![](\"https:\/\/media.wired.com\/photos\/5c79a07ae388bf6b85aee07b\/master\/pass\/NK-Hack-971909728.jpg\"\/)
<\/p>\n<\/p>\n
Credit to Author: Emily Dreyfuss| Date: Sat, 02 Mar 2019 14:00:00 +0000<\/strong><\/p>\n Attention this week <\/span>bent toward the House Oversight Committee, where President Trump\u2019s former lawyer Michael Cohen testified<\/a> Wednesday that the president was \u201ca conman.\u201d WIRED\u2019s resident Mueller investigation expert Garrett Graff had five takeaways<\/a> from the testimony. And while the politicians in the room grandstanded, Graff concluded that Cohen himself looked more credible than ever<\/a>.<\/p>\n So riveting was the hearing\u2014which included heated arguments about race, scandalous details about payoffs, and whispered collusion about meetings with Russia\u2014that you\u2019d be forgiven for missing that other things actually happened this week, too.<\/p>\n There was the whole summit with North Korea, which fell apart and revealed<\/a> that President Trump can\u2019t make a nuclear deal with a hostile enemy nation on his own. We also learned that US government hackers turned off the internet<\/a> for the Russian troll factory known as the Internet Research Agency during last year\u2019s midterm elections. The FTC hit TikTok<\/a> with what the agency says is the largest ever fine for violating children\u2019s online privacy.<\/p>\n Email scammers are now accepting iTunes gift cards<\/a>. Holes in 4G and 5G network protocols<\/a> apparently let hackers track your phone and listen in on your conversations\u2014so, yeah, that\u2019s comforting. And researchers found a new way<\/a> to slip malware into cloud servers.<\/p>\n One piece of good news from the week: Android is now onboard<\/a> with the \u201ckill passwords\u201d movement, and will help get rid of that kludgy old security protocol for more than a billion devices.<\/p>\n But of course, there's more! Each week we round up all the news we didn\u2019t break or cover in depth. Click on the headlines to read the full stories. And stay safe out there.<\/p>\n As with almost every high-profile geopolitical event, this week\u2019s summit between the US and North Korea inspired a flurry of hacking activity. Hackers sent out spearphishing emails, purporting to invite recipients to Seoul to analyze the summit with a group calling itself the \u201cKorea-U.S. Friendship Society.\u201d The email invitations included an attachment with malware code that researchers have previously associated with North Korean operatives. During President Trump\u2019s first meeting with North Korea last year, there was a similar \u201cspike in malware\u201d from presumed North Korean hackers, one expert told CyberScoop. Last year, they reportedly breached companies across the globe while the summit was happening. So far this year\u2019s efforts appear to have been tamer.<\/p>\n Financial institutions like Dow Jones keep track of high-risk individuals and companies across the world, to help clients make sure they don\u2019t get their business tangled up with terrorists or people who have sanctions against them, for instance. This week, Dow Jones\u2019 database, which was hosted on Amazon Web Services, leaked. According to TechCrunch, a security researcher<\/a> found all 2.4 million entries on the database exposed. Among those listed were politicians, terrorists, and people linked to financial fraud. This isn\u2019t the first time a watchlist like this has leaked; three years ago a similar list maintained by financial institution Thomson Reuters also leaked<\/a>.<\/p>\n In keeping with the global trend toward an authoritarian-style internet<\/a>, this week Thailand passed a cybersecurity law touted as protecting people from hacks. However, its vague wording and emphasis on allowing the government to access data and computer equipment without any kind of court order has critics around the world and in Thailand worried that it will usher in an era of massive surveillance. \u201cThis would give the regime sweeping powers to monitor online traffic in the name of an emergency or as a preventive measure, potentially compromising private and corporate data,\u201d Jeff Paine, managing director of the Asia Internet Coalition, said in a statement<\/a>. Thailand has been governed by a military junta since a 2014 coup, and has been accused of censorship<\/a> repeatedly in its short rule. This new law, which passed through parliament with no objections, is right out of the Chinese playbook<\/a> that encourages cybersecurity laws crafted to enable government surveillance, censorship, and control.<\/p>\n There\u2019s this controversial Italian hacking group called, creatively, Hacking Team, which has over the years been caught selling hacking tools to authoritarian governments<\/a>. As a result, Hacking Team is a bit of a persona non grata in the security community. This week, the stench from Hacking Team\u2019s misdeeds wafted over and sullied cryptocurrency exchange Coinbase, after news came out that Coinbase had purchased a startup founded<\/a> by three former Hacking Team members, according to Motherboard. Some Coinbase users were so upset they started a social media campaign to #DeleteCoinbase. But they found it wasn\u2019t so simple. To leave Coinbase, they have to have an account balance of zero, but some members had \u201cinfinitesimal fractions of cryptocurrency called \u2018dust\u2019 in their accounts,\u201d according to Motherboard, which made it hard to actually go through with their protest closures. Now they are reportedly getting around it by sending their dust to other users before closing.<\/p>\n