Security News

Motherboard obtained and published the technical report on the hack of Jeff Bezos's phone, which is being attributed to Saudi Arabia, specifically to Crown Prince Mohammed bin Salman. "[W]ithin hours of the encrypted downloader being received, a massive and unauthorized exfiltration of data from Bezos' phone began, continuing and escalating for months thereafter," the report states.

A point-of-sale system vendor that serves U.S. medical and recreational cannabis dispensaries left an unprotected database containing sensitive information about three clients and 30,000 of their customers exposed to the internet, researchers say. "Our team identified an unsecured Amazon S3 bucket owned by THSuite that exposed sensitive data from multiple marijuana dispensaries around the U.S. and their customers," the research report states.

A forensic examination of Amazon CEO Jeff Bezos's mobile phone has pointed to it having allegedly been infected by personal-message-exfiltrating malware - likely NSO Group's notorious Pegasus mobile spyware - that came from Saudi Arabia's Crown Prince Mohammed bin Salman's personal WhatsApp account. The UN's report said that full details from the digital forensic exam of Bezos's phone were made available to its special rapporteurs.

The Crown Prince of Saudi Arabia, Mohammad bin Salman, has been officially fingered as the man responsible for hacking Amazon CEO Jeff Bezos's iPhone X, causing a massive stir in diplomatic circles. Following a report yesterday that Bezos's smartphone had been compromised by a malware-poisoned video sent directly by bin Salman to Bezos through WhatsApp, on Wednesday two UN special rapporteurs named the head of the oil state as the source of digital spyware, and called for an "Immediate investigation by US and other relevant authorities" into the "Continuous, multi-year, direct and personal involvement of the Crown Prince in efforts to target perceived opponents."

The mobile phone of Amazon CEO Jeff Bezos was hacked using a malicious file sent directly from the official WhatsApp account of Saudi Arabia's Crown Prince Mohammed Bin Salman, investigators have reportedly found. Hackers stole sensitive information from Bezos' phone "Within hours" of the hack, according to a digital forensic analysis of Bezos' phone conducted by FTI Consulting, a Washington-based business advisory group.

For the first time ever, the top five most likely global risks enumerated in the annual Global Risks Report from the World Economic Forum are all environmental: extreme weather, climate action failure, natural disasters, biodiversity loss, and human made environmental disasters. The same background is threatening the global economic outlook.

Apple previously scuttled plans to add end-to-end encryption to iCloud backups, in part because such a move would have complicated law enforcement investigations, Reuters reports. Reuters' scoop highlights a behind-the-scenes compromise that explains what happened, with Apple reportedly opting to not use end-to-end encryption for iCloud backups as it faced increasing pressure from the U.S. government to ensure investigators could access user data.

Most state CIOs see innovation as a major part of their job - 83% said innovation is an important or very important part of their day-to-day leadership responsibilities - while only 14% reported extensive innovation initiatives within their organizations, Accenture and the National Association of State Chief Information Officers reveal. Previously, NASCIO had highlighted innovation as a top ten current issue facing state CIOs.

Governments in the US and China are at the front of the line when it comes to knocking on Apple's door to request user data relating to fraud/phishing, according to the company's latest transparency report. Like any tech company that handles user data, Apple gets different types of requests: those that are made when an account holder is in imminent danger, those from law enforcement agencies trying to help people find their lost or stolen devices, those asking for Apple's help when thieves rip off credit card data so they can buy Apple products or services on somebody else's dime, and in situations where investigators think an account's been used to do something illegal.

The FBI has created a new policy to give "Timely" breach notifications to state and local officials concerning election hacking and foreign interference. It will also require agents to work directly with state and local election officials to identify and mitigate cyberthreats to election infrastructure as quickly as possible, according to the FBI announcement.