WAYR TODAY

Category: Security & Privacy

  • WhatsApp Enhances Security with Passkey Protection for Encrypted Backups

    This article was generated by AI and cites original sources.

    WhatsApp has announced a new feature that adds passkey support to access encrypted backups, strengthening security measures for users. Previously, users had to rely on passwords or encryption keys to protect their backups, requiring them to remember or store these credentials separately. With the introduction of passkeys, users can now utilize methods like fingerprint, face, or the screen lock code of their device to access WhatsApp’s backup seamlessly.

    This update comes after Meta, WhatsApp’s parent company, implemented end-to-end encryption for backups in 2021, providing users with added security for their stored data. The addition of passkey support simplifies the backup restoration process, eliminating the need for users to manage additional passwords or encryption keys.

    WhatsApp, with over 3 billion active users, plans to roll out this feature gradually in the upcoming weeks and months. Users can navigate to Settings > Chats > Chat backup > End-to-end encrypted backup to enable this enhanced security feature and check for the availability of passkey support.

    Source: TechCrunch

  • ICE Proposes Statewide Transportation Network in Texas to Streamline Immigrant Transfers

    This article was generated by AI and cites original sources.

    The U.S. Immigration and Customs Enforcement (ICE) agency is considering the implementation of a comprehensive transportation system in Texas, as detailed in a recent proposal. The plan involves the establishment of a continuous transport network to efficiently move immigrants from 254 counties to various ICE facilities and staging areas across the state.

    According to documents obtained by WIRED, ICE aims to create a seamless transport grid facilitating the movement of detainees over an average distance of 100 miles per trip. The proposed system would rely on local contractors, who would be responsible for collecting immigrants from county authorities authorized by ICE. These contractors would be equipped with firearms and empowered to undertake transport operations at multiple levels of jurisdiction.

    This initiative aligns with the broader strategy of the Department of Homeland Security to enhance interior immigration enforcement efforts. By leveraging private contractors and local law enforcement agencies, ICE seeks to expedite the detainee transfer process, thereby reducing the visibility of federal agents in public settings.

    Recent market inquiries by ICE have solicited potential vendors to provide transportation support services in Texas. The agency envisions the establishment of 254 transport hubs—one in each Texas county—each staffed by two armed contractors round the clock. The operational requirements mandate rapid response times, high vehicle readiness rates, and stringent staffing protocols to ensure the system’s efficiency.

    Source: WIRED

  • Pixel Phones Vulnerable to Cellebrite Hacking, Leaker Reveals

    This article was generated by AI and cites original sources.

    A recent leak has revealed that certain Google Pixel phone models are vulnerable to hacking by Cellebrite, a company known for its tools that can bypass security on various devices. An anonymous individual, identified as rogueFed, shared insights from a Cellebrite briefing on the GrapheneOS forums.

    According to the leaked information, the Pixel 6, 7, 8, and 9 models are susceptible to Cellebrite’s phone hacking capabilities. Notably, the more recently released Pixel 10 series was not included in the exposed list. The vulnerability status varied based on the phone’s unlock state, with data extraction being easier on unlocked devices.

    This revelation underscores the ongoing battle between security measures and hacking techniques in the smartphone landscape. As users increasingly rely on smartphones to store sensitive data, understanding and addressing potential vulnerabilities like those highlighted by the leak becomes crucial for both manufacturers and users alike.

    Source: Ars Technica

  • Navigating the Cybersecurity Risks of AI-Powered Browsers

    This article was generated by AI and cites original sources.

    Recent advancements in web browsers have introduced AI technologies like ChatGPT Atlas and ‘Copilot Mode’ for Microsoft Edge, enhancing user experiences by enabling browsers to answer questions, summarize content, and execute tasks autonomously. While this signals a potential shift towards a more intuitive browsing experience, experts caution that this evolution may pose significant cybersecurity risks.

    AI integration into browsers, a trend spearheaded by industry leaders, aims to streamline user interactions by embedding AI directly into the browsing interface. However, this convergence also exposes users to new vulnerabilities and data privacy concerns. Security researchers have already identified exploitable weaknesses in AI-powered browsers, such as Atlas and Comet, that could enable malicious actors to compromise user data and execute harmful code.

