As so many of them have been lately, it was a wild week in security. Monday, FBI Director James Comey confirmed that an ongoing investigation into the Trump campaign's ties to Russia began last July. The GOP responded minutes later by charging hard against---leaks. That really set the tone!
House Intelligence Committee chairman Devin Nunes added some misplaced intrigue by suggesting Trump or his associates had been caught up in surveillance, which isn't what it sounds like. But speaking of election hacking, Google packaged together some critical tools to help safeguard the vote digitally around the world. The company's also made strides in Android security, although half of all Android devices didn't get a security update in 2016, so there are still plenty of strides to go.
WikiLeaks popped up again with some dusty old Mac (but still pretty clever) exploits. And a devious, more current attack called DoubleAgent manages to turn antivirus software into malware.
Other highlights? A long look at the crazy search for Russia's most notorious hacker. One quick trick that can make your Instagram account safer. And teach a man not to be phished.
And there’s more. Each Saturday we round up the news stories that we didn’t break or cover in depth but that still deserve your attention. As always, click on the headlines to read the full story in each link posted. And stay safe out there.
What to do if you’re a giant shipping company that relies on an increasingly outdated plugin to print shipping labels? If you’re FedEx, you try to entice your customers to embrace the past and install Flash. And you do it with a five dollar promo code. The deal was spotted across the web at the end of the week, though currently appears to have been pulled. It’s unclear whether that’s due to overwhelming demand or ridicule. Flash, of course, should die.
Authorities finally caught to the person allegedly behind many of the bomb threats that targeted Jewish Community Centers around the US. The 19-year-old Israeli-American apparently used an anonymizing service called SpoofCard, tied to a disposable Google Voice number, to cover his tracks. But as the Daily Beast reports, the alleged hoaxer failed to use a proxy server at least one time, making his real IP address discoverable.
Two weeks ago, WikiLeaks leader Julian Assange pledged to help tech companies patch the vulnerabilities detailed in the CIA Vault 7 leak. Surprise! That hasn’t happened yet. While the group made initial contact, it apparently made the sharing of those vulnerabilities contingent on meeting unspecified demands. Meanwhile, it’s unclear if and when WikiLeaks will make the details of that code public.
