It feels like all weeks in security news are overstuffed lately, and this one’s no exception. It started with a bang, or more of a blare, as all of Dallas’s dozens of tornado sirens were hacked to sound off at once. And it ended with a boom, as the US dropped the Moab (‘Mother of All Bombs,’ colloquially), a 22,600 pound bomb, for the first time. And plenty happened in between, too!
The FBI took down a Russian spam king and his massive botnet, so your inbox might have felt a little lighter this week. We talked to one of the best car hackers in the world about how hard it is (very) to secure autonomous taxis. We took a look at the bleak world of content moderation training. And just when you thought the Shadow Brokers were done, they dropped a mess of NSA secrets that show Microsoft vulnerabilities and the hacking of Middle Eastern bank systems.
Things were relatively quiet in Trump world, though not entirely. The FBI reportedly got a FISA warrant against Carter Page, but that doesn’t prove much beyond how much potential trouble Carter Page is in. And a conservative watchdog group is suing the EPA for access to messages they may have sent over Signal, but, uh, good luck with that.
And there’s more. Each Saturday we round up the news stories that we didn’t break or cover in depth but that still deserve your attention. As always, click on the headlines to read the full story in each link posted. And stay safe out there.
Ugh, OurMine Hacks a Big Old YouTube Network
OurMine, the hackers who’d have you believe their hearts are made of gold, struck again this week, breaching thousands of YouTube accounts associated with a large media network, in what the group touts as “the biggest hack in YouTube history.” The hackers apparently got a access to the German media network Studio71, which hosts over 1,200 popular channels. This allowed them to change the title and description field in any Studio71-affiliated videos. On many of those videos, the group wrote this message: “#OurMine – Hey, it’s OurMine, don’t worry we are just testing your security, please contact us for more information.” This is so sort their schtick: hacking for a purpose. In OurMine’s case, the group claims it does what it does to educate you about your security. It’s a hard claim to believe, when OurMine has in the past done things like hack into a Sony Music Twitter account to spread the false rumor that Brittany Spears was dead. As YouTube star LiveEachDay, whose adorable videos of his toddler were breached, put it: “It’s honestly not a big hack.”