    As the market for AI browsers expands, with startups like Perplexity and Strawberry entering the fray, the need for robust cybersecurity measures to safeguard user data and privacy becomes increasingly urgent. Despite acknowledging the security challenges, industry leaders are yet to devise comprehensive solutions to mitigate these risks effectively.

    This technological convergence underscores the pressing need for proactive measures to address the vulnerabilities inherent in AI-driven browsing environments. As AI browsers continue to evolve, addressing these concerns will be paramount to ensuring a secure and resilient online experience for all users.

    Source: The Verge

  • Balancing AI Automation and Human Oversight in Security Operations

    This article was generated by AI and cites original sources.

    As AI continues to evolve, security leaders face a critical challenge in balancing the benefits of automation with the need for human oversight and strategic decision-making in security operations. The rise of agentic AI is reshaping the landscape, offering significant efficiency gains but also posing complex issues that must be carefully navigated.

    The pressure to adopt AI in security is increasing, with organizations seeking productivity improvements by automating tasks that traditionally required human intervention. However, the key lies in understanding the nuanced division between tasks that can be effectively automated by AI and those that still demand human judgment for accurate decision-making.

    Transparency is crucial in ensuring the trustworthiness of AI-driven decisions within security operations. Security teams require visibility into the logic and processes behind AI-generated conclusions to validate recommendations, drive continuous improvement, and maintain human involvement in critical decision-making processes.

    While AI offers defensive advantages, the asymmetry in AI capabilities between defenders and attackers presents a challenge. Defenders must carefully implement AI-driven security measures to avoid unintended consequences, while remaining vigilant against adversaries who exploit AI for malicious purposes.

    Addressing the skills dilemma, organizations must focus on developing strategies that balance AI-enabled efficiency with the retention of core competencies among security professionals. This includes ongoing skill development, cross-training initiatives, and evolving career paths to leverage AI as a collaborative tool rather than a replacement for human expertise.

    In an era of agentic AI, the identity and access management challenge looms large, requiring robust governance frameworks to manage the proliferation of AI agents effectively. The path forward involves starting with compliance and reporting functions to capitalize on AI’s strengths in processing vast amounts of data efficiently.

    Ultimately, the future of security operations lies in embracing AI’s efficiency gains while upholding human judgment and ethical oversight. The collaborative synergy between human experts and AI capabilities is key to navigating the complexities of the AI-powered security landscape.

    Source: VentureBeat

  • Former Cybersecurity Executive Pleads Guilty to Selling Trade Secrets to Russian Entity

    This article was generated by AI and cites original sources.

    A former executive at L3Harris’ cyber division, Trenchant, has admitted to selling trade secrets valued at over $1.3 million to a Russian entity, as reported by WIRED. Peter Williams, an Australian native residing in the US, faced federal charges related to the theft and sale of sensitive information. Williams, who had a background with the Australian Signals Directorate before joining Trenchant, is now facing potential prison time and hefty fines as part of his plea agreement.

    Williams, who worked briefly as a director at L3 Harris Trenchant, a subsidiary of L3Harris Technologies, allegedly stole trade secrets from two companies and passed them on to a Russian buyer between 2022 and 2025. The US Department of Justice did not disclose the names of the companies involved nor the specifics of the sold information. However, the case highlights the risks associated with insider threats and the illicit transfer of proprietary data in the cybersecurity sector.

    Given Williams’ access to sensitive information and his history with cybersecurity organizations, this incident underscores the importance of robust security protocols within tech companies dealing with classified data. The potential implications of such breaches extend beyond financial losses to potential national security risks, emphasizing the critical need for vigilance and oversight in safeguarding intellectual property.

    Source: WIRED

  • Cloud Outages Highlight Risks of Relying on Dominant Tech Giants

    This article was generated by AI and cites original sources.

    Microsoft’s Azure cloud platform recently experienced significant downtime due to an inadvertent configuration change, impacting services like Office 365, Xbox, and Minecraft. This outage, the second within a short timeframe, sheds light on the fragility of our digital ecosystem heavily reliant on a few tech giants.

