Help Might Finally Be on the Way to Fight SIM-Swap Attacks

A WIRED report found that Google geolocation data had been used in 45 investigations and counting of the US Capitol rioters. That includes the use of two geofence warrants that enabled the FBI to pinpoint suspects within the building in a narrow window of time on January 6. It was an extraordinary use of geofencing during an extraordinary time; experts acknowledge that it was likely justified, but they worry about a slippery slope, especially as the use of geofence warrants has exploded in recent years.

In other Google news, Android suffered yet another wave of scam apps. In a campaign that dated back to at least November, hundreds of malicious apps were snuck into Google Play and were collectively downloaded over 10 million devices. The bad apps used various evasive maneuvers to avoid detection and tried to trick users into signing up for a recurring charge. Researchers are unclear how much money the scammers made off with, but given the number of victims it’s potentially in the hundreds of millions of dollars.

The internet infrastructure company Cloudflare is getting into email security, with two free, new tools designed to protect enterprise customers from phishing and other email woes. The Senate yelled at Facebook again, this time about teen mental health. And now that you can go passwordless on your Microsoft account, we put together a quick guide for how to enable it.

web
web link
web site
weblink
webpage
website
website link
websites
what do you think
what google did to me
what is it worth
why not check here
why not find out more
why not look here
why not try here
why not try these out
why not try this out
you can check here
you can find out more
you can look here
you can try here
you can try these out
you can try this out
you could check here
you could look here
you could try here
you could try these out
you could try this out
your domain name
your input here
have a peek at this web-site
Source
have a peek here
Check This Out
this contact form
navigate here
his comment is here
weblink
check over here
this content
have a peek at these guys
check my blog
news
More about the author
click site
navigate to this website
my review here
get redirected here
useful reference
this page
Get More Info
see here
this website
great post to read
my company
imp source
click to read more
find more info
see it here
Homepage
a fantastic read
find this
Bonuses
read this article
click here now
browse this site
check here
original site
my response
pop over to these guys
my site
dig this
i thought about this
check this link right here now
his explanation
why not try these out
more info here
official site
look at this site
check it out

Dune lends itself to many interpretations, but its most compelling might be as a template for future global conflicts, from Afghanistan to cyberwar. And we looked at why a real-life James Bond probably wouldn’t use an iPhone. (Or the Nokia he relies on in the movie, for that matter.)

And there’s more! Each week we round up all the security news WIRED didn’t cover in depth. Click on the headlines to read the full stories, and stay safe out there.

SIM-swap attacks, in which someone ports your phone number to their device in order to get past two-factor authentication on your most sensitive accounts, have been a scourge for years. They’ve resulted in cryptocurrency theft, bank accounts being drained, and social media account takeovers. And while there’s no simple way to stop them, there are certainly approaches that the US hasn’t yet tried. Which is why it’s heartening that the FCC finally appears to be paying attention to them; this week the agency said it was planning to push carriers to implement more secure authentication before transferring numbers to a new device. It won’t solve the problem entirely—especially since phone company employees have at times actively enabled the attacks—but it’s a long overdue start.

Russia has continued to crack down on every facet of technology in the country, which this week took a troubling turn. Law enforcement in the country has reportedly arrested Ilya Sachkov, founder and CEO of international cybersecurity firm Group-IB. He’s accused of working with “foreign intelligence services” to undermine Russia’s national interests; the company has said he is innocent of all charges. Sachkov faces up to 20 years in prison if found guilty.

Security researchers this week demonstrated a flaw in how Visa implements Apple Pay’s Express Transit feature that let them make unauthorized contactless payments from a locked iPhone. First, they impersonated a transit system ticket barrier using a cheap piece of radio equipment, to make the iPhone think it was connecting with a legitimate system. Then, they used a so-called relay attack to direct payment messages from the iPhone to a reader under their control, allowing them to make large transactions without the need for any biometric confirmation. It’s an issue that would apply primarily to stolen iPhones, and Apple indicated in a statement to the BBC that Visa seems unlikely to fix the flaw given the relative complexity of the attack.

We write a lot about ransomware and its various deleterious effects on society. But as attacks continue to escalate—against hospitals in particular—you should take some time to read this Wall Street Journal report about the real human cost. It’s a devastating but essential read.

Correction 10/3/21 9:40am ET: This story had incorrectly stated that Group-IB was based in St. Petersburg; it is an international company with headquarters in Singapore.


More Great WIRED Stories

Leave a Reply

Your email address will not be published. Required fields are marked *

Previous post How to Transfer Save Data From One Nintendo Switch to Another
Next post The Secret Sci-Fi Origins of Burning Man