It’s your car a gold mine of data. Every trip you make produces a lot of data—from your location to your use of the infotainment system—and automakers are getting better at using this information. One 2019 analysis found that cars can generate up to 25 gigabytes of data per hour. As companies improve their ability to mine this data, your car could turn out to be the next national security threat. This week, the Chinese city of Beidaihe banned Tesla from its streets as the country’s Communist Party leaders gather in the area. One possible reason for the ban is that the cars could reveal sensitive details about top Chinese figures.
Elsewhere, German mobile providers are testing “digital tokens” as a way to serve personalized advertising to people’s phones. A trial version of TrustPid by Vodafone and Deutsche Telekom generates pseudo-anonymous tokens based on people’s IP addresses and uses them to display personalized product recommendations. The move has been compared to “supercookies”, which have previously been used to track people without their permission. While Vodafone denies the system is similar to supercookies, privacy advocates say it’s a step too far. “Companies that operate communications networks should neither track their customers nor help others track them,” privacy researcher Wolfie Christl told WIRED.
In other stories this week, we’ve rounded up critical updates from Android, Chrome, Microsoft, and more that hit in June—you should make those updates now. We also looked at how the new ZuoRAT router malware infected at least 80 targets worldwide. And we’ve explained in detail how to use Microsoft Defender on all your Apple, Android, and Windows devices.
But that’s not all. We have a summary of the week’s big security news that we couldn’t cover ourselves. Click on the headlines to read the full stories. And be safe out there.
California’s gun database, called the Firearms Dashboard Portal, was supposed to improve transparency around gun sales. Instead, when new data was added to it on June 27, the update turned out to be a disaster. During a planned release of new information, the California Department of Justice made a spreadsheet publicly available online and revealed more than 10 years of data on gun owners. Included in the data breach were the names, dates of birth, gender, race, driver’s license numbers, addresses and criminal histories of people who were granted or denied concealed carry permits between 2011 and 2021. More than 40,000 CCW permits were issued in 2021. ; however, the California Department of Justice said financial information and Social Security numbers were not involved in the data breach.
Although the spreadsheet has been online for less than 24 hours, the initial investigation appears to indicate that the breach was more widespread than initially thought. In a press release issued on June 29, the California DOJ said other parts of its gun databases were also “affected.” Information contained in the assault weapons registry, handguns certified for sale, dealer sales records, firearms safety certification and no-trespass control panels may have been exposed in the breach, the department said, adding that it is investigating what information may have been exposed. Responding to the data breach, the Fresno County Sheriff’s Office said it was “worse than expected” and that some of the potentially affected information “came as a surprise to us.”
Indian hacker-for-hire groups have been targeting lawyers and their clients around the world for the better part of a decade, a Reuters investigation revealed this week. Hacking groups have used phishing attacks to gain access to confidential legal documents in more than 35 cases since 2013 and have targeted at least 75 US and European companies, according to the report, which is based in part on a collection of 80,000 emails that were sent by Indian hackers over the past seven years. The investigation details how hacker groups operate and how private investigators take advantage of their ruthless nature. As Reuters reported its investigation, Google’s threat analysis group published dozens of domains belonging to alleged hacker groups in India, Russia and the United Arab Emirates.
Since 2009, the Chinese hacking group APT40 has targeted companies, government bodies and universities around the world. APT40 has hit countries including the United States, United Kingdom, Germany, Cambodia, Malaysia, Norway and others, according to security firm Mandiant. This week, a Financial Times The investigation revealed that Chinese university students were tricked into working for a fake company linked to APT40 and were involved in researching its hacking targets. The newspaper identified 140 potential translators who applied for jobs at Hainan Xiandun, a company allegedly linked to APT40 and named in a US Department of Justice indictment in July 2021. Those applying for jobs at Hainan Xiandun were asked to they translate sensitive US government documents and appear to be “unwittingly drawn into a life of espionage,” according to the story.
In 2021, North Korean hackers stole around $400 million in cryptocurrencies as part of the country’s efforts to evade international sanctions and strengthen its nuclear weapons program. Investigators this week began linking the June 23 theft of about $100 million in cryptocurrency from Horizon Bridge to North Korean actors. Blockchain analysis firm Elliptic says it has found “strong indications” that North Korea’s Lazarus Group is linked to the Horizon Bridge hack — and Elliptic isn’t the only group to have made the connection. The attack is the latest in a series against blockchain bridges, which have become an increasingly common target in recent years. However, investigators say the ongoing cryptocurrency crash has wiped out millions in value from North Korea’s crypto heists.