    The incident originated from Azure’s Front Door content delivery network, coinciding with Microsoft’s scheduled earnings announcement. As the outage persisted, Microsoft worked to revert to a stable configuration and gradually restore services. Despite the disruption, the company assured customers of ongoing efforts to address the situation.

    This outage follows a recent major disruption at Amazon Web Services, emphasizing the potential risks associated with depending on a handful of hyperscale cloud providers. While these companies offer enhanced security and reliability, any downtime can have widespread implications, underscoring the need for robust contingency plans in an interconnected digital landscape.

    Source: WIRED

  • Malicious NPM Packages Flood Repository, Raising Security Concerns

    This article was generated by AI and cites original sources.

    Recent reports have revealed a concerning security vulnerability within the NPM code repository, where attackers have managed to infiltrate the system with more than 100 malicious packages, largely undetected. The security firm Koi highlighted this alarming discovery, shedding light on a practice within NPM that enables installed packages to fetch dependencies from untrusted sources.

    The campaign, identified as PhantomRaven, has exploited NPM’s use of ‘Remote Dynamic Dependencies’ to flood the repository with 126 malicious packages, resulting in over 86,000 downloads. Despite efforts to address the issue, approximately 80 of these compromised packages were still accessible as of the recent findings.

    The exploitation of ‘Remote Dynamic Dependencies’ represents a significant blind spot in traditional security measures, as these dynamic dependencies are not easily detectable through static analysis. This approach provides attackers with the flexibility to download malicious dependencies from untrusted domains, including unencrypted HTTP connections, evading conventional security scans.

    One critical aspect of this vulnerability is that these malicious dependencies are fetched anew from the attacker’s server with each installation, rather than being cached or versioned, further complicating detection and mitigation efforts.

    Source: Ars Technica

  • Concerns Raised Over ICE’s Use of Facial Recognition for Citizen Verification

    This article was generated by AI and cites original sources.

    Recent videos have surfaced showing Immigration and Customs Enforcement (ICE) officers utilizing facial recognition technology on US streets to verify citizenship, as reported by 404 Media. In one incident, a teenager who identified himself as a US citizen without a government ID was subjected to a face scan after offering his student ID. This highlights ICE’s increasing reliance on facial recognition tools, such as Mobile Fortify, to cross-check individuals against a vast image database, potentially including 200 million records.

    Facial recognition technology, while providing quick identification results, has raised significant privacy and accuracy concerns. Lawmakers, including Bernie Sanders and seven Democratic senators, have criticized ICE’s use of such tools, citing biases and inaccuracies, especially affecting communities of color. The senators expressed worries about the potential for racial profiling and disproportionate targeting of minority groups due to the utilization of these technologies.

    As debates on the constitutionality and ethical implications of ICE’s actions continue, the public is increasingly scrutinizing the impact of facial recognition on civil liberties and social justice. The need for transparent and accountable use of biometric tools in law enforcement remains a critical issue in the ongoing discourse surrounding privacy and security in a digital age.

    Source: Ars Technica

  • Former L3Harris Executive Pleads Guilty to Selling Sensitive Cyber Exploits to Russian Broker

    This article was generated by AI and cites original sources.

    Peter Williams, the former general manager at defense contractor L3Harris, has pleaded guilty to selling sensitive cyber-exploit components to a Russian broker, raising concerns about the security of national-security focused software. Williams, accused of selling at least eight protected cyber-exploit components, exploited his access to the company’s secure network to steal these components, as confirmed by the U.S. Department of Justice. The Trenchant division at L3Harris, known for developing spyware, exploits, and zero-days, sells surveillance technology to government customers in the Five Eyes intelligence alliance.

    This incident highlights the risks associated with insider threats and unauthorized access to advanced cyber technologies. The unauthorized sale of cyber tools to foreign entities underscores the importance of robust security measures within defense contractors and technology companies. Such breaches can have far-reaching implications for national security and global cybersecurity efforts.

    This case serves as a reminder of the critical role that stringent security protocols and ethical practices play in the surveillance technology industry. It emphasizes the need for continuous monitoring, detection, and prevention of illicit activities that could compromise sensitive cyber technologies and data.

