As the United States presidential election approaches in less than two weeks, Microsoft issued a warning on Wednesday that Russia, Iran, and China are persistently conducting various influence operations targeting both the Trump and Harris campaigns, as well as other electoral races. One crucial area the new president will influence is the nation’s stance on regulating AI, with experts indicating that a second term for Trump could pose significant risks to the safety, transparency, and fairness of developing AI platforms.
WIRED recently published a detailed piece about the bitcoin recovery enthusiast known as ZachXBT, who has successfully traced billions of dollars worth of stolen cryptocurrency, including a recent recovery of $243 million from what could be the largest cryptocurrency heist from a single victim.
In a significant development, Nigeria has withdrawn money laundering and tax evasion charges against Binance executive and former IRS agent Tigran Gambaryan after an eight-month ordeal. Additionally, an unsecured United Nations Women database left over 115,000 sensitive documents publicly accessible, concerning organizations involved with vulnerable communities worldwide. Furthermore, WIRED explored the anti-Kremlin activist group known as the North Atlantic Fella Organization, which has successfully raised funds to procure supplies for Ukrainian forces engaged in combat against Russia.
The US Department of Homeland Security circulated a report to local agencies in August that highlighted the economic dangers of dependency on Chinese utility storage batteries, especially regarding the need for a secure domestic battery manufacturing supply chain. This report was first obtained by the national security transparency group Property of the People and was reviewed by WIRED. Additionally, the $2 million contract between US Immigration and Customs Enforcement and the surveillance firm Paragon Solutions is currently under examination by the White House due to possible violations of the administration’s executive order regarding spyware.
However, there’s additional information to consider! Every week, we compile the security and privacy updates that we haven’t explored in detail. Click the links to dive into the complete articles. Stay vigilant out there.
When reports emerged earlier this fall, it was revealed that hackers allegedly linked to the Chinese government had infiltrated the systems of Verizon, AT&T, and Lumen, prompting officials to warn that they might have gained significant access to the private communications and metadata of U.S. citizens. It seems these hackers, referred to as Salt Typhoon, had their sights specifically set on at least two notable individuals: Donald Trump and J.D. Vance.
The New York Times indicated on Friday that Chinese hackers attempted to acquire the phone communications of both Trump and Vance, a U.S. senator and his running mate for the 2024 U.S. presidential election, through their breakdown of Verizon’s defenses, as per unnamed officials. The Wall Street Journal further highlighted on the same day that these hackers were also aiming at individuals connected to Vice President Kamala Harris’s presidential campaign.
The breach at Verizon likely granted these hackers access to, at the very least, metadata regarding the candidates’ communications, including who they were speaking to and when. In theory, this could also reveal more confidential information such as the contents of unencrypted voice or text conversations, although it’s unclear how extensive the hackers’ access truly was. Even metadata could yield sensitive insights about the candidates’ interactions that might be leveraged for influence campaigns or additional espionage activities.
The Chinese espionage operation contributes to the increasing perception of a chaotic environment of foreign digital interference in the upcoming election, which has already seen Iranian hackers attempting to breach and leak emails from the Trump campaign—though with limited success—and Russia-linked disinformation campaigns proliferating on social media.
As Apple gears up for the official launch of its AI platform, Apple Intelligence, next week, the company introduced new tools for security researchers this week aimed at assessing its cloud infrastructure, dubbed Private Cloud Compute. Apple has made significant efforts to develop a secure and private AI cloud platform. This week’s announcement features comprehensive technical documentation detailing its security functionalities. Additionally, a research environment is already accessible in the macOS Sequoia 15.1 beta version. These testing features enable researchers, or anyone interested, to download and analyze the current version of the PCC software that Apple operates in the cloud. Apple stated that any deviations from the software are solely for optimizing its performance in the virtual machine designed for research. The company also made the PCC source code public and announced that vulnerabilities discovered in PCC will qualify for a top bounty payout of up to $1 million under its bug bounty program.
During the summer, Politico, The New York Times, and The Washington Post each disclosed that they had been contacted by a source offering hacked Trump campaign emails—a source identified by the US Justice Department as acting on behalf of the Iranian government. Each news outlet chose not to publish or report on the stolen materials. However, it now seems that Iranian hackers eventually found alternative channels outside mainstream media that were willing to disclose those emails. American Muckrakers, a PAC operated by a Democratic strategist, went ahead and published the documents after making a public request on X, stating, “Send it to us and we’ll get it out.”
American Muckrakers subsequently released internal communications from the Trump campaign concerning North Carolina Republican gubernatorial candidate Mark Robinson and Florida Republican representative Anna Paulina Luna, as well as documents indicating a possible financial link between Donald Trump and Robert F. Kennedy Jr., the third-party candidate who withdrew from the race and supported Trump. Independent journalist Ken Klippenstein also obtained and shared parts of the hacked content, including a research profile on Trump’s running mate and US Senator J.D. Vance, which the campaign prepared while evaluating him for the position. Klippenstein mentioned that the FBI later visited him to caution that the materials were disseminated as part of a foreign influence initiative. Klippenstein has defended his actions, asserting that the media should avoid acting as the “gatekeeper of what the public should know.”
As Russia has engaged in both military and cyber warfare against Ukraine, it has simultaneously executed an extensive hacking campaign against Georgia, another neighboring nation with which it has had a turbulent history. Recently, Bloomberg unveiled details ahead of the Georgian elections about how Russia has systematically infiltrated Georgia’s infrastructure and government in a multi-year series of digital attacks. Between 2017 and 2020, for example, Russia’s military intelligence agency, the GRU, infiltrated Georgia’s Central Election Commission (similar to its actions in Ukraine in 2014), several media outlets, and IT systems belonging to the national railway company. Additionally, the GRU’s Sandworm unit was reported by the NSA to have targeted Georgian television stations in 2020. Concurrently, hackers associated with Turla, operating under the Kremlin’s KGB successor, the FSB, breached Georgia’s Foreign Ministry and exfiltrated gigabytes of officials’ email data over several months. Bloomberg noted that Russia’s hacking endeavors extended beyond mere espionage, appearing to also involve preparations for potential disruptions to Georgian infrastructure, such as the electric grid and oil companies, in case tensions escalated.
Cybersecurity experts have been debating for years what qualifies as a cyberattack. Is an intrusion aimed at destroying data, causing disruption, or sabotaging infrastructure categorized as a cyberattack? Certainly, it is. But does a breach aimed at data theft fit the definition? Perhaps not. How about a hack-and-leak operation or an espionage effort that includes a disruptive cleanup phase? This too remains a matter of contention. However, the Jerusalem Post this week may have provided one of the clearest mislabels of a cyberattack—displayed prominently in a headline—by referring to disinformation on social media as such. The so-called “Hezbollah cyberattack” reported by the outlet consisted of images of Israeli hospitals shared by individuals claiming to be Hezbollah supporters, along with suggestions that weaponry and funds were hidden beneath those facilities and that they should be targeted. This was seemingly a reaction to claims made by the Israeli Defense Forces concerning hospitals in Gaza that the IDF has bombed, as well as a newer situation in Beirut, Lebanon.
“These are NOT CYBERATTACKS,” remarked security researcher Lukasz Olejnik, author of The Philosophy of Cybersecurity and Propaganda, beside a screenshot of the Jerusalem Post’s headline on X. “Posting images to social media is not hacking. Such a bad take.”