Joint investigation from WIRED, Bayerischer Rundfunk (BR) and Netzpolitik.org revealed that US companies legally collecting digital ad data are allowing adversaries to cheaply track US military and intelligence personnel. A joint analysis of billions of location coordinates by a US-based data broker revealed detailed tracking of thousands of devices from sensitive US sites in Germany, including NSA facilities and bases that are reported to host US nuclear weapons.
Elsewhere, social media giant Meta revealed for the first time its efforts to combat the forced labor complexes fueling the rise of pig slaughter scams on its platforms. The company revealed that it has been quietly collaborating with global law enforcement, technology industry partners and outside experts for more than two years to dismantle the criminal syndicates behind these operations in Southeast Asia and the UAE. This year alone, Meta reports that it has taken down more than 2 million accounts linked to fraudulent compounds in Myanmar, Laos, Cambodia, the Philippines and the UAE.
At the Cyberwarcon security conference on Friday, cybersecurity firm SpyCloud shared findings of publicly available black market services offering low-cost access to sensitive information about Chinese citizens, including phone numbers, bank details, hotel and flight records and even location in real time data. According to the firm’s researchers, these services appear to obtain their data through insiders in China’s surveillance agencies and government contractors who sell their access. Also at the conference, cybersecurity firm Volexity revealed that a Russian hacking group has reportedly developed a new Wi-Fi hacking technique that involves taking control of a nearby laptop and using it as a bridge to infiltrate a target Wi-Fi network. Called a “nearest-neighbor attack,” the method was discovered during an investigation by the firm in 2022. of a network breach at an unnamed Washington, DC. customer. Finally, the researchers examined how the U.S. is detecting foreign influence campaigns faster than ever before — but there’s plenty of room for improvement.
That’s not all Every week we round up security and privacy news that we haven’t covered in depth. Click on the headlines to read the full stories. And stay safe out there.
Hackers have breached an online “educational platform” founded by misogynistic right-wing influencer Andrew Tate, exposing the email addresses of hundreds of thousands of users as well as the contents of the platforms’ private chat servers. Data from the hack, first reported by the Daily Dot, has now been released by the non-profit transparency organization Distributed Denial of Secrets.
Andrew Tate, the so-called “king of toxic masculinity”, is currently under house arrest in Romania and faces two separate criminal charges, including charges of creating an organized crime group and trafficking in women in Romania, the UK and the US.
The compromised platform, a subscription-based service known as The Real World (formerly called Hustler’s University), described itself as a “global community” focused on “personal growth.” According to its website, members receive expert training, mentoring and access to a wide range of educational courses for about $50 a month.