    Source: TechCrunch

  • Emerging Physical Attacks Challenge Secure Enclave Defenses of Major Chipmakers

    This article was generated by AI and cites original sources.

    Trusted execution environments (TEEs) are facing new challenges as a trio of physical attacks target the secure enclave defenses provided by Nvidia, AMD, and Intel. These attacks, including the recent TEE.fail, exploit vulnerabilities in TEE protections, raising concerns about the security of confidential data and sensitive computing.

    TEEs play a crucial role in various industries, from blockchain architectures to cloud services, AI, finance, and defense. Nvidia’s Confidential Compute, AMD’s SEV-SNP, and Intel’s SGX and TDX are heavily relied upon for safeguarding data even in compromised server environments.

    The TEE.fail attack, unveiled recently, undermines the latest TEE safeguards from all three chipmakers. By inserting a hardware device between a memory chip and the motherboard, attackers can compromise the TEE in just three minutes, rendering Confidential Compute, SEV-SNP, and TDX/SDX vulnerable. Unlike previous attacks limited to DDR4 memory, TEE.fail extends to DDR5, posing a threat to the newest TEE implementations.

    Chipmakers currently do not account for physical attacks in their TEE threat models, leading to misconceptions about the level of security provided. Users and providers of TEEs often make inaccurate claims about the extent of protection, highlighting the need for a better understanding of the vulnerabilities.

    As the landscape of secure enclave defenses evolves, the tech industry faces the challenge of fortifying TEEs against both virtual and physical threats to ensure the integrity of sensitive data and critical computing processes.

    Source: Ars Technica

  • FCC Grants Itself Power to Enforce Potential Drone Import Bans

    This article was generated by AI and cites original sources.

    The Federal Communications Commission (FCC) has voted 3-0 to grant itself the authority to implement retroactive bans on previously approved gadgets and radio components entering the United States. The FCC now has the power to enforce such bans if the manufacturers are deemed national security risks. While the stated rationale is to enhance network security by preventing backdoors in Chinese telecom equipment, this move could pave the way for the U.S. government to restrict Chinese consumer electronics operating on U.S. airwaves, starting with DJI drones.

    As of December 23rd, new DJI products face automatic import bans unless a ‘national security agency’ confirms they do not pose a risk. DJI and other companies will be placed on the ‘Covered List’ under the Secure and Trusted Communication Networks Act, prohibiting FCC authorization for their internal radios in the U.S. Without this approval, importing and selling these items becomes illegal.

    Despite the impending ban, no U.S. security agency has initiated an audit process, according to DJI. The company’s global policy head, Adam Welsh, emphasizes the importance of a fair and evidence-based review to safeguard American jobs, safety, and innovation.

    DJI had anticipated a potential ban but did not expect a complete prohibition. The company is urging the U.S. government to commence the required evaluation or grant an extension for a thorough assessment.

    Source: The Verge

  • Spyware Maker Memento Labs Acknowledges Government Misuse of Its Windows Malware

    This article was generated by AI and cites original sources.

    A recent report by cybersecurity firm Kaspersky revealed the existence of a new Windows spyware named Dante, targeting victims in Russia and Belarus. This spyware has been attributed to Memento Labs, a surveillance technology company based in Milan. Memento’s CEO, Paolo Lezzi, confirmed to TechCrunch that the spyware in question does belong to Memento.

    Lezzi stated that a government client was responsible for the exposure of Dante, citing the use of an outdated version that will no longer be supported after this year. He expressed surprise, mentioning that he believed the customer had ceased using the spyware. Despite having warned customers about Kaspersky detecting Dante infections since December 2024, Memento plans to reiterate its request for all clients to discontinue the use of its Windows spyware.

    Memento now focuses on developing spyware for mobile platforms and occasionally deals with zero-day exploits sourced from external developers. Lezzi’s disclosure sheds light on the challenges and risks associated with the surveillance technology industry in today’s digital landscape.

    Source: TechCrunch

  • South Korean Telecom Operator LG Uplus Discloses Cybersecurity Incident

    This article was generated by AI and cites original sources.

