Spies hack Wi-Fi networks in far-off land to launch attack on target next door
“Nearest Neighbor Attack” finally lets Russia’s Fancy Bear into target’s Wi-Fi network.
Dan Goodin
–
|
39
Security
Microsoft president asks Trump to “push harder” against Russian hacks
Brad Smith wants US to take a tougher approach to state-sponsored cyberattacks.
Financial Times
–
|
113
5 charged in “Scattered Spider,” one of the most profitable phishing scams ever
Phishing attacks were so well-orchestrated that they fooled some of the best in the business.
Dan Goodin
–
|
55
Law enforcement operation takes down 22,000 malicious IP addresses worldwide
Operation Synergia II took aim at phishing, ransomware, and information stealing.
Dan Goodin
–
|
24
Suspect arrested in Snowflake data-theft attacks affecting millions
Threat actor exploited account credentials swept up by infostealers years earlier.
Dan Goodin
–
|
11
Hundreds of code libraries posted to NPM try to install malware on dev machines
These are not the the developer tools you think they are.
Dan Goodin
–
|
63
Here are 3 science-backed strategies to rein in election anxiety
A clinical psychologist offers guidance on how to deal with ramping stress.
The Conversation
–
|
478
As North Korean troops march toward Ukraine, does a Russian quid pro quo reach space?
The budding partnership between Russia and North Korea may now be blossoming into space.
Stephen Clark
–
|
368
Most Read
Thousands of hacked TP-Link routers used in yearslong account takeover attacks
The botnet is being skillfully used to launch "highly evasive" password-spraying attacks.
Dan Goodin
–
|
105
Android Trojan that intercepts voice calls to banks just got more stealthy
FakeCall malware can reroute calls intended for banks to attacker-controlled numbers.
Dan Goodin
–
|
35
Here’s the paper no one read before declaring the demise of modern cryptography
The advance was incremental at best. So why did so many think it was a breakthrough?
Dan Goodin
–
|
108
Kremlin-backed hackers have new Windows and Android malware to foist on Ukrainian foes
"Civil Defense" pushes hybrid espionage/influence campaign targeting recruits.
Dan Goodin
–
|
17
Location tracking of phones is out of control. Here’s how to fight back.
Unique IDs assigned to Android and iOS devices threaten your privacy. Who knew?
Dan Goodin
–
|
203
FortiGate admins report active exploitation 0-day. Vendor isn’t talking.
Vulnerability allowing remote code execution has been discussed since at least 9 days ago.
Dan Goodin
–
|
68
Here’s how SIM swap in alleged bitcoin pump-and-dump scheme worked
False information posted to official SEC account caused spike in the currency.
Dan Goodin
–
|
47
Android 15’s security and privacy features are the update’s highlight
New tools aim at phone snatchers, snooping kids or partners, and cell hijackers.
Kevin Purdy
–
|
66
Two accused of DDoSing some of the world’s biggest tech companies
Hospitals, government agencies, and a large roster of tech companies all targeted.
Dan Goodin
–
|
43
DNA confirms these 19th-century lions ate humans
“Tsavo Man-Eaters” killed dozens of people in late 1890s, including Kenya-Uganda Railway workers.
Jennifer Ouellette
–
|
42
Startup can identify deepfake video in real time
Reality Defender says it has a solution for AI-generated video scams.
WIRED
–
|
65
North Korean hackers use newly discovered Linux malware to raid ATMs
Once, FASTCash ran only on Unix. Then came Windows. Now it can target Linux, too.
Dan Goodin
–
|
38
Invisible text that AI chatbots understand and humans can’t? Yep, it’s a thing.
A quirk in the Unicode standard harbors an ideal steganographic code channel.
Dan Goodin
–
|
88
Archive.org, a repository of the history of the Internet, has a data breach
31 million records containing email addresses and password hashes exposed.
Dan Goodin
–
|
137
Two never-before-seen tools, from same group, infect air-gapped devices
It's hard enough creating one air-gap-jumping tool. GoldenJackal did it 2x in 5 years.
Dan Goodin
–
|
143
Thousands of Linux systems infected by stealthy malware since 2021
The ability to remain installed and undetected makes Perfctl hard to fight.
Dan Goodin
–
|
49
Attackers exploit critical Zimbra vulnerability using cc’d email addresses
When successful, attacks install a backdoor. Getting it to work reliably is another matter.
Dan Goodin
–
|
8
Crook made millions by breaking into execs’ Office365 inboxes, feds say
Email accounts inside 5 US companies unlawfully breached through password resets.
Dan Goodin
–
|
44
Systems used by courts and governments across the US riddled with vulnerabilities
With hundreds of courts and agencies affected, chances are one near you is, too.
Dan Goodin
–
|
36
Meta pays the price for storing hundreds of millions of passwords in plaintext
Company failed to follow one of the most sacrosanct rules for password storage.
Dan Goodin
–
|
190
AI bots now beat 100% of those traffic-image CAPTCHAs
I, for one, welcome our traffic light-identifying overlords.
Kyle Orland
–
|
99
Indicted NYC mayor to FBI: I, uh, forgot my phone’s passcode
I think it starts with a 2?
Nate Anderson
–
|
200
Flaw in Kia’s web portal let researchers track, hack cars
Bug let researchers track millions of cars, unlock doors, and start engines at will.
WIRED
–
|
117
Tails OS joins forces with Tor Project in merger
The organizations have worked closely together over the years.
Dan Goodin
–
|
58
NIST proposes barring some of the most nonsensical password rules
Proposed guidelines aim to inject badly needed common sense into password hygiene.
Dan Goodin
–
|
352
Hacker plants false memories in ChatGPT to steal user data in perpetuity
Emails, documents, and other untrusted content can plant malicious memories.
Dan Goodin
–
|
105
11 million devices infected with botnet malware hosted in Google Play
Necro infiltrated Google Play in 2019. It recently returned.
Dan Goodin
–
|
44
Google calls for halting use of WHOIS for TLS domain verifications
WHOIS data is unreliable. So why is it used in TLS certificate applications?
Dan Goodin
–
|
34