There's no such thing as summer vacation in security, and researchers started off this week by disclosing a problematic flaw in Intel processors[1] that undermines the company's so-called secure enclave offering, and potentially other capabilities like virtual machines. A different group of analysts realized that they could potentially take a power grid down[2] by conscripting air conditioners, water heaters, and other devices into a botnet and coordinating a massive power draw. And yet another research team exposed risks in how developers manage app storage[3] on Android. Plus, an analysis of five body camera models found that the devices are deeply insecure[4] and vulnerable to an array of attacks, including the troubling potential for footage manipulation.
Activists in Syria are establishing a sensor network to give civilians advanced warning[5] about airstrikes, invisible mouse clicks (called "synthetic clicks") could let malware onto macOS devices[6], and vulnerabilities in fax machines are putting lots of corporate networks at risk[7]—even in 2018. Meanwhile, WIRED analyzed seven Fortnite imposter apps[8] and found all the malware and general sketchy junk you'd expect, and researchers are developing methods for tracking and identifying hackers through behavioral patterns[9].
At the Voting Machine Hacking Village during DefCon in Las Vegas, election officials from numerous states made a concerted plea for more election infrastructure funding[10]. Researchers have found a tough, but clever way to turn Amazon Echoes into surveillance devices[11]. And if you saw that AP investigation into Google's persistent user location tracking[12], or if you didn't, here's how to opt out[13] on an even deeper level.
Plus, there's more. As always,