The Pentagon is considering a dramatic strategy to defend Taiwan against a Chinese military attack, including deploying a “drone hell” of thousands of drones to circle the island. Meanwhile, the National Institute of Standards and Technology announced this week that it will partner with AI ethics nonprofit Humane Intelligence to host a red-team hacking competition to find flaws and biases in generative AI systems.
WIRED took a closer look at a Telegram channel and website known as Deep State, which uses public and private data to provide live tracking maps of the Ukrainian front. Protesters gathered at New York’s Citi Field on Wednesday to raise awareness about the serious privacy risks of deploying facial recognition systems in sports venues, a technology that is being rolled out in stadiums and arenas across the country with little oversight. Amazon Web Services also updated instructions on how customers can implement authentication on its Application Load Balancers after researchers discovered an implementation issue that could expose misconfigured web apps.
But wait, there’s more! Every week we round up the security and privacy news we didn’t cover in depth. Click on the headline to read the full story. Stay safe.
U.S. Navy officials confirmed to Military.com this week that Navy Standard Working Uniform (NWU) trousers are out of stock at Navy Exchanges and dangerously low in supply throughout the Navy’s distribution channels. Spokesperson Courtney Williams said the Naval Exchange Service Command is “experiencing a severe shortage of NWU trousers” both in stores and online. Sailors are seeing out-of-stock notices online stating that the trousers are “unavailable in any size.” Williams said worldwide inventory is currently at 13 percent, and the top priority right now is getting trousers to recruits at Recruit Training Command in Illinois, Naval Academy Preparatory School in Rhode Island, and Officer Training School.
The shortage appears to stem from an issue with the Defense Logistics Agency’s supply chain for the pants. According to Military.com, signs are currently posted inside Navy supply exchanges stating the shortage is “due to an issue with a Defense Logistics Agency vendor.” Williams said the command is “in communication with the Defense Logistics Agency regarding the production and supply chain schedule for the uniforms.”
Defense Logistics Agency spokesperson Mikiah Muhammad told Military.com that the first supply of pants is expected in October, but the supplies will be provided to recruits and training programs. He said Navy exchanges can expect “full support” starting in January.
On Monday, the FBI, the Office of the Director of National Intelligence, and the Cybersecurity and Infrastructure Security Agency formally accused Iran of conducting a hacking and exfiltration campaign against President Donald Trump’s presidential campaign in a joint statement. President Trump himself had condemned Iran in a social media post on August 10, following a Microsoft report on August 9 that Iranian hackers were targeting the U.S. campaign. The Iranian government has denied the accusations.
“The (intelligence) communities believe Iran is using social engineering and other means to seek access to individuals with direct access to presidential elections of both political parties,” the U.S. government agencies wrote. “These activities, including theft and compromise, are intended to influence the U.S. electoral process.”
Politico reported on August 10 that Iran had infiltrated the Trump campaign and that an individual calling themselves “Robert” had contacted the magazine to provide the allegedly stolen documents. The same individual had also contacted The New York Times and The Washington Post, offering to sell similar documents.
Popular flight tracking service FlightAware announced this week that a “configuration error” in its system exposed personal information of its customers, including names, email addresses, and even some Social Security numbers. The company discovered the leak on July 25, but in its breach notice to the California Attorney General, it said the exposure could date back to January 2021. The company is requiring all affected users to reset their account passwords.
In an official statement, the company said the exposed data “included user IDs, passwords, and email addresses. Depending on the information provided, it may have also included names, billing addresses, shipping addresses, IP addresses, social media accounts, phone numbers, dates of birth, the last four digits of credit card numbers, aircraft ownership information, industry, job title, pilot status (yes/no), and account activity (e.g. flights viewed and comments posted).” The California disclosure also said, “Additionally, our investigation has determined that customers’ Social Security numbers may have been exposed.”
Since European law enforcement hacked end-to-end encryption phone company Sky in 2021, the compromised communications have been used as evidence in numerous EU investigations and criminal cases. But a review of court records by 404 Media and Courtwatch revealed this week that US agencies are also relying on the trove of around 500 million chat messages. US law enforcement has used the data in several drug trafficking prosecutions, particularly to track suspected smugglers transporting cocaine on commercial ships and speedboats.