    LG Uplus, a major South Korean telecom operator, has disclosed a suspected data breach to Korea’s national cybersecurity watchdog KISA, becoming the third telco in the country to acknowledge a cybersecurity incident in the past six months. The investigation into LG Uplus, along with KT Telecom and SK Telecom, is ongoing, signaling a concerning trend in the region’s telecommunications industry.

    Reports suggest that LG Uplus may have faced cyberattacks similar to those experienced by its counterparts. The telecom division initially denied any breach signs but was later requested by KISA to submit an official report following suspected hacking activities.

    According to Phrack, a hacking magazine, a significant data breach involving thousands of LG Uplus servers may have been orchestrated by hackers from China or North Korea, further amplifying cybersecurity risks in the region.

    South Korea’s cybersecurity landscape has been under scrutiny due to a series of high-profile cyber incidents affecting various sectors, including telecommunications, finance, technology, and government, underscoring the urgent need for robust cybersecurity measures and expertise in the country.

    Source: TechCrunch

  • Tata Motors Addresses Cybersecurity Vulnerabilities Exposing Sensitive Data

    This article was generated by AI and cites original sources.

    Tata Motors, the Indian automotive giant, has swiftly responded to security vulnerabilities that inadvertently exposed internal data, customer information, and dealer details. The flaws were discovered by security researcher Eaton Zveare within Tata Motors’ E-Dukaan unit, an e-commerce platform for purchasing spare parts for Tata-made commercial vehicles. Zveare uncovered that the portal’s source code contained private keys providing unauthorized access to Tata Motors’ account on Amazon Web Services, potentially compromising sensitive data.

    The exposed data included invoices with customer details like names, addresses, and PAN numbers, a unique identifier issued by the Indian government. Despite the discovery, Zveare ensured no large data breaches occurred. Additionally, MySQL database backups and Apache Parquet files containing private customer information were accessible using the compromised keys. Moreover, access to over 70 terabytes of data related to Tata Motors’ FleetEdge fleet-tracking software was at risk, alongside admin access to a Tableau account with data from 8,000 users.

    This incident underscores the critical importance of robust cybersecurity measures for companies dealing with sensitive data, urging organizations to prioritize thorough security assessments and prompt issue resolution to safeguard customer and internal information.

    Source: TechCrunch

  • Fortanix and NVIDIA Collaborate to Enhance AI Security for Highly Regulated Industries

    This article was generated by AI and cites original sources.

    Fortanix Inc., a data security company, has partnered with NVIDIA to introduce a new AI security platform designed for highly regulated industries. This joint solution enables organizations to deploy AI with enhanced security measures within their own data centers or sovereign environments. The platform leverages NVIDIA’s confidential computing GPUs to ensure end-to-end trust in AI operations, from the chip to the model to the data.

    The collaboration between Fortanix and NVIDIA addresses the pressing needs of sectors like healthcare, finance, and government, which are keen on adopting AI technologies but face stringent privacy and regulatory constraints. By utilizing Fortanix’s platform powered by NVIDIA Confidential Computing, enterprises can develop and operate AI systems on sensitive data without compromising security or control.

    At the core of this partnership lies a confidential AI pipeline that safeguards data, models, and workflows throughout their lifecycle. This system integrates Fortanix Data Security Manager and Confidential Computing Manager directly into NVIDIA’s GPU architecture to ensure secure operations.

    The collaboration not only enhances data encryption and key management but also ensures the security of entire AI workloads. Enterprises can seamlessly transition existing AI models to NVIDIA’s GPU architectures, such as Hopper and Blackwell, with minimal reconfiguration, enabling a swift path to production-ready AI.

    Compliance remains a central focus of the new platform’s design. Fortanix’s solution enforces role-based access control, detailed audit logging, and secure key custody—essential elements for demonstrating compliance with stringent data protection regulations, particularly in industries like banking, healthcare, and government contracting.

    With features designed for on-premises, cloud, and sovereign use cases, Fortanix and NVIDIA’s platform offers real-world flexibility to organizations, allowing them to maintain consistent key management and encryption controls across different regions. This adaptability enables enterprises to shift AI workloads between data centers or cloud regions seamlessly, ensuring data security and regulatory compliance.

