Comparitech reports that a bookseller and publisher in Mexico, Librería Porrúa, left a MongoDB instance publicly accessible. The bookseller was warned by researchers on July 15th that its database was accessible, but apparently did not take action to secure it in time. Criminals claim to have copied the data, then wiped them. They've demanded 500 Bitcoin, almost $6 million, to restore the data. The affected database contained 2.1 million customer records, according to Information Security.
Another destructive attack, GermanWiper, is destroying files in victim systems and then demanding ransom for their restoration, Computing reports. In this case, however, restoration seems impossible. BleepingComputer describes the attack: the infection vector is a phishing email, and the phishbait is a polite inquiry about a job opening from "Lena Kretschmer." Once a system is infected, the ransom note says the data are encrypted, but in fact they're gone, overwritten.
Both Apple and Amazon have changed how their digital assistants handle users' commands and ambient conversations. Apple told TechCruch it was suspending "grading" Siri's responses by having contractors review them. Users will in the near future be given the choice of opting into or out of such grading. Bloomberg reports that Amazon has also given users the option of declining human review of their interactions with Alexa.
Investigators are working through the digital exhaust of the El Paso and Dayton shooters, and are finding the sadly familiar disinhibition and self-absorbed nihilism so often seen among those who've made the ascent into a life lived online.