Wired Security Spoken Edition

They set up phony news sites with stories ripped from other sources, backing up their state-sponsored agenda. They stole photos for their social media profiles and made up names to catfish unsuspecting victims. They formed an incestuous web of promotion across Facebook, Twitter, YouTube, Google+, Reddit, and other platforms. They seemed to have a thing for Bernie Sanders. And then they got caught. Learn about your ad choices: dovetail.prx.org/ad-choices

The biggest news in America this week struck like two timed missiles minutes apart on Tuesday afternoon. Though they appear at first blush unrelated to Russia’s hacking of the 2016 US election, they are likely to explode right in the heart of Robert Mueller’s investigation. First. Learn about your ad choices: dovetail.prx.org/ad-choices

On Thursday, T-Mobile confirmed that some of its customer data was breached in an attack the company discovered on Monday. It's a snappy disclosure timeframe, and the carrier said that no financial data, passwords, or Social Security numbers were compromised in the breach. A relief, right? The problem is the customer data that was potentially exposed: name, billing zip code, email address, account number, account type, and phone number. That last one's a particular concern. Learn about your ad choices: dovetail.prx.org/ad-choices

My legs were sticking to the vinyl back seat of a NYC cab when I received the email on a Thursday this July. I was running late to an afternoon dentist appointment, and sending messages on Facebook Messenger. Most of the conversations were for a story I was reporting about a Facebook group for sexual assault survivors, which had been overtaken by abusers. Learn about your ad choices: dovetail.prx.org/ad-choices

You probably assume that someone can only see what's on your computer screen by looking at it. But a team of researchers has found that they can glean a surprising amount of information about what a monitor displays by listening to and analyzing the unintended, ultrasonic sounds it emits. Learn about your ad choices: dovetail.prx.org/ad-choices

On Wednesday, the Democratic National Committee was alerted by Lookout, a mobile security firm, about an apparent phishing campaign. Someone had created fake site that looked just like VoteBuilder, a DNC-managed database that contains years' worth of voter information. Were an unsuspecting DNC employee to give the fake site their username and password, a malicious actor could potentially steal sensitive data. Alarmed, the DNC notified the Federal Bureau of Investigation. Learn about your ad choices: dovetail.prx.org/ad-choices

Following more than a year of unrelenting focus on Russian cyber attacks on Silicon Valley giants, Facebook and Twitter announced Tuesday night that they've now also thwarted a network of suspicious accounts that appear to originate in Iran. First, Facebook announced it had taken down 652 pages, groups, and accounts for "coordinated inauthentic behavior. Learn about your ad choices: dovetail.prx.org/ad-choices

On Tuesday, a trifecta of tech companies announced that they had thwarted what appear to be significant cyberattacks from Russia and Iran. First, Microsoft CEO Brad Smith announced that the company had caught another round of phishing attacks on political groups in the United States, which it attributed to the Russian hacking group Fancy Bear. Then it was Facebook's turn. Learn about your ad choices: dovetail.prx.org/ad-choices

It was a perfect sunny summer afternoon in Copenhagen when the world’s largest shipping conglomerate began to lose its mind. The headquarters of A.P. Møller-Maersk sits beside the breezy, cobblestoned esplanade of Copenhagen’s harbor. A ship’s mast carrying the Danish flag is planted by the building’s northeastern corner, and six stories of blue-tinted windows look out over the water, facing a dock where the Danish royal family parks its yacht. Learn about your ad choices: dovetail.prx.org/ad-choices

Early Tuesday, Microsoft announced that last week it seized control of six domains owned by the Russian hacking group Fancy Bear, also known as APT28. The hackers had used the sites to mount midterm election-related phishing campaigns, similar to those Fancy Bear launched during the 2016 United States election season. It's the most prominent, publicly known effort to proactively identify and thwart Russian election hacking efforts—and Microsoft's in a unique position to pull it off. Learn about your ad choices: dovetail.prx.org/ad-choices

In late July, a group of high-ranking Facebook executives organized an emergency conference call with reporters across the country. That morning, Facebook’s chief operating officer, Sheryl Sandberg, explained, they had shut down 32 fake pages and accounts that appeared to be coordinating disinformation campaigns on Facebook and Instagram. Learn about your ad choices: dovetail.prx.org/ad-choices

In a move that has shocked career national security officials, President Trump stripped former CIA Director John Brennan of his security clearance this week, and announced he was considering doing so for a host of others. The move so enraged retired Navy Admiral William McRaven—the man who oversaw the killing of Osama Bin Laden—that he wrote an op-ed telling Trump to revoke his clearance too, in solidarity with Brennan. Learn about your ad choices: dovetail.prx.org/ad-choices

A spate of hacked Instagram accounts. A $220 million lawsuit against AT&T. A bustling underground crime ring. They all have roots in an old problem that has lately found new urgency: SIM card swaps, a scam in which hackers steal your mobile identity—and use it to upend your life. At its most basic level, a SIM swap is when someone convinces your carrier to switch your phone number over to a SIM card they own. They’re not doing it for prank call cover, or to rack up long-distance charges. Learn about your ad choices: dovetail.prx.org/ad-choices

For the past week, psychologists all over America have been freaking out. The cause of their agita was an observation by a psychology graduate student from the University of Minnesota named Max Hui Bai. Like many researchers, Bai uses Amazon’s Mechanical Turk platform, where individuals sign up to complete simple tasks, such as taking surveys for academics or marketers, and earn a low fee. Learn about your ad choices: dovetail.prx.org/ad-choices

Imagine someone robs your house. The savvy culprit didn't leave behind fingerprints, shoe prints, or any other discrete, identifying details. Still, police manage to link the crime to a series of burglaries that happened the next town over, because of the criminal's behavior. Each robbery occurred in the same way, and in each case, the perpetrator stole many of the same items. Learn about your ad choices: dovetail.prx.org/ad-choices

Now in its second year, the Voting Machine Hacking Village at the DefCon security conference in Las Vegas features a new set of voting machines—all of which will actually be used in the 2018 midterm elections—for attendees to analyze and attack. But as eager attendees get to work familiarizing themselves with the devices and revealing their weaknesses, another call has emerged from the Village as well: Finding bugs is great. But you also need the money to fix them. Learn about your ad choices: dovetail.prx.org/ad-choices

Two weeks ago, Epic Games CEO Tim Sweeney confirmed that the Android version of Fortnite, largely seen as the most popular game in the world, would not be available through the Google Play Store. Instead, fans would have to install it from the web. The announcement drew heaps of attention—not least of which came from peddlers of malware. Fortnite only became broadly available on Android this week. Learn about your ad choices: dovetail.prx.org/ad-choices

If, like most people, you thought Google stopped tracking your location once you turned off Location History in your account settings, you were wrong. According to an AP investigation published Monday, even if you disable Location History, the search giant still tracks you every time you open Google Maps, get certain automatic weather updates, or search for things in your browser. There's a way to stop it—but it takes some digging. Learn about your ad choices: dovetail.prx.org/ad-choices

One way operating system developers try to protect a computers's secrets from probing hackers is with an appeal to the human at the keyboard. By giving the user a choice to “allow” or “deny” a program’s access to sensitive data or features, the operating system can create a checkpoint that halts malware while letting innocent applications through. Learn about your ad choices: dovetail.prx.org/ad-choices

It's tempting to think of fax machines as a relic, every bit as relevant as an eight-track tape. But fields like health care and government still rely on faxes every day. Even your all-in-one printer probably has a fax component. And new research shows that vulnerabilities in that very old tech could expose entire corporate networks to attack. Learn about your ad choices: dovetail.prx.org/ad-choices