Plus: App Store scams, an anti-surveillance bill, and more of the week’s top security news.
vulnerabilities
Palestinian Hackers Tricked Victims to Install iOS Spyware
The groups used social engineering techniques on Facebook to direct targets to a wide range of malware, including custom tools.
A Clubhouse Bug Let People Lurk in Rooms Invisibly
The vulnerabilities opened the door to “ghosts” hiding in and disrupting rooms, where moderators would be unable to mute them.
Ecobee’s Ecosystem Is an Easy Way to Embrace the Smart Home
For the past six months, this Alexa-integrated security and thermostat platform made my house feel safer and more comfortable.
How the FBI Got Into the San Bernardino Shooter’s iPhone
Plus: Russian sanctions, Europe’s SolarWinds fallout, and more of this week’s top security news.
Update to REvil ransomware changes Windows passwords to automate file encryption via Safe Mode
The ransomware changes the device password to “DTrump4ever” and forces the device to log in automatically after being rebooted.
The FBI Takes a Drastic Step to Fight China’s Hacking Spree
The agency’s approach to protecting vulnerable victims of the recent Hafnium attack manages to be at once controversial and refreshingly restrained.
FBI cleans up infected Exchange servers
The feds removed web shells that provided backdoor access to cybercriminals in a recent exploit of Microsoft Exchange.
100M More IoT Devices Are Exposed—and They Won’t Be the Last
The Name:Wreck flaws in TCP/IP are the latest in a series of vulnerabilities with global implications.
What Really Caused Facebook’s 500M-User Data Leak?
The company’s explanations have been confusing and inconsistent, but there are finally some answers.