Security, Spoken

The Google Pixel 3 has all the betterments you would expect from a flashy flagship smartphone: great camera, zippy processor, smarter AI. It also, though, comes with an unexpected bonus, one that works so deeply in the background you’ll likely never even know it’s there. The Titan M chip may be small and discreet, but it helps make the Pixel 3 and its beefier sibling, the Pixel 3 XL, among the most secure smartphones you can buy. Learn about your ad choices: dovetail.prx.org/ad-choices

When Facebook announced at the end of September that it had suffered a data breach that ultimately affected 30 million accounts, it seemed, perhaps, like the work of sophisticated nation state hackers. But a new report from The Wall Street Journal suggests spammers as the culprit instead. That shouldn't make you feel that much better, though, given just how much damage criminals can do with the kind of information stolen from Facebook. It was, after all, a lot. Learn about your ad choices: dovetail.prx.org/ad-choices

In 2013, cybersecurity firm Mandiant published a blockbuster report on a state-sponsored hacking team known as APT1, or Comment Crew. The Chinese group achieved instant infamy, tied to the successful hacks of more than 100 US companies and the exfiltration of hundreds of terabytes of data. They also vanished in the wake of being exposed. Now, years later, researchers from security firm McAfee say they’ve found code based on APT1–associated malware cropping up in a new set of attacks. Learn about your ad choices: dovetail.prx.org/ad-choices

One nice thing about using web-based services is that you rarely need to take charge. You just sign up for an account, and instantly access your data from anywhere on any device without having to know how the internet works, much less how to configure a server. But that lack of control over the process is also, increasingly, the problem. Companies hold your data on their servers, which means it could get used in ways you—and sometimes even they—don't realize. Learn about your ad choices: dovetail.prx.org/ad-choices

After two weeks of investigation, Facebook announced additional details on Friday of how attackers carried out a massive breach of the social network that compromised accounts for tens of millions of users. The company downgraded its estimate of how many users had their access tokens stolen from an original estimate of at least 50 million to 30 million—and shed new light on exactly how an attack of this magnitude happened in the first place. Learn about your ad choices: dovetail.prx.org/ad-choices

When you give an organization your data, and then that data gets exposed or stolen, you probably want to know about it. Seems simple enough. If a friend lost your sweater, you'd expect him to tell you. But a seemingly endless parade of massive data exposures—including, most recently, at Facebook and Google—reveal just how complicated that practice of disclosure can be. Learn about your ad choices: dovetail.prx.org/ad-choices

With the exception of President Trump’s legal team, no one has been watching the Mueller investigation more closely than Garrett Graff. Graff, a historian and journalist, wrote the book on Robert Mueller (literally), has interviewed him probably more than any other journalist, and covers the investigation for WIRED. Learn about your ad choices: dovetail.prx.org/ad-choices

The good news: A recent scourge of fake Adobe installers really does update you to the latest version of Flash. The bad news: It places cryptomining malware on your machine in the meantime. The Hack Researchers at Palo Alto Networks this week warned of the latest evolution in both cryptojacking and fake Flash updates, two popular forms of cyber malfeasance united in one unpleasant parcel. Learn about your ad choices: dovetail.prx.org/ad-choices

At the end of last month, Facebook made a bombshell disclosure: As many as 90 million of its users may have had their so-called access tokens—which keep you logged into your account, so you don't have to sign in every time—stolen by hackers. Friday, the company put the actual number at 30 million. Here's how to see if you were one of them, and if so, what the hackers got from your account. Learn about your ad choices: dovetail.prx.org/ad-choices

For years, the Kremlin's increasingly aggressive hackers have reached across the globe to hit targets with everything from simple phishing schemes to worms built from leaked NSA zero day vulnerabilities. Now, law enforcement agencies in the US and Europe have detailed another, far more hands-on tactic: Snooping on Wi-Fi from a vehicle parked a few feet away from a target office—or even from a laptop inside their hotel. Learn about your ad choices: dovetail.prx.org/ad-choices