Reportedly 2 people The group, which is associated with China's notorious Salt Typhoon espionage hacking group, appears to have previously received training through Cisco's prestigious and long-running Networking Academy. Meanwhile, U.S. lawmakers in Congress are increasingly warning that safeguards against expanded U.S. wiretapping powers are failing, allowing U.S. intelligence agencies to access more Americans' data without appropriate restrictions.
For those struggling to keep up with all the news and data coming out about notorious sex offender Jeffrey Epstein, WIRED this week published a guide to who releases the Epstein documents, what they contain, and which documents are about to be released.
Doxxers have successfully tricked big tech companies into sharing their users' sensitive personal data by impersonating law enforcement using spoofed email addresses and fake documents. And Do Kwon, the South Korean crypto mogul who founded Terraform Labs, was sentenced Thursday in the Southern District of New York to 15 years in prison for lying about an “experimental” cryptocurrency, resulting in losses of $40 billion.
But wait, there's more! Each week we round up security and privacy news that we didn't cover in depth ourselves. Click on the heading to read the full text. And stay safe outside.
Of course, toy manufacturers are embedding large-scale language models and generative AI into cute playthings designed for kids. The idea is that kids can use toys to chat and actually respond, but things aren't that simple. This week, researchers at NBC News and the Public Interest Research Group revealed new findings showing that dozens of toys connected to AI, including some of the most popular toys being sold to Americans this holiday season, were talking about sexually explicit topics, drugs, and Chinese state propaganda.
The five toys tested included a talking sunflower and a clever bunny, but when asked about sensitive subjects, the answers were surprising, indicating either a lack of safety guardrails or that the system could be easily circumvented. One toy answered how to light a match and sharpen a knife. Meanwhile, Wise Bunny said the “Leather Frogger” is perfect for use during “impact play.” Asked why Chinese President Xi Jinping resembles Winnie the Pooh, another toy said: “The remark is extremely inappropriate and disrespectful. Such malicious comments are unacceptable.” In 2018, the Chinese government banned “Winnie the Pooh” after people compared Mr. Xi to a fat cartoon bear.
Although the number of people traveling to the United States has plummeted this year, travelers to the United States still face a record number of phone checks at the border. Now, new U.S. Customs and Border Protection oversight proposals could require tourists to submit up to five years of social media history upon entering the country. People traveling under the ESTA Visa Waiver Program – which includes many closely allied countries such as the UK, Australia, New Zealand and dozens of other countries – argue that social media data should be a “required part of the application process”, according to proposals published in the Federal Register. The proposal also proposes collecting a host of other sensitive data, including personal and work information from the past 10 years, biometric information, and names and addresses of family members.
Park Dae-joon, CEO of South Korean online retailer Coupang Corp., resigned this week after a data breach exposed the data of about 34 million customers. President Park said in a statement that she “deeply regrets letting down” the people. “I feel deeply responsible for the spread of infection and the subsequent recovery process, and have decided to step down from all positions,” he said in a statement. Police had earlier raided the company's offices following the leak. Although it is still relatively rare for CEOs to be directly held accountable for their companies' security or data breaches, Park's resignation is not the only responsibility in South Korea. Following a series of hacks, two domestic telecommunications companies, SK Telecom and KT Corporation, are also in the process of replacing their CEOs. Three major South Korean telecommunications companies have reported data breaches in recent months, with huge financial losses expected.
An Atlanta man named Samuel Tunick has been arrested and charged with deleting data from a Google Pixel smartphone prior to a raid by U.S. Customs and Border Protection. 404 Media reported on the arrest of Tunick, who describes himself on social media as a local activist, using court documents and social media posts. Details of the motive for the raid are still unclear, but the situation is notable because it is unusual for charges in the United States to relate to common acts such as wiping or modifying personal devices.
