Just days after an international law enforcement operation disrupted LockBit, the ransomware group resurfaced with a new dark-web site threatening to release documents stolen from Fulton County, Georgia, where Donald Trump and 18 codefendants are accused of plotting to overturn the 2024 election.

However, by the time Fulton County’s payment deadline arrived, all indication of the leak had suddenly disappeared. Fulton County claims it did not pay LockBit’s ransom, raising the possibility that the gang is bluffing. If there is a leak, it might derail an already tumultuous US presidential election, whose security is already jeopardized.

Regardless of what’s going on with the Fulton County breach, it’s obvious that ransomware gangs are growing better at recovering from law enforcement crackdowns. Around two months after the FBI thwarted the ransomware gang known as Blackcat or AlphV, the group successfully struck Change Healthcare earlier this month, causing ongoing delays in pharmacies across the United States.

READ MORE: Cybersecurity: Why Effective Data Security Necessary In Today’s Competitive World

This week, the United States focused on its concerns about worldwide dangers. First, the White House issued a new executive order aimed at preventing “countries of concern,” such as China, North Korea, and Russia, from acquiring sensitive data about Americans—a strategy that may or may not work. The Biden administration then announced that it will initiate an investigation into the national security dangers presented by vehicles imported from China. The US Department of Commerce also levied penalties on Canada-based Sandvine, a business whose web-monitoring technology has been used by autocratic governments to control the internet.

READ MORE: Police Have Taken Down A Popular Cybercrime Website Called Genesis Market

According to a recent assessment, Russia has likely launched over 200 strikes on Ukraine’s electrical grid since its full-scale invasion in 2022, with 66 of them validated by Conflict Observatory researchers. These attacks are in addition to the blackouts produced by Russia’s military intelligence hacking outfit, Sandworm. In the United Kingdom, the interior ministry has been using GPS devices to track the locations of migrants, a practice that a British court found unconstitutional earlier this week.

Meanwhile, the UK edition of Pornhub tried a chatbot and warning message designed to dissuade visitors from searching for unlawful photos of child abuse on the platform, and discovered that it resulted in a “meaningful decrease” in problematic searches. In the field of generative AI, researchers have developed a “worm” that can spread amongst different AI agents and might potentially be used to steal data or deliver spam messages. Finally, we compiled a list of all the significant security updates issued in the last month—apply as soon as possible.

That is not all. We provide a weekly roundup of security news that we did not cover in depth. Click on the headlines to read the full stories. And be safe out there.

Law enforcement demanded push notification data to identify suspects in 130 cases.

The push notifications that appear on our smartphones’ screens have evolved into a useful primary dashboard for modern digital life. They also function as an effective concealed surveillance device, as is becoming increasingly evident.

The Washington Post reported this week that law enforcement has requested push notification data from Google, Apple, Facebook, and other internet companies 130 times in recent years. According to the Post, these demands span 14 states and the District of Columbia and have targeted criminal suspects’ data in cases ranging from terrorism to Covid-19 relief fraud, January 6 insurrectionists, and Somali pirates. In three incidents, push notification data was used to identify and apprehend alleged child abusers. In another case, it was used to identify an alleged murderer.

READ MORE: A Cyber-Attack Raises Concerns That Thieves May Target UK Gun Owners For Guns

To transmit notifications that wake up a device and appear on its screen without user intervention, app and smartphone operating system developers must keep tokens that identify the intended recipient’s device. That system has established what US Senator Ron Wyden refers to as a “digital post office” that law enforcement can use to identify app or communication platform users. While it has proven to be an effective tool for criminal monitoring, privacy experts warn that it may be used against activists or women seeking abortions in states where they are now outlawed.

In many situations, digital companies do not even seek a court order for the data; Apple, for example, did not request a subpoena until December. This permitted federal agents and police to get identifying information without the involvement of a judge, until the policy was amended to require a judicial warrant.

Apple warns about security risks in new third-party app stores.

Europe’s vast Digital Markets Act goes into effect next week, requiring large “gatekeeper” tech corporations to open up their services. WhatsApp, which is owned by Meta, is opening up its encryption so that it can work with other messaging applications; Google is giving European customers greater control over their data; and Apple will allow third-party app stores and software sideloading for the first time.

Apple’s proposed changes have been controversial, but the company has reiterated its stance that sideloading apps increases security and privacy issues. According to the company’s white paper, programs on third-party app stores may be more likely to contain malware or attempt to access people’s iPhone data. Apple says it is introducing extra tests to ensure that apps are safe.

“These safeguards will help keep EU users’ iPhone experience as secure, privacy-protecting, and safe as possible—although not to the same degree as in the rest of the world,” according to the company. Apple has also received feedback from EU institutions, including those in banking and defense, that are concerned about employees installing third-party apps on work devices.

Court orders NSO Group to hand up Pegasus Spyware Code to WhatsApp.

WhatsApp secured a significant legal victory this week against the notorious mercenary hacking business NSO Group in its long-running case against the spyware supplier for allegedly infiltrating its app and its customers’ devices. Phyllis Hamilton, the judge in the case, concurred with WhatsApp in demanding that NSO Group hand over the code of its Pegasus spyware, which has long been regarded as one of the most sophisticated pieces of spyware to attack mobile devices, often via weaknesses in WhatsApp.

The code transfer, which contains versions of Pegagus from 2018 to 2020 as well as NSO’s documentation about its spyware, could assist WhatsApp verify its claims that NSO hacked 1,400 of its users, including at least 100 members of “civil society” like as journalists and human rights campaigners. “Spyware companies and other malicious actors must understand that they can be caught and will be unable to avoid the law,” a WhatsApp representative told the Guardian.

Major retailers sold extremely insecure video doorbells.
Here’s a good rule of thumb: Don’t place any equipment in or around your home that has a camera, an internet connection, and is built by a Chinese manufacturer you’ve never heard of. Consumer Reports revealed this week that countless brands of video-enabled doorbells have absolutely shambolic security, to the point where many of the devices allow anyone to walk up to them outside your door, hold a button to pair their own smartphone with it, and then spy through your camera.

According to the inquiry, they can sometimes obtain only the device’s serial number, allowing them to hijack it via the internet from anywhere in the world. Consumer Reports discovered that these gadgets were sold under the brand names Eken and Tuck, but appeared to share a manufacturer with no less than ten additional devices with similar features. While those devices may appear odd, they are purportedly sold on major retail platforms such as Amazon, Walmart, Sears, Shein, and Temu. In certain cases, Amazon had even given the gadgets the “Amazon’s Choice: Overall Pick” badge, despite the fact that Consumer Reports had informed Amazon to the security vulnerabilities.