    Source: VentureBeat

  • Border Authorities Conducted Record Number of Phone Searches in 2025

    This article was generated by AI and cites original sources.

    United States Customs and Border Protection (CBP) staff performed a record number of phone and electronic device searches at the border over the past year, with a 17% increase compared to the previous fiscal year. The CBP conducted approximately 55,424 searches during the 2025 fiscal year, up from 47,000 in 2024, reflecting a growing trend in border security measures.

    While the number of searches remains relatively small in the context of overall border crossings, the increase in device searches has raised concerns about privacy and data security. These searches have become more prevalent in the current political climate, which is focused on immigration enforcement and enhanced surveillance capabilities.

    Border officials have the authority to search the devices of all individuals entering the US, including citizens and green card holders, without requiring warrants. This practice, which includes both manual and advanced forensic searches, enables CBP agents to access and analyze data from phones, laptops, and other electronic devices.

    As international travel to the US faces challenges, individuals are advised to present their devices for inspection, highlighting the evolving landscape of border security protocols and privacy considerations.

    Source: WIRED

  • The USS Gerald R. Ford: Nuclear-Powered Prowess in the Caribbean

    This article was generated by AI and cites original sources.

    The USS Gerald R. Ford, a $13 billion aircraft carrier, is making its way to the Caribbean Sea, equipped with a cutting-edge nuclear propulsion system and advanced technology. This deployment is part of the Pentagon’s strategy to combat drug trafficking in South America, showcasing the integration of technology and security objectives.

    According to Sean Parnell, the assistant secretary of defense for public affairs, the deployment of the Gerald R. Ford will enhance the U.S. government’s capacity to address illicit activities that threaten national security and prosperity. This marks a shift from the previous reliance on combat vessels and aircraft in the region.

    Under the Trump administration, the focus on combating drug trafficking in the Caribbean has heightened tensions with countries like Venezuela and Colombia. The USS Gerald R. Ford’s deployment signifies a strategic move to bolster the U.S. military presence and capabilities in the area.

    The Ford class of aircraft carriers, including the USS Gerald R. Ford, represents a technological advancement with nuclear-powered propulsion and innovative features. This development underscores the U.S. Navy’s commitment to maintaining its position at the forefront of naval technology and readiness.

    Source: WIRED

  • Signal’s Reliance on Cloud Infrastructure Highlights Industry Challenges

    This article was generated by AI and cites original sources.

    The encrypted messaging app Signal faced criticism after being affected by a recent Amazon Web Services (AWS) outage. Signal’s president, Meredith Whittaker, defended the company’s choice to use AWS, pointing out the lack of alternative options due to the concentrated power in the cloud infrastructure industry. Whittaker emphasized that running a global, real-time communication platform like Signal requires the robust capabilities offered by major cloud providers like AWS, Microsoft Azure, and Google Cloud. Building a similar infrastructure independently would be cost-prohibitive. Signal’s use of encryption ensures user privacy, even though it partially relies on AWS for its operations.

    Source: The Verge

  • Social Network X Urges Users to Re-Enroll Hardware Keys for Two-Factor Authentication

    This article was generated by AI and cites original sources.

    Social network X has announced that it will retire its twitter.com domain for authentication purposes, affecting users who utilize a hardware key like YubiKey for two-factor authentication (2FA). To avoid being locked out, users must re-enroll their security keys before November 10.

    The company’s safety account emphasized the need for users to act, stating, “By November 10, we’re asking all accounts that use a security key as their 2FA method to re-enroll their key to continue accessing X. You can re-enroll your existing security key, or enroll a new one.”

    According to Christopher Stanley, a security engineer at X, the domain change aims to enhance domain trust, ensuring that physical security keys are properly associated with X’s domain for secure authentication.

    Users who rely on hardware keys for account security can update their settings by navigating to ‘Settings’ -> ‘Security and account access’ -> ‘Two-factor authentication’ -> ‘Manage security keys’.

    It remains unclear whether X’s retirement of the twitter.com domain is solely a security measure or part of broader changes. The company has been contacted for clarification on this matter.

    Source: TechCrunch