Well, Mueller Time has come and gone. We watched the former special counsel testify before not one but two congressional committees, and it went pretty much as expected, in that Mueller dropped no bombshells that weren’t already in his 448-page report. Which honestly should still be more than enough for Congress to act.
Elsewhere in DC, Democrats continued to call for election security reform, and Senate majority leader Mitch McConnell continued not to entertain the idea. And one law that did pass this week was New York’s revenge porn legislation, a welcome step that underscores the difficulty in crafting those bills effectively.
Remember the Equifax hack? What a mess! Nearly two years later, the credit bureau has finally reached a settlement with the Federal Trade Commission. Equifax will pay up to $700 million for its carelessness, including payouts of $125 or more to each victim. Here’s how to collect your share. Make sure you do!
We also took a closer look at the scourge of adware—which you’re much more likely to encounter than a fancy nation state attack. Facebook’s former security chief wants to create an “Internet Observatory” to monitor and counter abuse. And we took a closer look at the brand new energy weapon the US used to fry an Iranian drone.
And there’s more! Every Saturday we round up the security and privacy stories that we didn’t break or report on in depth but which we think you should know about nonetheless. Click on the headlines to read them, and stay safe out there.
In May 2017, a young hacker who goes by the sobriquet MalwareTech singlehandedly saved the world from the devastating WannaCry ransomware outbreak. Three months later, police arrested MalwareTech—real name Marcus Hutchins—over his involvement in creating a piece of malware that helped cybercriminals steal from banks. Hutchens had pleaded guilty to the charges in April. But at a sentencing hearing Tuesday, Judge J.P. Stadtmueller made clear that Hutchins’s WannaCry heroics far outweighed the crimes of his youth, letting him off with a sentence of time served. In other words, Hutchins is free to return to his home in the UK. For a fuller account, and some invaluable insights from Stadtmueller, read Marcy Wheeler’s thread on Twitter.
Russia’s FSB is an elite intelligence outfit, the successor to the KGB. (You’re familiar with their work.) A contractor of theirs called SyTech was hacked on July 13, with intruders apparently gaining access to the company’s IT network, including 7.5TB of files. This week, details of those files became public, outlining various FSB projects—including an apparent attempt to deanonymize traffic on the Tor network. Other undertakings found in the trove include efforts to monitor social media accounts, email contents, and peer-to-peer file sharing services. None of these projects comes as a particular surprise, but it’s yet another embarrassment to Russia’s top spies—which have seen no shortage of them in recent years.
The Senate Intel committee this week released its (heavily redacted) report on Russian attempts to interfere with the 2016 election. The takeaway that got the most attention was that Russian hackers probed targets in all 50 US states—but DHS has already confirmed that back in April. Still, no harm in getting the word out again, especially since it appears that not many people paid attention the first time around. You can read the full report for yourself, or at least the parts not hidden behind thick black lines, below. And remember, as Robert Mueller said this week, Russia’s still at it, and Mitch McConnell apparently has no interest in stopping it.
Motherboard reports that in an effort to get its Ring security cameras in as many homes as possible, Amazon has struck arrangements with dozens of police departments across the country. The cops get free Ring products and a portal to facilitate requesting data from them, in exchange for advertising them to their respective communities. Privacy advocates worry that these partnerships turn Ring devices into a de facto surveillance state.
Iran’s Revolutionary Guard Corps is a singular entity, an elite military force that outsources sweeping hacking efforts, as well. Yahoo News this week takes a look at decades of conflict between the IRGC and Western governments, an important history given the rising tensions between the US and Iran today.