Just days after an international law enforcement operation disrupted LockBit, the ransomware group reemerged with a new dark-web site where it threatened to release documents stolen from Fulton County, Georgia, where Donald Trump and 18 codefendants stand accused of a conspiracy to overturn the 2024 election. But by the time the deadline for Fulton County to pay arrived, all mention of the leak had mysteriously disappeared. Fulton County says it didn’t pay LockBit’s ransom, suggesting that the group may be bluffing. If there is a leak, however, it could wreak havoc on an already chaotic US presidential election, the security of which is already under threat.

Thank you for reading this post, don’t forget to subscribe!

Regardless of what’s going on with the Fulton County leak, it’s become clear that ransomware groups are getting faster at rebounding after law enforcement crackdowns. Around two months after the FBI disrupted the ransomware gang known as Blackcat or AlphV, the group successfully attacked Change Healthcare earlier this month, causing ongoing delays at pharmacies around the United States.

US fears over international threats were front and center this week. First, the White House announced a new executive order that aims to prevent “countries of concern,” including China, North Korea, and Russia, from purchasing sensitive data about Americans—a plan that may or may not work. Then the Biden administration said it is launching an investigation into national security threats posed by vehicles imported from China. And the US Department of Commerce imposed sanctions on Canada-based Sandvine, a company whose web-monitoring tech has been used by authoritarian governments to censor the internet.

A study released this week found that Russia has likely launched more than 200 attacks on Ukraine’s power grid since its 2022 full-scale invasion, 66 of which researchers at the Conflict Observatory have confirmed. These attacks are in addition to the blackouts caused by Russia’s military intelligence hacking unit known as Sandworm. In the UK, the interior ministry has been tracking the locations of migrants with GPS devices—a practice ruled illegal by a British court this week.

Meanwhile, the UK version of Pornhub tested a chatbot and warning message built to deter people searching for illegal images of child abuse on the website, finding it resulted in a “meaningful decrease” in the problematic searches. In the world of generative AI, researchers have created a “worm” that is capable of spreading between different AI agents and could potentially be used to steal data or send spam messages. Finally, we rounded up all the major security patches released in the past month—patch as soon as you can.

That’s not all. Each week, we round up the security news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.

Law Enforcement Demanded Push Notification Data to ID Suspects in 130 Cases

The push notifications that populate the screens of our smartphones have become a kind of convenient central dashboard for modern digital life. They also serve, it’s becoming increasingly clear, as a powerful hidden surveillance mechanism.

An investigation by The Washington Post revealed this week that law enforcement has sought push notification data from Google, Apple, Facebook, and other tech companies fully 130 times in recent years. Those requests span 14 states and the District of Columbia and have targeted the data of criminal suspects in cases ranging from terrorism to Covid-19 relief fraud to January 6 insurrectionists to Somali pirates, according to the Post. In three cases, the push notification data was used to identify and arrest alleged abusers of children. In another case, it helped identify an alleged murderer.

To send those notifications that awaken a device and appear on its screen without a user’s interaction, apps and smartphone operating system makers must store tokens that identify the device of the intended recipient. That system has created what US senator Ron Wyden has called a “digital post office” that can be queried by law enforcement to identify users of an app or communications platform. And while it has served as a powerful tool for criminal surveillance, privacy advocates warn that it could just as easily be turned against others such as activists or those seeking an abortion in states where that’s now illegal.

In many cases, tech firms don’t even demand a court order for the data: Apple, in fact, only demanded a subpoena for the data until December. That allowed federal agents and police to obtain the identifying information without the involvement of a judge until it changed its policy to demand a judicial order.

Europe’s sweeping Digital Markets Act comes into force next week and is forcing major “gatekeeper” tech companies to open up their services. Meta-owned WhatsApp is opening its encryption to interoperate with other messaging apps; Google is giving European users more control over their data; and Apple will allow third-party app stores and the sideloading of apps for the first time.

Apple’s proposed changes have proved controversial, but ahead of the March 7 implementation date the company has reiterated its belief that sideloading apps creates more security and privacy risks. It may be easier for apps on third-party apps stores, the company says in a white paper, to contain malware or try to access people’s iPhone data. Apple says it is bringing in new checks to try to make sure apps are safe.

Source: https://www.wired.com/story/push-notification-privacy-security-roundup/
Media :https://www.wired.com/
Writter: ANDREW COUTS