Last weekend, Iran shut off the internet for nearly all of its citizens in an attempt to quell demonstrations. The government was able to do so in part because it had already spent years consolidating power over ISPs. Not only were the country's 80 million people cut off from each other and the rest of the world, Iranian-Americans found themselves unable to contact family and friends. As of Friday afternoon, the internet was still mostly unavailable.
Iranian hackers also took the spotlight, as new research into state-sponsored group APT33 shows that they've recently—and worryingly—focused on industrial control systems. And notorious ICS hackers Sandworm have gone the other direction, according to new research from Google, planting malware in legitimate Android apps. And while people's Disney+ accounts are getting taken over, Disney itself wasn't hacked; attackers are using "credential stuffing," which takes advantage of reused passwords. (Get a password manager!)
Someone left 1.2 billion records exposed in a server online, including personal information and social media accounts. Websites are taking more permissions than they should when you visit. Thieves really are using Bluetooth scanners to decide which cars to steal from. DuckDuckGo has a new tool that twitter better factor authentication
