers with an Enterprise Plus plan.
Image: Google
Richard Lawler
Benjamin Netanyahu says Israeli intelligence caused his UN speech to stream live directly to Gaza cellphones.
Despite families of hostages protesting against previously announced plans to broadcast the audio from speakers pointed at Gaza, Israeli Prime Minister Benjamin Netanyahu said his speech was also pushed to cellphones. We haven’t found any reports about how it would’ve worked, or that it was seen as he said:
Ladies and gentlemen, thanks to special efforts by Israeli intelligence, my words are now also being carried. They’re streamed live through the cell phones of Gaza.
Emma Roth and Tina Nguyen
Richard Lawler
BreachForums founder resentenced to three years in prison.
Conor Brian Fitzpatrick, aka PomPompurin, is linked to crimes including the 2021 breach that sent out fake cybersecurity warning emails from the FBI. After pleading guilty to one count of access device conspiracy, one count of access device solicitation, and one count of possession of child sexual abuse material, he was originally sentenced to 20 years of supervised release.
Founder of One of World’s Largest Hacker Forums Resentenced to Three Years in Prison
[Department of Justice]
Most Popular
Most Popular
- Anthropic’s most dangerous AI model just fell into the wrong hands
- Sony’s PlayStation 5 is $200 off for the first time since December
- The unraveling of Dan Crenshaw
- Elon Musk admits that millions of Tesla vehicles won’t get unsupervised FSD
- I bought Alienware’s $350 OLED monitor and I can’t believe how good it is