ICE Now Equipped with Spyware | WIRED

The Biden administration deemed spyware used for phone hacking controversial enough to impose strict restrictions on its use by the US government, as outlined in an executive order signed in March 2024. In a stark reversal, the upcoming changes under Trump’s aggressive initiative to strengthen his deportation force—the most funded law enforcement agency in the US—could pave the way for a new and formidable form of domestic surveillance.

Numerous technology and security firms—such as Cloudflare, Palo Alto Networks, Spycloud, and Zscaler—have confirmed that customer data was compromised in a breach initially targeting a chatbot system from the sales and revenue company Salesloft. Though the data theft began in August, more companies have disclosed recent breaches involving stolen customer information.

Towards the end of August, Salesloft announced the discovery of a “security issue” within its Drift application, an AI chatbot designed to help businesses identify potential customers. The company indicated that this security concern is tied to Drift’s connection with Salesforce. Between August 8 and August 18, hackers exploited compromised OAuth tokens associated with Drift to extract data from various accounts.

At the end of August, Google’s security researchers disclosed details about the breach. “The actor systematically exported large volumes of data from numerous corporate Salesforce instances,” Google reported in a blog post, emphasizing that the hackers aimed to find passwords and other credentials within the data. Over 700 companies could have been affected, with Google later noting abuse of Drift’s email integration.

On August 28, Salesloft decided to suspend its Salesforce-Salesloft integration while it looked into the security concerns; by September 2, it announced plans to “temporarily take Drift offline in the near future” to enhance the system’s resiliency and security. It’s probable that more affected companies will inform their customers in the days ahead.

Gathering intelligence on the inner workings of the Kim regime, which has governed North Korea for three generations, has long been a daunting task for US intelligence agencies. This week, The New York Times broke a significant story about a highly classified operation revealing the extent of the US military’s attempts to spy on the regime. In 2019, SEAL Team 6 was dispatched for an amphibious mission to deploy an electronic surveillance device on North Korean territory—only to fail and inadvertently kill a group of North Koreans. According to the Times, the Navy SEALs managed to swim to the shores using mini-subs from a nuclear submarine. However, due to inadequate reconnaissance and the challenges of monitoring the area, the operators mistook a fishing boat for a threat, resulting in the shooting of its occupants and the mission’s failure. The individuals on the boat were likely civilians diving for shellfish. The Times also reported that the Trump administration did not inform congressional committee leaders overseeing military and intelligence operations.

Phishing remains one of the most established and effective methods for hackers to gain initial access to target networks. One study suggests a reason for this persistence: training employees to recognize and resist phishing attempts is surprisingly challenging. In a study involving 20,000 employees at UC San Diego Health, simulated phishing attempts yielded only a 1.7 percent reduction in failure rates among staff who received training compared to those who did not. This may be due to the minimal attention employees paid to the training, with 75 percent of participants spending less than a minute on the training link. However, those who completed a training Q&A were 19 percent less likely to fail subsequent phishing tests—not exactly a reassuring level of protection. The takeaway? Develop methods for detecting phishing that do not rely on the victim’s ability to identify the fraud. As is frequently mentioned in the cybersecurity field, humans often represent the weakest link in organizational security—and they seem determined to maintain that status.

Online piracy continues to be a lucrative enterprise, with over 216 billion visits to piracy sites streaming movies, TV shows, and sports last year. Recently, however, the largest illegal sports streaming platform, Streameast, was shut down following an investigation by the anti-piracy organization Alliance for Creativity and Entertainment alongside Egyptian authorities. Before its takedown, Streameast operated an extensive network of 80 domains that garnered over 1.6 billion visits yearly, streaming sports events from the Premier League and other European matches, in addition to NFL, NBA, NHL, and MLB games. According to The Athletic, two men in Egypt were arrested on copyright infringement charges, and authorities discovered links to a shell company allegedly involved in laundering approximately $6.2 million in advertising revenue over the past 15 years.