Florida Man Accused of Hacking Disney World Menus, Changing Font to Wingdings

With conscionable days to spell until the 2024 statesmanlike election successful the United States, WIRED reported connected documents that revealed US authorities assessments astir aggregate components of predetermination information and stability. First obtained by the nationalist information transparency nonprofit Property of the People, 1 study distributed by the US Department of Homeland Security successful October assessed that financially motivated cybercriminals and ideologically motivated hacktivists are much apt than state-backed hackers to onslaught US predetermination infrastructure. Another authorities memo warned of the hazard to the predetermination of insider threats, noting that specified interior malfeasance “could derail oregon jeopardize a just and transparent predetermination process.”

With truthful overmuch astatine involvement successful a hyper-polarized and combative climate, US elections person go progressively militarized, with bulletproof glass, drones, antiaircraft blockades, and snipers protecting predetermination offices, and predetermination officials bracing for the anticipation of convulsive attacks. A WIRED probe besides revealed a palmy CIA hack of Venezuela’s subject payroll strategy that was part of a clandestine Trump medication effort to overthrow the country’s autocratic president, Nicolás Maduro.

In different cybersecurity news, WIRED did a heavy dive into the firewall vendor Sophos’ five-year turf warfare to effort to region Chinese hackers moving espionage operations connected immoderate susceptible devices—and support them out. And researchers pass that a “critical” zero-click vulnerability successful a default photograph app connected Synology network-attached retention devices could beryllium exploited by hackers to bargain information oregon infiltrate networks.

As always, there’s more. Each week, we circular up the information and privateness quality we didn’t screen successful extent ourselves. Click the headlines to work the afloat stories. And enactment harmless retired there.

Ex-Disney Employee Accused of Hacking Disney World Menus, Changing Font to Wingdings

A Disney worker who was fired from the institution and inactive had entree to its passwords allegedly hacked into the bundle utilized by Walt Disney World’s restaurants, according to reporting by 404 Media and Court Watch. A transgression ailment against Michael Scheuer claims helium repeatedly accessed the third-party menu-creation strategy created for Disney and changed menus, including changing fonts to Windings—the font made up wholly of symbols.

“The fonts were renamed by the menace histrion to support the sanction of the archetypal font, but the existent characters appeared arsenic symbols,” the transgression ailment says. “As a effect of this change, each of the menus wrong the database were unusable due to the fact that the font changes propagated passim the database.”

The allegations aren’t constricted to whimsical font vandalism, however. The national ailment besides details however Scheuer allegedly changed paper listings to accidental that foods with peanuts successful them were harmless for radical with allergies, tried to log into Disney employees’ accounts, locked 14 employees retired of their accounts by trying to log successful with an automated script, and maintained a folder of idiosyncratic accusation astir employees and turned up astatine 1 person’s home. A lawyer representing Scheuer did not remark connected the allegations.

Redline Infostealer Taken Offline After Infecting Millions of Computers

For the past fewer years, infostealers person go a fashionable instrumentality of prime for hackers, from cybercriminals trying to marque wealth to blase federation authorities groups. The malware, which is often bundled into pirated software, uses web browsers to cod usernames and passwords, cookies, fiscal information, and different information you participate into your computer. This week, cops astir the satellite took down the Redline infostealer, which has been utilized to drawback much than 170 cardinal pieces of accusation and has been linked to large-scale hacks. An astir identical infostealer called Meta was besides disrupted. As portion of Operation Magnus, US officials identified Russian nationalist Maxim Rudometov arsenic being down the improvement of Redline. As TechCrunch reports, Rudometov was identified pursuing a bid of operational information errors, including reusing online handles and emails crossed societal media apps and different websites. In its transgression complaint, the US Department of Justice pointed retired Rudometov’s dating profile, which seemingly has “liked” 89 different users and received nary likes successful return.

Strava Data Leaks Sensitive Locations of World Leaders (Again)

In January 2018, it emerged that GPS information from moving and cycling app Strava could exposure concealed subject locations and the movements of radical exercising astir them. Officials warned that it was a clear information risk. Years later, galore seemingly haven’t paid attention. French paper Le Monde has revealed successful a bid of stories that US Secret Service agents are leaking their information done the fittingness app, allowing the movements of Joe Biden, Donald Trump, and Kamala Harris to beryllium tracked. Security unit linked to French president Emmanuel Macron and Russian president Vladimir Putin are likewise exposing their movements. Those exposing their information utilized nationalist profiles and often posted runs starting oregon finishing astatine the locations they were staying during authoritative trips. Included successful the leaks were bodyguards linked to Putin who were moving adjacent a palace the Russian person has denied owning.

A Huge Hacking Scandal Rocks Italy—and May Be Spreading

Italian prosecutors placed 4 radical nether location apprehension and revealed they are investigating astatine slightest 60 others aft an quality steadfast successful the state allegedly hacked authorities databases and gathered accusation connected much than 800,000 people. Intelligence institution Equalize allegedly gathered accusation astir immoderate of Italy’s most salient politicians, entrepreneurs, and sports stars, Politico reported. It is alleged that the accusation accessed included slope transactions, constabulary investigations, and more. The hacked accusation was reportedly sold oregon perchance utilized arsenic portion of extortion attempts, with those down the strategy allegedly earning €3.1 million. The scandal, which has enraged Italian politicians, whitethorn besides beryllium wider than conscionable its interaction successful Italy, with the latest reports suggesting Equalize counted Israeli quality and the Vatican arsenic clients.