Help Might Finally Be on the Way to Fight SIM-Swap Attacks

A WIRED report found that Google geolocation data had been used in 45 investigations of Capitol rioters and counting. That includes the use of two geofence warrants that enabled the FBI to pinpoint suspects within the building in a narrow window of time on January 6. It was an extraordinary use of geofencing during an extraordinary time; experts acknowledge that it was likely justified, but worry about a slippery slope, especially as the use of geofence warrants has exploded in recent years.

In other Google news, Android suffered yet another wave of scam apps. In a campaign that dated back to at least November, hundreds of malicious apps snuck into Google Play and were collectively downloaded onto over 10 million devices. The bad apps used various evasive maneuvers to avoid detection, and tried to trick users into signing up for a recurring charge. Researchers are unclear how much money they made off with, but given the number of victims it’s potentially in the hundreds of millions of dollars.

The internet infrastructure company Cloudflare is getting into email security, with two new, free tools designed to protect enterprise customers from phishing and other email woes. The Senate yelled at Facebook again, this time about teen mental health. And now that you can go passwordless on your Microsoft account, we put together a quick guide for how to enable it.

Dune lends itself to many interpretations, but its most compelling might be as a template for future global conflicts, from Afghanistan to cyberwar. And we looked at why a real-life James Bond probably wouldn’t use an iPhone. (Or the Nokia he relies on in the movie, for that matter.)

And there’s more! Each week we round up all the security news WIRED didn’t cover in depth. Click on the headlines to read the full stories, and stay safe out there.

SIM-swap attacks, in which someone ports your phone number to their device in order to get past two-factor authentication on your most sensitive accounts, have been a scourge for years. They’re resulted in cryptocurrency theft, bank accounts being drained, and social media account takeovers. And while there’s no simple way to stop them, there are certainly approaches that the US hasn’t yet tried. Which is why it’s heartening that the FCC finally appears to be paying attention to them; this week the agency said it was planning to push carriers to implement more secure authentication before transferring numbers to a new device. It won’t solve the problem entirely—especially since phone company employees have at times actively enabled the attacks—but it’s a long overdue start.

Russia has continued to crack down on every facet of technology in the country, which this week took a troubling turn. Law enforcement in the country has reportedly arrested Ilya Sachkov, founder and CEO of St. Petersburg-based cybersecurity firm Group-IB. He’s accused of working with “foreign intelligence services” to undermine Russia’s national interests; the company has said he is innocent of all charges. Sachkov faces up to 20 years in prison if found guilty.

Security researchers this week demonstrated a flaw in how Visa implements Apple Pay’s “Express Transit” feature that let them make unauthorized contactless payments from a locked iPhone. First, they impersonated a transit system ticket barrier using a cheap piece of radio equipment, to make the iPhone think it was connecting with a legitimate system. Then, they used a so-called relay attack to direct payment messages from the iPhone to a reader under their control, allowing them to make large transactions without the need for any biometric confirmation. It’s an issue that would apply primarily to stolen iPhones, and Apple indicated in a statement to the BBC that Visa seems unlikely to fix given the relative complexity of the attack.

We write a lot about ransomware around here, and its various deleterious effects on society. But as attacks continue to escalate—against hospitals in particular—you should take some time to read this Wall Street Journal report about the real human cost. It’s a devastating but essential read.


More Great WIRED Stories

Source: Help Might Finally Be on the Way to Fight SIM-Swap Attacks

*This is a free press release. Upgraded press releases are ad-free!

New York #1 Best-Selling Author Finds Inspiration in Shen Yun

LOUISVILLE, Ky.—Dr. David West Reynolds holds a Ph.D. in archeology specializing in ancient Rome and Egypt. He’s also the New York Times #1 best-selling author of Star Wars guide books. His books have been translated into a dozen languages and have sold over 2 million copies around the world. He has also written books on…

Read Press Release

Mark Cuban believes that Bitcoin is the best store of value

Ethereum has more use cases than Bitcoins as per billionaire Mark Cuban and Shark TankCuban sees BTC as digital Gold, and deemed that Bitcoin is what the Gold folks are doingCuban advocates smart contracts platform Ethereum and layer 2 solutionsMark Cuban believes that investors could choose Bitcoin to invest in the longer time-frameEthereum and Bitcoin…

Read Press Release

The changing nature of beauty packaging

In a fiercely competitive market, packaging can make an enormous difference in which beauty products do best. Here we examine how sustainability and influencer marketing is affecting the look and feel of the beauty sector In 2020, the UK’s beauty industry was reportedly worth £27 billion, and has been valued at around $500 billion globally.…

Read Press Release

Help Might Finally Be on the Way to Fight SIM-Swap Attacks - Click To Share

Share on facebook
Share on twitter
Share on reddit
Share on linkedin
Share on email
Share on whatsapp