This week, Venmo Took a long step towards privacy by removing the global social feed in its latest redesign. That’s good! You will no longer see an endless stream of strangers sending money to each other. But privacy advocates say that as long as Venmo defaults every transaction, it is still the responsibility of users who do not realize that they have to dig out settings to hide their Venmo life from others.

Amnesty International and a consortium of researchers and media organizations released a major investigation this week into the NSO Group and an Israeli-based spyware vendor. The report alleges that governments have used the NSO group’s malware to spy on activists, journalists, politicians and officials; The NSO group issued multiple denials. Security researchers, meanwhile, see the revelations as evidence that they need more visibility in iOS and Android to better carry out such attacks, and prevent them from moving forward.

In the second global team this week, the countries of the world defeated the U.S. Gave details of years of aggressive hacking behavior from China, including allegations from the Justice Department. While China has historically focused on espionage, its growing reliance on criminal contractors in recent years has led to a more reckless campaign.

Speaking of reckless, remember the absurdly widespread rinsomware attack that spread earlier this month? Just three weeks after the shy, IT management firm Cassia finally got its hands on a universal decryption tool, meaning any victim who hadn’t already recovered their data through backups or other means could finally breathe a sigh of relief. At least, until the next ransomware scare. We also took a look Space Jam: A New Legacy And the bad lesson to those young people is that A.I. Teach about.

And there is more. We don’t cover all the security news in depth every week. Click on the headlines to read the full stories and stay safe there.

Very nice catch by motherboard and twitter user dox_gay This Week: Like News Sites W. Washington Post, New York Magazines and more inadvertently display pornography on older pages. (And yes, that includes old wired stories.) The culprit? A video platform called Widme operated from 2014 to 2017, the domain of which was later purchased by an adult site called 5 Star Porn HD. The web pages in which Vidham Player was embedded started showing thumbnails of graphic sexual content when the service was viable instead of what was originally there. As the motherboard also notes, it’s an interesting example of a serious problem: mostly the rotting infrastructure of the Internet.

Chromebook owners may find themselves unable to log in to their devices this week. A bug introduced in a recent update has been fixed so that cloud-based laptops do not accept passwords on the go-in screen, locking users indefinitely. Not great! But what makes it worse is that the bug obviously comes on a small, tiny typo. Some Chrome OS programmers left a “&” in a conditional statement somewhere, none of their peers could catch it, and chaos ensued. Google quickly pulled the bad update, and now the fix is ​​rolling out, but affected Chromebook owners have just as little comfort.

Twitter revealed this week that very, very, very, very, very few of its users actually take advantage of dual-factor authentication. Only 2.3 percent, to be exact. This is not great! The bi-factor may not prevent every attack, but it does provide a huge security upgrade for over-the-counter troubles on a platform that regularly takes on account takeover epidemics. You can use authe authentication application instead of your phone number, it is a more secure and easy to manage method. If you are one of the .797. percent of active Twitter users who do not use dual-factor, please take 90 seconds out of your day to set it up.

Remember how we were saying that China historically focused on espionage? That is still true. But a troubling warning this week by the FBI and the Department of Homeland Security suggests that hackers in the country have at least considered more disruptive attacks. Around 2011-2013, they spent about two dozen U.S. dollars, not only for intellectual property. Investigated pipeline companies. “The purpose of this activity was ultimately to help China develop cybertech capabilities to inflict physical damage or disrupt pipeline operations against pipelines to UP pipelines,” the warning said. This is the kind of behavior you would expect from Russia or Rinsomware gangsters, but China is less so. Fortunately, these events were years ago; The hope is that she will not revisit those plans.


More great wire stories